Exceptions cannot be explicitly injected from Hypervisor to Secure
AVIC guests. So, clear exceptions intercepts so that all exceptions
are routed directly to such guests.
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@xxxxxxx>
---
arch/x86/kvm/svm/sev.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index d8413c7f4832..5106afc40cc8 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -4786,8 +4786,17 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm)
set_msr_interception(vcpu, svm->msrpm, MSR_EFER, 1, 1);
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_CR_PAT, 1, 1);
- if (sev_savic_active(vcpu->kvm))
+ if (sev_savic_active(vcpu->kvm)) {
set_msr_interception(vcpu, svm->msrpm, MSR_AMD64_SECURE_AVIC_CONTROL, 1, 1);
+
+ /* Clear all exception intercepts. */
+ clr_exception_intercept(svm, PF_VECTOR);
+ clr_exception_intercept(svm, UD_VECTOR);
+ clr_exception_intercept(svm, MC_VECTOR);
+ clr_exception_intercept(svm, AC_VECTOR);
+ clr_exception_intercept(svm, DB_VECTOR);
+ clr_exception_intercept(svm, GP_VECTOR);
+ }
}
void sev_init_vmcb(struct vcpu_svm *svm)
--
2.34.1
