Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp1823618ybn; Thu, 26 Sep 2019 02:46:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqw71j6ZryZT/C29x9pvdSLWipRZ/E5JmJUO2fVE9UrbHxZXkcF8xNarA8qeNHchf9n2GCd6 X-Received: by 2002:a17:906:3190:: with SMTP id 16mr2242941ejy.202.1569491218433; Thu, 26 Sep 2019 02:46:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569491218; cv=none; d=google.com; s=arc-20160816; b=w7vum3L40omc/yuqlWNMkzLe0Gy0B4xpU7Et/fYbVXYfSHt9YivWQxpP6gredQlcY1 5f3hZetBp4r8xmsyXr+tFIdM+b2cgLLQwl2CPMfe454RQTWUBLatqfrh8M522VctHXw5 +Nnr4KL7kMK10C8WT0Xdk95xiOpZP0g2Z5vhLTSTzD1CeNMv5e5liQNiW0oDBSqNmiO9 851g2qpaiD2UfD2MBak+cFb2Glh8pqOL/bxRGdYkLG4gPoqJ4zUjJFgxLh408Dz/59BF TdP55jX0IOX3ykDOxwxK9q4ElLkUv6JdjGud5y27kmWdRoOGW9FtzLu31KQ2be3N0YEA KGWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature; bh=s+6/bt73F0nPkh+ms30j0ei78DCt1MwVFFVQl9AGl+A=; b=o3eWa/kiLndqWq0G+ceg16M68KlrwfL8hRkGl8puwZFMY41axGsXriua6wtX8SaKOS hjkD02CCGv9A63TiZ3sR3CTiRxvihOIoq33+3EFGvMTcJM2xy7xLkBwOC1JEame94IQY njENk/w+PqcBjP7XXSKuEHLPQ/s7Bh+FqN1bwlzLBT0sije2FkvSymAueeBRn/D+3gJp qtqX6MmtcETHDF+Z7iAi3ntCRMvAhgRKbsrWhcelZIOwekTn3VhsZ2YZR2C1Y0WoJwv+ 3MPyGyeUveWIfLsR0M+j40E/AlG868xvOcW6cB6WbM4J9nFdeBiHgW5/d37S1BIMbP3q Dbzw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=smygSNg9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id dv21si673066ejb.241.2019.09.26.02.46.35; Thu, 26 Sep 2019 02:46:58 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=smygSNg9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389217AbfIYQev (ORCPT + 99 others); Wed, 25 Sep 2019 12:34:51 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:33219 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725851AbfIYQeu (ORCPT ); Wed, 25 Sep 2019 12:34:50 -0400 Received: by mail-wr1-f66.google.com with SMTP id b9so7725985wrs.0; Wed, 25 Sep 2019 09:34:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id; bh=s+6/bt73F0nPkh+ms30j0ei78DCt1MwVFFVQl9AGl+A=; b=smygSNg9FtLOVqPacXXLuBqzZgNquwgf502lQnDrZZV5nuuo1H5s/ex7lbhjMHm7or W5f9sP6CfAj+zLQVBgnlN1BNRQ/Yiu10T/wrAw9PtG28Eo1CRYdl+oeO4TROcZzQS2WE gwrlNPb6xbDF/I7/AqayB1DVxtgWwm6oW+212q5UpYOTFsHGtpRbSfxhya14GvH7272F xF2+lsaLwAtHatm8iRhPM6GjMO0HOy/Lav8cY4AoZlp9nsHLgUnJQE6d3hAwA4UFEoXP kHb+O9tMEzdTX6lw0EXzCGtD23AqF+/TwTcoyhi/gSKJqU3FW7uNrqAnrBsso92RRSjy L0DQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id; bh=s+6/bt73F0nPkh+ms30j0ei78DCt1MwVFFVQl9AGl+A=; b=uZmx7b4QFSz0DPhpOGXmau4ueunQ4fmBukYnyHH5Wx0aemMq7K8b147ZLNuGZCGuu1 PsE7xfmOBrZwtQ7zV2agv6PS39wJ/POvEP2Ouafi3tDFedFe404OY4M4MyXSeQ7mjJkk YzflGrgcJzNqYSQjQLKJQnpaRDufAqkCHe7nwQzxcBP3a++T/XBUSmxi4BU3ZdWTZuy7 8rujjY9fEBkOuRxOdpmOiG5nw4WFUkA8uJ/Sy5M9NehHUyhXRspIgKoPsMN21ko+kJaM oAbWMQrKhMJs5wzViUhTA1MNKCA0tLexJg45x26wMBVss/iynnOecTfUFwcR5xqAOv3U gA4g== X-Gm-Message-State: APjAAAVIQ6Ek0N7+KapieCSoO+7xpyCkIQGYKG6jTlr4sdhng1+qFSEN mNO4yyNrQvRW7VeOr413qewreHdI X-Received: by 2002:a5d:4f86:: with SMTP id d6mr10247057wru.384.1569429288225; Wed, 25 Sep 2019 09:34:48 -0700 (PDT) Received: from 640k.lan ([93.56.166.5]) by smtp.gmail.com with ESMTPSA id b16sm9170000wrh.5.2019.09.25.09.34.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 25 Sep 2019 09:34:47 -0700 (PDT) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Sean Christopherson , Jim Mattson , Krish Sadhukhan Subject: [PATCH] KVM: nVMX: cleanup and fix host 64-bit mode checks Date: Wed, 25 Sep 2019 18:34:46 +0200 Message-Id: <1569429286-35157-1-git-send-email-pbonzini@redhat.com> X-Mailer: git-send-email 1.8.3.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org KVM was incorrectly checking vmcs12->host_ia32_efer even if the "load IA32_EFER" exit control was reset. Also, some checks were not using the new CC macro for tracing. Cleanup everything so that the vCPU's 64-bit mode is determined directly from EFER_LMA and the VMCS checks are based on that, which matches section 26.2.4 of the SDM. Cc: Sean Christopherson Cc: Jim Mattson Cc: Krish Sadhukhan Fixes: 5845038c111db27902bc220a4f70070fe945871c Signed-off-by: Paolo Bonzini --- arch/x86/kvm/vmx/nested.c | 53 ++++++++++++++++++++--------------------------- 1 file changed, 22 insertions(+), 31 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 70d59d9304f2..e108847f6cf8 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2664,8 +2664,26 @@ static int nested_vmx_check_host_state(struct kvm_vcpu *vcpu, CC(!kvm_pat_valid(vmcs12->host_ia32_pat))) return -EINVAL; - ia32e = (vmcs12->vm_exit_controls & - VM_EXIT_HOST_ADDR_SPACE_SIZE) != 0; +#ifdef CONFIG_X86_64 + ia32e = !!(vcpu->arch.efer & EFER_LMA); +#else + if (CC(vmcs12->vm_entry_controls & VM_ENTRY_IA32E_MODE)) + return -EINVAL; + + ia32e = false; +#endif + + if (ia32e) { + if (CC(!(vmcs12->vm_exit_controls & VM_EXIT_HOST_ADDR_SPACE_SIZE)) || + CC(!(vmcs12->host_cr4 & X86_CR4_PAE))) + return -EINVAL; + } else { + if (CC(vmcs12->vm_exit_controls & VM_EXIT_HOST_ADDR_SPACE_SIZE) || + CC(vmcs12->vm_entry_controls & VM_ENTRY_IA32E_MODE) || + CC(vmcs12->host_cr4 & X86_CR4_PCIDE) || + CC(((vmcs12->host_rip) >> 32) & 0xffffffff)) + return -EINVAL; + } if (CC(vmcs12->host_cs_selector & (SEGMENT_RPL_MASK | SEGMENT_TI_MASK)) || CC(vmcs12->host_ss_selector & (SEGMENT_RPL_MASK | SEGMENT_TI_MASK)) || @@ -2684,35 +2702,8 @@ static int nested_vmx_check_host_state(struct kvm_vcpu *vcpu, CC(is_noncanonical_address(vmcs12->host_gs_base, vcpu)) || CC(is_noncanonical_address(vmcs12->host_gdtr_base, vcpu)) || CC(is_noncanonical_address(vmcs12->host_idtr_base, vcpu)) || - CC(is_noncanonical_address(vmcs12->host_tr_base, vcpu))) - return -EINVAL; - - if (!(vmcs12->host_ia32_efer & EFER_LMA) && - ((vmcs12->vm_entry_controls & VM_ENTRY_IA32E_MODE) || - (vmcs12->vm_exit_controls & VM_EXIT_HOST_ADDR_SPACE_SIZE))) { - return -EINVAL; - } - - if ((vmcs12->host_ia32_efer & EFER_LMA) && - !(vmcs12->vm_exit_controls & VM_EXIT_HOST_ADDR_SPACE_SIZE)) { - return -EINVAL; - } - - if (!(vmcs12->vm_exit_controls & VM_EXIT_HOST_ADDR_SPACE_SIZE) && - ((vmcs12->vm_entry_controls & VM_ENTRY_IA32E_MODE) || - (vmcs12->host_cr4 & X86_CR4_PCIDE) || - (((vmcs12->host_rip) >> 32) & 0xffffffff))) { - return -EINVAL; - } - - if ((vmcs12->vm_exit_controls & VM_EXIT_HOST_ADDR_SPACE_SIZE) && - ((!(vmcs12->host_cr4 & X86_CR4_PAE)) || - (is_noncanonical_address(vmcs12->host_rip, vcpu)))) { - return -EINVAL; - } -#else - if (vmcs12->vm_entry_controls & VM_ENTRY_IA32E_MODE || - vmcs12->vm_exit_controls & VM_EXIT_HOST_ADDR_SPACE_SIZE) + CC(is_noncanonical_address(vmcs12->host_tr_base, vcpu)) || + CC(is_noncanonical_address(vmcs12->host_rip, vcpu))) return -EINVAL; #endif -- 1.8.3.1