In a nested VM environment, a vCPU can run either an L1 or L2 VM. If the L0 VMM tries to configure L1 VM registers via the KVM_SET_REGS ioctl while the vCPU is running an L2 VM, it may inadvertently modify the L2 VM's registers, corrupting the L2 VM. To avoid this error, registers should be treated as read-only when the vCPU is actively running an L2 VM. Signed-off-by: Liang Chen <liangchen.linux@xxxxxxxxx> Reported-by: syzbot+988d9efcdf137bc05f66@xxxxxxxxxxxxxxxxxxxxxxxxx Closes: https://lore.kernel.org/all/0000000000007a9acb06151e1670@xxxxxxxxxx --- arch/x86/kvm/x86.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 91478b769af0..30f63a7dd120 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -11527,6 +11527,12 @@ static void __set_regs(struct kvm_vcpu *vcpu, struct kvm_regs *regs) int kvm_arch_vcpu_ioctl_set_regs(struct kvm_vcpu *vcpu, struct kvm_regs *regs) { + /* + * Prevent L0 VMM from inadvertently modifying L2 VM registers directly. + */ + if (is_guest_mode(vcpu)) + return -EACCES; + vcpu_load(vcpu); __set_regs(vcpu, regs); vcpu_put(vcpu); -- 2.40.1
