leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

KVM: nSVM: split nested_vmcb_check_controls

Browse Source 
The authoritative state does not come from the VMCB once in guest mode,
but KVM_SET_NESTED_STATE can still perform checks on L1's provided SVM
controls because we get them from userspace.

Therefore, split out a function to do them.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
Paolo Bonzini 2020-05-18 13:02:15 -04:00
parent 08245e6d2e
commit ca46d739e3
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
arch/x86/kvm/svm/nested.c
View File

@ -203,6 +203,21 @@ static bool nested_svm_vmrun_msrpm(struct vcpu_svm *svm)
return true; return true;
} }
static bool nested_vmcb_check_controls(struct vmcb_control_area *control)
{
if ((control->intercept & (1ULL << INTERCEPT_VMRUN)) == 0)
return false;
if (control->asid == 0)
return false;
if ((control->nested_ctl & SVM_NESTED_CTL_NP_ENABLE) &&
!npt_enabled)
return false;
return true;
}
static bool nested_vmcb_checks(struct vmcb *vmcb) static bool nested_vmcb_checks(struct vmcb *vmcb)
{ {
if ((vmcb->save.efer & EFER_SVME) == 0) if ((vmcb->save.efer & EFER_SVME) == 0)
@ -212,17 +227,7 @@ static bool nested_vmcb_checks(struct vmcb *vmcb)
(vmcb->save.cr0 & X86_CR0_NW)) (vmcb->save.cr0 & X86_CR0_NW))
return false; return false;
if ((vmcb->control.intercept & (1ULL << INTERCEPT_VMRUN)) == 0) return nested_vmcb_check_controls(&vmcb->control);
return false;
if (vmcb->control.asid == 0)
return false;
if ((vmcb->control.nested_ctl & SVM_NESTED_CTL_NP_ENABLE) &&
!npt_enabled)
return false;
return true;
} }
static void load_nested_vmcb_control(struct vcpu_svm *svm, static void load_nested_vmcb_control(struct vcpu_svm *svm,