Skip to content

Commit f244dee

Browse files
Wanpeng Lirkrcmar
Wanpeng Li
authored and
rkrcmar
committed
KVM: VMX: Fix invalid guest state detection after task-switch emulation
This can be reproduced by EPT=1, unrestricted_guest=N, emulate_invalid_state=Y or EPT=0, the trace of kvm-unit-tests/taskswitch2.flat is like below, it tries to emulate invalid guest state task-switch: kvm_exit: reason TASK_SWITCH rip 0x0 info 40000058 0 kvm_emulate_insn: 42000:0:0f 0b (0x2) kvm_emulate_insn: 42000:0:0f 0b (0x2) failed kvm_inj_exception: #UD (0x0) kvm_entry: vcpu 0 kvm_exit: reason TASK_SWITCH rip 0x0 info 40000058 0 kvm_emulate_insn: 42000:0:0f 0b (0x2) kvm_emulate_insn: 42000:0:0f 0b (0x2) failed kvm_inj_exception: #UD (0x0) ...................... It appears that the task-switch emulation updates rflags (and vm86 flag) only after the segments are loaded, causing vmx->emulation_required to be set, when in fact invalid guest state emulation is not needed. This patch fixes it by updating vmx->emulation_required after the rflags (and vm86 flag) is updated in task-switch emulation. Thanks Radim for moving the update to vmx__set_flags and adding Paolo's suggestion for the check. Suggested-by: Nadav Amit <[email protected]> Cc: Paolo Bonzini <[email protected]> Cc: Radim Krčmář <[email protected]> Cc: Nadav Amit <[email protected]> Signed-off-by: Wanpeng Li <[email protected]> Signed-off-by: Radim Krčmář <[email protected]>
1 parent c2ce3f5 commit f244dee

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

arch/x86/kvm/vmx.c

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2327,6 +2327,11 @@ static void vmx_vcpu_put(struct kvm_vcpu *vcpu)
23272327
__vmx_load_host_state(to_vmx(vcpu));
23282328
}
23292329

2330+
static bool emulation_required(struct kvm_vcpu *vcpu)
2331+
{
2332+
return emulate_invalid_guest_state && !guest_state_valid(vcpu);
2333+
}
2334+
23302335
static void vmx_decache_cr0_guest_bits(struct kvm_vcpu *vcpu);
23312336

23322337
/*
@@ -2364,13 +2369,18 @@ static unsigned long vmx_get_rflags(struct kvm_vcpu *vcpu)
23642369

23652370
static void vmx_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags)
23662371
{
2372+
unsigned long old_rflags = vmx_get_rflags(vcpu);
2373+
23672374
__set_bit(VCPU_EXREG_RFLAGS, (ulong *)&vcpu->arch.regs_avail);
23682375
to_vmx(vcpu)->rflags = rflags;
23692376
if (to_vmx(vcpu)->rmode.vm86_active) {
23702377
to_vmx(vcpu)->rmode.save_rflags = rflags;
23712378
rflags |= X86_EFLAGS_IOPL | X86_EFLAGS_VM;
23722379
}
23732380
vmcs_writel(GUEST_RFLAGS, rflags);
2381+
2382+
if ((old_rflags ^ to_vmx(vcpu)->rflags) & X86_EFLAGS_VM)
2383+
to_vmx(vcpu)->emulation_required = emulation_required(vcpu);
23742384
}
23752385

23762386
static u32 vmx_get_pkru(struct kvm_vcpu *vcpu)
@@ -3858,11 +3868,6 @@ static __init int alloc_kvm_area(void)
38583868
return 0;
38593869
}
38603870

3861-
static bool emulation_required(struct kvm_vcpu *vcpu)
3862-
{
3863-
return emulate_invalid_guest_state && !guest_state_valid(vcpu);
3864-
}
3865-
38663871
static void fix_pmode_seg(struct kvm_vcpu *vcpu, int seg,
38673872
struct kvm_segment *save)
38683873
{

0 commit comments

Comments
 (0)