Skip to content

Commit

Permalink
KVM: nSVM: only copy L1 non-VMLOAD/VMSAVE data in svm_set_nested_state()
Browse files Browse the repository at this point in the history 
The VMLOAD/VMSAVE data is not taken from userspace, since it will
not be restored on VMEXIT (it will be copied from VMCB02 to VMCB01).
For clarity, replace the wholesale copy of the VMCB save area
with a copy of that state only.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
  • Loading branch information
Paolo Bonzini committed Mar 15, 2021
1 parent 4bb170a commit c08f390
Showing 1 changed file with 18 additions and 2 deletions.
20 changes: 18 additions & 2 deletions arch/x86/kvm/svm/nested.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -717,7 +717,7 @@ int nested_svm_vmexit(struct vcpu_svm *svm)
/*
* Restore processor state that had been saved in vmcb01
*/
kvm_set_rflags(&svm->vcpu, svm->vmcb->save.rflags | X86_EFLAGS_FIXED);
kvm_set_rflags(&svm->vcpu, svm->vmcb->save.rflags);
svm_set_efer(&svm->vcpu, svm->vmcb->save.efer);
svm_set_cr0(&svm->vcpu, svm->vmcb->save.cr0 | X86_CR0_PE);
svm_set_cr4(&svm->vcpu, svm->vmcb->save.cr4);
Expand Down Expand Up @@ -1252,7 +1252,23 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu,
svm->nested.vmcb12_gpa = kvm_state->hdr.svm.vmcb_pa;
if (svm->current_vmcb == &svm->vmcb01)
svm->nested.vmcb02.ptr->save = svm->vmcb01.ptr->save;
svm->vmcb01.ptr->save = *save;

svm->vmcb01.ptr->save.es = save->es;
svm->vmcb01.ptr->save.cs = save->cs;
svm->vmcb01.ptr->save.ss = save->ss;
svm->vmcb01.ptr->save.ds = save->ds;
svm->vmcb01.ptr->save.gdtr = save->gdtr;
svm->vmcb01.ptr->save.idtr = save->idtr;
svm->vmcb01.ptr->save.rflags = save->rflags | X86_EFLAGS_FIXED;
svm->vmcb01.ptr->save.efer = save->efer;
svm->vmcb01.ptr->save.cr0 = save->cr0;
svm->vmcb01.ptr->save.cr3 = save->cr3;
svm->vmcb01.ptr->save.cr4 = save->cr4;
svm->vmcb01.ptr->save.rax = save->rax;
svm->vmcb01.ptr->save.rsp = save->rsp;
svm->vmcb01.ptr->save.rip = save->rip;
svm->vmcb01.ptr->save.cpl = 0;

nested_load_control_from_vmcb12(svm, ctl);

svm_switch_vmcb(svm, &svm->nested.vmcb02);
Expand Down

0 comments on commit c08f390

Please sign in to comment.