Rather than changing the host intercepts in
nested_svm_vmrun, mask the intercepts we only want to see
from the guest out in recalc_intercepts.
Signed-off-by: Joerg Roedel <joerg.roedel@xxxxxxx>
---
arch/x86/kvm/svm.c | 17 ++++++++++-------
1 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index c83315a..ab48dd4 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -102,6 +102,9 @@ struct nested_state {
u32 intercept_exceptions;
u64 intercept;
+ /* Mask of relevant host intercepts for recalculation */
+ u32 intercept_cr_mask;
+
/* Nested Paging related state */
u64 nested_cr3;
@@ -250,10 +253,11 @@ static void recalc_intercepts(struct vcpu_svm *svm)
h = &svm->host_vmcb->control;
g = &svm->nested;
- c->intercept_cr = h->intercept_cr | g->intercept_cr;
+ c->intercept_cr = (h->intercept_cr & g->intercept_cr_mask) |
+ g->intercept_cr;
c->intercept_dr = h->intercept_dr | g->intercept_dr;
c->intercept_exceptions = h->intercept_exceptions | g->intercept_exceptions;
- c->intercept = h->intercept | g->intercept;
+ c->intercept = (h->intercept & ~(INTERCEPT_VMMCALL)) | g->intercept;
}
static inline void set_cr_intercept(struct vcpu_svm *svm, int bit)
@@ -2376,13 +2380,12 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
svm->vcpu.arch.hflags |= HF_VINTR_MASK;
/* We only want the cr8 intercept bits of the guest */
- clr_cr_intercept(svm, INTERCEPT_CR8_READ);
- clr_cr_intercept(svm, INTERCEPT_CR8_WRITE);
+ svm->nested.intercept_cr_mask = ~(INTERCEPT_CR8_READ |
+ INTERCEPT_CR8_WRITE);
+ } else {
+ svm->nested.intercept_cr_mask = 0ULL;
}
- /* We don't want to see VMMCALLs from a nested guest */
- clr_intercept(svm, INTERCEPT_VMMCALL);
-
if (nested_vmcb->control.nested_ctl) {
kvm_mmu_unload(&svm->vcpu);
svm->nested.nested_cr3 = nested_vmcb->control.nested_cr3;
--
1.7.4.1
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
