diff options
author | Jim Mattson <jmattson@google.com> | 2017-05-04 11:51:58 -0700 |
---|---|---|
committer | Paolo Bonzini <pbonzini@redhat.com> | 2017-05-05 10:08:31 +0200 |
commit | 2e5b0bd9cc6172edef502dfae28ae790f74a882e (patch) | |
tree | c0879f08222007991e96a289233de73acfaea43f | |
parent | 0266c894b51c41d3161adb90e3c15eda3e90a7be (diff) | |
download | linux-2e5b0bd9cc6172edef502dfae28ae790f74a882e.tar.bz2 |
kvm: nVMX: Don't validate disabled secondary controls
According to the SDM, if the "activate secondary controls" primary
processor-based VM-execution control is 0, no checks are performed on
the secondary processor-based VM-execution controls.
Signed-off-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-rw-r--r-- | arch/x86/kvm/vmx.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 75e6cc945be0..e7d929103f4a 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -10240,9 +10240,10 @@ static int check_vmentry_prereqs(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12) if (!vmx_control_verify(vmcs12->cpu_based_vm_exec_control, vmx->nested.nested_vmx_procbased_ctls_low, vmx->nested.nested_vmx_procbased_ctls_high) || - !vmx_control_verify(vmcs12->secondary_vm_exec_control, - vmx->nested.nested_vmx_secondary_ctls_low, - vmx->nested.nested_vmx_secondary_ctls_high) || + (nested_cpu_has(vmcs12, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && + !vmx_control_verify(vmcs12->secondary_vm_exec_control, + vmx->nested.nested_vmx_secondary_ctls_low, + vmx->nested.nested_vmx_secondary_ctls_high)) || !vmx_control_verify(vmcs12->pin_based_vm_exec_control, vmx->nested.nested_vmx_pinbased_ctls_low, vmx->nested.nested_vmx_pinbased_ctls_high) || |