diff options
| author | Paolo Bonzini <pbonzini@redhat.com> | 2021-03-31 13:28:01 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2021-04-07 16:00:09 +0300 |
| commit | e6d8eb65532ee788e88468eb2af582c4e70012f0 (patch) | |
| tree | bee56853b17f0ebe88f28ab6eec00073ccee1a31 /drivers/base | |
| parent | 5f6625f5cd5c593fae05a6ce22b406166bc796b8 (diff) | |
| download | linux-e6d8eb65532ee788e88468eb2af582c4e70012f0.tar.xz | |
KVM: SVM: ensure that EFER.SVME is set when running nested guest or on nested vmexit
commit 3c346c0c60ab06a021d1c0884a0ef494bc4ee3a7 upstream.
Fixing nested_vmcb_check_save to avoid all TOC/TOU races
is a bit harder in released kernels, so do the bare minimum
by avoiding that EFER.SVME is cleared. This is problematic
because svm_set_efer frees the data structures for nested
virtualization if EFER.SVME is cleared.
Also check that EFER.SVME remains set after a nested vmexit;
clearing it could happen if the bit is zero in the save area
that is passed to KVM_SET_NESTED_STATE (the save area of the
nested state corresponds to the nested hypervisor's state
and is restored on the next nested vmexit).
Cc: stable@vger.kernel.org
Fixes: 2fcf4876ada ("KVM: nSVM: implement on demand allocation of the nested state")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/base')
0 files changed, 0 insertions, 0 deletions