Commit b7a3d8b6 authored by Emanuele Giuseppe Esposito's avatar Emanuele Giuseppe Esposito Committed by Paolo Bonzini
Browse files

KVM: nSVM: use vmcb_save_area_cached in nested_vmcb_valid_sregs() 



Now that struct vmcb_save_area_cached contains the required
vmcb fields values (done in nested_load_save_from_vmcb12()),
check them to see if they are correct in nested_vmcb_valid_sregs().

While at it, rename nested_vmcb_valid_sregs in nested_vmcb_check_save.
__nested_vmcb_check_save takes the additional @save parameter, so it
is helpful when we want to check a non-svm save state, like in
svm_set_nested_state. The reason for that is that save is the L1
state, not L2, so we check it without moving it to svm->nested.save.

Signed-off-by: default avatarEmanuele Giuseppe Esposito <eesposit@redhat.com>
Message-Id: <20211103140527.752797-5-eesposit@redhat.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 7907160d

arch/x86/kvm/svm/nested.c

+14 −4
Original line number Diff line number Diff line
@@ -245,8 +245,8 @@ static bool nested_vmcb_check_controls(struct kvm_vcpu *vcpu, 
}



/* Common checks that apply to both L1 and L2 state.  */

static bool nested_vmcb_valid_sregs(struct kvm_vcpu *vcpu,

				    struct vmcb_save_area *save)

static bool __nested_vmcb_check_save(struct kvm_vcpu *vcpu,

				     struct vmcb_save_area_cached *save)

{

	/*

	 * FIXME: these should be done after copying the fields,
@@ -286,6 +286,14 @@ static bool nested_vmcb_valid_sregs(struct kvm_vcpu *vcpu, 
	return true;

}



static bool nested_vmcb_check_save(struct kvm_vcpu *vcpu)

{

	struct vcpu_svm *svm = to_svm(vcpu);

	struct vmcb_save_area_cached *save = &svm->nested.save;



	return __nested_vmcb_check_save(vcpu, save);

}



static

void __nested_copy_vmcb_control_to_cache(struct vmcb_control_area *to,

					 struct vmcb_control_area *from)
@@ -694,7 +702,7 @@ int nested_svm_vmrun(struct kvm_vcpu *vcpu) 
	nested_copy_vmcb_control_to_cache(svm, &vmcb12->control);

	nested_copy_vmcb_save_to_cache(svm, &vmcb12->save);



	if (!nested_vmcb_valid_sregs(vcpu, &vmcb12->save) ||

	if (!nested_vmcb_check_save(vcpu) ||

	    !nested_vmcb_check_controls(vcpu, &svm->nested.ctl)) {

		vmcb12->control.exit_code    = SVM_EXIT_ERR;

		vmcb12->control.exit_code_hi = 0;
@@ -1330,6 +1338,7 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu, 
		&user_kvm_nested_state->data.svm[0];

	struct vmcb_control_area *ctl;

	struct vmcb_save_area *save;

	struct vmcb_save_area_cached save_cached;

	unsigned long cr0;

	int ret;
@@ -1397,10 +1406,11 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu, 
	 * Validate host state saved from before VMRUN (see

	 * nested_svm_check_permissions).

	 */

	__nested_copy_vmcb_save_to_cache(&save_cached, save);

	if (!(save->cr0 & X86_CR0_PG) ||

	    !(save->cr0 & X86_CR0_PE) ||

	    (save->rflags & X86_EFLAGS_VM) ||

	    !nested_vmcb_valid_sregs(vcpu, save))

	    !__nested_vmcb_check_save(vcpu, &save_cached))

		goto out_free;



	/*