Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp2480328imd; Fri, 2 Nov 2018 12:08:28 -0700 (PDT) X-Google-Smtp-Source: AJdET5eO/BxWfML25M+keQicj9H9psmbIiWAofDBnqRRhNM7xzWXFMLyDH54U8e0lLFupSBstHtr X-Received: by 2002:a63:525e:: with SMTP id s30-v6mr12077773pgl.436.1541185708143; Fri, 02 Nov 2018 12:08:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541185708; cv=none; d=google.com; s=arc-20160816; b=faLi5bumWsC/lOSYyBs6HiIWC4VfcWYkRIg+Zc02ac49HOP3+LJOSs+rNh0LwTjmZr thisvJkgr5386HB62VYu4JGCASnZ9seNIdEwdO5UrZ3yDouB3awRLmB6In9xGNDLrXiJ BXIqJt6/vcbz4cz1uR0E9XjOHyNfkqTDhPT5VjWYEK6oPqKY8l7BhHz5Vsmw8QvhnGym G+E1WvTJmlDeLn9Cp4I+/3yFu3MWiuvju645OEM+tXZwKJc6VEvdLbIzAXljINBKAVpx SwkAa6+f0agbS23leiQFV1cNxytmdJyKcG0OpHxuuJoOj4a14lCW/zCb/596zsWP1Mql Vfqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=xmC6A9RmiyGwzvcy0bQ1u5Klu1BVNE7110TO3f55R7o=; b=QH8qNXg1vGbSmKF8YJanV4E6HNNte0U/YRLS34rWbSE6SLUEjMOU3bAo51bLtZz3ba DFJmh/lxTbMSkNpyIynUVQsjAbOp4Nh/WRTquA+zo0B5NGEOlHIB9VTPdLb/r/zjGKkX WlvyVBQKvjiDxYshBalaQHGV17jyyIzOgpbn0veXj4uEMa7+HmtkMSy2SwLYpIYkw6Cb 0l63ZA+EHHriK4YEYQsREjTsbd4koMCc1VB1byJkDbbMNKXray7ER/GK28XytjkUiIb/ 0GTJ5YPO4Fc7tMQTXVkhRdGEiOn+3aNaAwf8DoYW3i1uL+8/iCqK2Q31Q3zUJYUQe453 eArg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=S7FiKTmw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f38-v6si36318548plb.168.2018.11.02.12.08.12; Fri, 02 Nov 2018 12:08:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=S7FiKTmw; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728726AbeKCDsY (ORCPT + 99 others); Fri, 2 Nov 2018 23:48:24 -0400 Received: from mail.kernel.org ([198.145.29.99]:42692 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728250AbeKCDsY (ORCPT ); Fri, 2 Nov 2018 23:48:24 -0400 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id ACA172082E; Fri, 2 Nov 2018 18:40:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1541184012; bh=4OByuoP9deREC6tvuXlbsfGcAHigc5vWGed7XZtmiH4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=S7FiKTmwliekMIlLRPB7PibqoKYTjMgMkONfRyBXVrxu7N4rj2f65y2IkJA9ACV/5 /oAzsqiI+vTfUyKURyv9I8PlaTw3nXdEonBc3j3Q6BU/syZ69eHfNx6/WPZtyo75DF D0rHVMzzGQ8NdbK28LHuFbn5SGNxiPS79+ytK+Kk= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Eyal Moscovici , Nikita Leshchenko , Darren Kenny , Liran Alon , Paolo Bonzini , Sasha Levin Subject: [PATCH 4.18 050/150] KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled Date: Fri, 2 Nov 2018 19:33:32 +0100 Message-Id: <20181102182906.959285072@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181102182902.250560510@linuxfoundation.org> References: <20181102182902.250560510@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.18-stable review patch. If anyone has any objections, please let me know. ------------------ [ Upstream commit 5f76f6f5ff96587af5acd5930f7d9fea81e0d1a8 ] Before this commit, KVM exposes MPX VMX controls to L1 guest only based on if KVM and host processor supports MPX virtualization. However, these controls should be exposed to guest only in case guest vCPU supports MPX. Without this change, a L1 guest running with kernel which don't have commit 691bd4340bef ("kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS") asserts in QEMU on the following: qemu-kvm: error: failed to set MSR 0xd90 to 0x0 qemu-kvm: .../qemu-2.10.0/target/i386/kvm.c:1801 kvm_put_msrs: Assertion 'ret == cpu->kvm_msr_buf->nmsrs failed' This is because L1 KVM kvm_init_msr_list() will see that vmx_mpx_supported() (As it only checks MPX VMX controls support) and therefore KVM_GET_MSR_INDEX_LIST IOCTL will include MSR_IA32_BNDCFGS. However, later when L1 will attempt to set this MSR via KVM_SET_MSRS IOCTL, it will fail because !guest_cpuid_has_mpx(vcpu). Therefore, fix the issue by exposing MPX VMX controls to L1 guest only when vCPU supports MPX. Fixes: 36be0b9deb23 ("KVM: x86: Add nested virtualization support for MPX") Reported-by: Eyal Moscovici Reviewed-by: Nikita Leshchenko Reviewed-by: Darren Kenny Signed-off-by: Liran Alon Signed-off-by: Paolo Bonzini Signed-off-by: Sasha Levin --- arch/x86/kvm/vmx.c | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 32721ef9652d..ea691ddfc3aa 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -3395,9 +3395,6 @@ static void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, bool apicv) VM_EXIT_LOAD_IA32_EFER | VM_EXIT_SAVE_IA32_EFER | VM_EXIT_SAVE_VMX_PREEMPTION_TIMER | VM_EXIT_ACK_INTR_ON_EXIT; - if (kvm_mpx_supported()) - msrs->exit_ctls_high |= VM_EXIT_CLEAR_BNDCFGS; - /* We support free control of debug control saving. */ msrs->exit_ctls_low &= ~VM_EXIT_SAVE_DEBUG_CONTROLS; @@ -3414,8 +3411,6 @@ static void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, bool apicv) VM_ENTRY_LOAD_IA32_PAT; msrs->entry_ctls_high |= (VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR | VM_ENTRY_LOAD_IA32_EFER); - if (kvm_mpx_supported()) - msrs->entry_ctls_high |= VM_ENTRY_LOAD_BNDCFGS; /* We support free control of debug control loading. */ msrs->entry_ctls_low &= ~VM_ENTRY_LOAD_DEBUG_CONTROLS; @@ -10825,6 +10820,23 @@ static void nested_vmx_cr_fixed1_bits_update(struct kvm_vcpu *vcpu) #undef cr4_fixed1_update } +static void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu) +{ + struct vcpu_vmx *vmx = to_vmx(vcpu); + + if (kvm_mpx_supported()) { + bool mpx_enabled = guest_cpuid_has(vcpu, X86_FEATURE_MPX); + + if (mpx_enabled) { + vmx->nested.msrs.entry_ctls_high |= VM_ENTRY_LOAD_BNDCFGS; + vmx->nested.msrs.exit_ctls_high |= VM_EXIT_CLEAR_BNDCFGS; + } else { + vmx->nested.msrs.entry_ctls_high &= ~VM_ENTRY_LOAD_BNDCFGS; + vmx->nested.msrs.exit_ctls_high &= ~VM_EXIT_CLEAR_BNDCFGS; + } + } +} + static void vmx_cpuid_update(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); @@ -10841,8 +10853,10 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu) to_vmx(vcpu)->msr_ia32_feature_control_valid_bits &= ~FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX; - if (nested_vmx_allowed(vcpu)) + if (nested_vmx_allowed(vcpu)) { nested_vmx_cr_fixed1_bits_update(vcpu); + nested_vmx_entry_exit_ctls_update(vcpu); + } } static void vmx_set_supported_cpuid(u32 func, struct kvm_cpuid_entry2 *entry) -- 2.17.1