-stable review patch. If anyone has any objections, please let us know.
---------------------
From: Avi Kivity <[email protected]>
upstream commit: 16175a796d061833aacfbd9672235f2d2725df65
vmx_set_msr() does not allow i386 guests to touch EFER, but they can still
do so through the default: label in the switch. If they set EFER_LME, they
can oops the host.
Fix by having EFER access through the normal channel (which will check for
EFER_LME) even on i386.
Reported-and-tested-by: Benjamin Gilbert <[email protected]>
Cc: [email protected]
Signed-off-by: Avi Kivity <[email protected]>
Signed-off-by: Chris Wright <[email protected]>
---
arch/x86/kvm/vmx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -928,11 +928,11 @@ static int vmx_set_msr(struct kvm_vcpu *
int ret = 0;
switch (msr_index) {
-#ifdef CONFIG_X86_64
case MSR_EFER:
vmx_load_host_state(vmx);
ret = kvm_set_msr_common(vcpu, msr_index, data);
break;
+#ifdef CONFIG_X86_64
case MSR_FS_BASE:
vmcs_writel(GUEST_FS_BASE, data);
break;