Fix bugs in KVM's (mis)handling of secondary execution controls.
KVM overrides the secondary execution control VMX MSR during KVM_SET_CPUID.
Similar to the somewhat recent reverts
8805875aa473 ("Revert "KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled"")
9389d5774aca ("Revert "KVM: nVMX: Expose load IA32_PERF_GLOBAL_CTRL VM-{Entry,Exit} control"")
undo misguided KVM behavior where KVM overrides allowed-1 settings in the
secondary execution controls in response to changes to the guest's CPUID
model. To avoid breaking userspace that doesn't take ownership of the
VMX MSRs, go hands off if and only if userpace sets the MSR in question.
Before fixing that, fix another bug it was hiding where the umwait/tpause
control was being exposed to L1 for nVMX only after KVM_SET_CPUID, and
harden KVM against similar bugs in the future.
v2: Fix the ENABLE_USR_WAIT_PAUSE bug too. [Aaron]
v1: https://lore.kernel.org/all/20221110005706.1064832-1-seanjc@xxxxxxxxxx
Sean Christopherson (4):
KVM: nVMX: Properly expose ENABLE_USR_WAIT_PAUSE control to L1
KVM: nVMX: Don't stuff secondary execution control if it's not
supported
KVM: nVMX: Don't muck with allowed sec exec controls on CPUID changes
KVM: selftests: Test KVM's handling of VMX's sec exec MSR on
KVM_SET_CPUID
arch/x86/kvm/vmx/capabilities.h | 1 +
arch/x86/kvm/vmx/nested.c | 6 +-
arch/x86/kvm/vmx/vmx.c | 17 +++-
.../selftests/kvm/include/x86_64/processor.h | 1 +
.../selftests/kvm/include/x86_64/vmx.h | 4 +-
.../selftests/kvm/x86_64/vmx_msrs_test.c | 92 +++++++++++++++++++
6 files changed, 116 insertions(+), 5 deletions(-)
base-commit: 02076de83f4de19a045227b9d44084a30e936c26
--
2.39.0.rc1.256.g54fd8350bd-goog
