Commit 93c9e107 authored by Jim Mattson's avatar Jim Mattson Committed by Sean Christopherson
Browse files

KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN 



Mark the VMCB_PERM_MAP bit as dirty in nested_vmcb02_prepare_control()
on every nested VMRUN.

If L1 changes MSR interception (INTERCEPT_MSR_PROT) between two VMRUN
instructions on the same L1 vCPU, the msrpm_base_pa in the associated
vmcb02 will change, and the VMCB_PERM_MAP clean bit should be cleared.

Fixes: 4bb170a5 ("KVM: nSVM: do not mark all VMCB02 fields dirty on nested vmexit")
Reported-by: default avatarMatteo Rizzo <matteorizzo@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: default avatarJim Mattson <jmattson@google.com>
Link: https://lore.kernel.org/r/20250922162935.621409-2-jmattson@google.com


Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
parent 3a866087

arch/x86/kvm/svm/nested.c

+1 −0
Original line number Diff line number Diff line
@@ -752,6 +752,7 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, 
	vmcb02->control.nested_ctl = vmcb01->control.nested_ctl;

	vmcb02->control.iopm_base_pa = vmcb01->control.iopm_base_pa;

	vmcb02->control.msrpm_base_pa = vmcb01->control.msrpm_base_pa;

	vmcb_mark_dirty(vmcb02, VMCB_PERM_MAP);



	/*

	 * Stash vmcb02's counter if the guest hasn't moved past the guilty