[xen stable-4.10] x86/vvmx: don't enable vmcs shadowing for nested guests

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[xen stable-4.10] x86/vvmx: don't enable vmcs shadowing for nested guests

commit 4150501b717e7fde77c9ab4e96dd9916d7345b55
Author:     Sergey Dyasli <[hidden email]>
AuthorDate: Wed Dec 20 15:41:33 2017 +0100
Commit:     Jan Beulich <[hidden email]>
CommitDate: Wed Dec 20 15:41:33 2017 +0100

    x86/vvmx: don't enable vmcs shadowing for nested guests
    Running "./xtf_runner vvmx" in L1 Xen under L0 Xen produces the
    following result on H/W with VMCS shadowing:
        Test: vmxon
        Failure in test_vmxon_in_root_cpl0()
          Expected 0x8200000f: VMfailValid(15) VMXON_IN_ROOT
               Got 0x82004400: VMfailValid(17408) <unknown>
        Test result: FAILURE
    This happens because SDM allows vmentries with enabled VMCS shadowing
    VM-execution control and VMCS link pointer value of ~0ull. But results
    of a nested VMREAD are undefined in such cases.
    Fix this by not copying the value of VMCS shadowing control from vmcs01
    to vmcs02.
    Signed-off-by: Sergey Dyasli <[hidden email]>
    Acked-by: Kevin Tian <[hidden email]>
    master commit: 19fdb8e258619aea265af9c183e035e545cbc2d2
    master date: 2017-12-01 19:03:27 +0000
 xen/arch/x86/hvm/vmx/vvmx.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index dde02c0..013d049 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -633,6 +633,7 @@ void nvmx_update_secondary_exec_control(struct vcpu *v,
     host_cntrl &= ~apicv_bit;
     shadow_cntrl = get_vvmcs(v, SECONDARY_VM_EXEC_CONTROL);
     /* No vAPIC-v support, so it shouldn't be set in vmcs12. */
generated by git-patchbot for /home/xen/git/xen.git#stable-4.10

Xen-changelog mailing list
[hidden email]