diff options
| author |  Yu Zhang <yu.c.zhang@linux.intel.com>
| 2022-11-09 15:54:12 +0800 |
|---|---|---|
| committer |  Sean Christopherson <seanjc@google.com>
| 2023-02-07 01:51:17 +0000 |
| commit | 41acdd41973548aec573381e1166b5a388708d5b (patch) | |
| tree | c2de3fb96d54c1799efc85bf5671c4ad4a9f6303 /arch/x86/kvm/vmx/nested.c | |
| parent | KVM: VMX: Handle NMI VM-Exits in noinstr region (diff) | |
| download | linux-41acdd41973548aec573381e1166b5a388708d5b.tar.gz linux-41acdd41973548aec573381e1166b5a388708d5b.tar.bz2 linux-41acdd41973548aec573381e1166b5a388708d5b.zip | |
KVM: VMX: Do not trap VMFUNC instructions for L1 guests.
Explicitly disable VMFUNC in vmcs01 to document that KVM doesn't support
any VM-Functions for L1. WARN in the dedicated VMFUNC handler if an exit
occurs while L1 is active, but keep the existing handlers as fallbacks to
avoid killing the VM as an unexpected VMFUNC VM-Exit isn't fatal
Signed-off-by: Yu Zhang <yu.c.zhang@linux.intel.com>
Link: https://lore.kernel.org/r/20221109075413.1405803-2-yu.c.zhang@linux.intel.com
[sean: don't kill the VM on an unexpected VMFUNC from L1, reword changelog]
Signed-off-by: Sean Christopherson <seanjc@google.com>
Diffstat (limited to 'arch/x86/kvm/vmx/nested.c')
| -rw-r--r-- | arch/x86/kvm/vmx/nested.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 557b9c468734..3c226de4b562 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -5864,11 +5864,10 @@ static int handle_vmfunc(struct kvm_vcpu *vcpu) u32 function = kvm_rax_read(vcpu); /* - * VMFUNC is only supported for nested guests, but we always enable the - * secondary control for simplicity; for non-nested mode, fake that we - * didn't by injecting #UD. + * VMFUNC should never execute cleanly while L1 is active; KVM supports + * VMFUNC for nested VMs, but not for L1. */ - if (!is_guest_mode(vcpu)) { + if (WARN_ON_ONCE(!is_guest_mode(vcpu))) { kvm_queue_exception(vcpu, UD_VECTOR); return 1; } |