On Wed, Mar 17, 2021, Paolo Bonzini wrote:
> On 16/03/21 19:44, Sean Christopherson wrote:
> > Always check vmcs01's MSR bitmap when merging L0 and L1 bitmaps for L2,
> > and always update the relevant bits in vmcs02. This fixes two distinct,
> > but intertwined bugs related to dynamic MSR bitmap modifications.
> >
> > The first issue is that KVM fails to enable MSR interception in vmcs02
> > for the FS/GS base MSRs if L1 first runs L2 with interception disabled,
> > and later enables interception.
> >
> > The second issue is that KVM fails to honor userspace MSR filtering when
> > preparing vmcs02.
> >
> > Fix both issues simultaneous as fixing only one of the issues (doesn't
> > matter which) would create a mess that no one should have to bisect.
> > Fixing only the first bug would exacerbate the MSR filtering issue as
> > userspace would see inconsistent behavior depending on the whims of L1.
> > Fixing only the second bug (MSR filtering) effectively requires fixing
> > the first, as the nVMX code only knows how to transition vmcs02's
> > bitmap from 1->0.
> >
> > Move the various accessor/mutators buried in vmx.c into vmx.h so that
> > they can be shared by the nested code.
> >
> > Fixes: 1a155254ff93 ("KVM: x86: Introduce MSR filtering")
> > Fixes: d69129b4e46a ("KVM: nVMX: Disable intercept for FS/GS base MSRs in vmcs02 when possible")
> > Cc: stable@xxxxxxxxxxxxxxx
> > Cc: Alexander Graf <graf@xxxxxxxxxx>
> > Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
> > ---
...
> Feel free to squash patch 3 in this one or reorder it before; it makes sense
> to make them macros when you go from 4 to 6 functions.
I put them in a separate patch so that backporting the fix for the older FS/GS
nVMX bug was at least feasible. Not worth it?
