aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/arch/x86
diff options
context:
space:
mode:
authorJim Mattson <jmattson@google.com>2017-05-04 11:51:58 -0700
committerPaolo Bonzini <pbonzini@redhat.com>2017-05-05 10:08:31 +0200
commit2e5b0bd9cc6172edef502dfae28ae790f74a882e (patch)
treec0879f08222007991e96a289233de73acfaea43f /arch/x86
parentKVM: put back #ifndef CONFIG_S390 around kvm_vcpu_kick (diff)
downloadwireguard-linux-2e5b0bd9cc6172edef502dfae28ae790f74a882e.tar.xz
wireguard-linux-2e5b0bd9cc6172edef502dfae28ae790f74a882e.zip
kvm: nVMX: Don't validate disabled secondary controls
According to the SDM, if the "activate secondary controls" primary processor-based VM-execution control is 0, no checks are performed on the secondary processor-based VM-execution controls. Signed-off-by: Jim Mattson <jmattson@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'arch/x86')
-rw-r--r--arch/x86/kvm/vmx.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 75e6cc945be0..e7d929103f4a 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -10240,9 +10240,10 @@ static int check_vmentry_prereqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
if (!vmx_control_verify(vmcs12->cpu_based_vm_exec_control,
vmx->nested.nested_vmx_procbased_ctls_low,
vmx->nested.nested_vmx_procbased_ctls_high) ||
- !vmx_control_verify(vmcs12->secondary_vm_exec_control,
- vmx->nested.nested_vmx_secondary_ctls_low,
- vmx->nested.nested_vmx_secondary_ctls_high) ||
+ (nested_cpu_has(vmcs12, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
+ !vmx_control_verify(vmcs12->secondary_vm_exec_control,
+ vmx->nested.nested_vmx_secondary_ctls_low,
+ vmx->nested.nested_vmx_secondary_ctls_high)) ||
!vmx_control_verify(vmcs12->pin_based_vm_exec_control,
vmx->nested.nested_vmx_pinbased_ctls_low,
vmx->nested.nested_vmx_pinbased_ctls_high) ||
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.