KVM: nVMX: preserve SECONDARY_EXEC_DESC without UMIP
authorRadim Krčmář <rkrcmar@redhat.com>
Wed, 31 Jan 2018 17:12:50 +0000 (18:12 +0100)
committerPaolo Bonzini <pbonzini@redhat.com>
Sat, 24 Feb 2018 00:43:35 +0000 (01:43 +0100)
L1 might want to use SECONDARY_EXEC_DESC, so we must not clear the VMCS
bit if UMIP is not being emulated.

We must still set the bit when emulating UMIP as the feature can be
passed to L2 where L0 will do the emulation and because L2 can change
CR4 without a VM exit, we should clear the bit if UMIP is disabled.

Fixes: 0367f205a3b7 ("KVM: vmx: add support for emulating UMIP")
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
arch/x86/kvm/vmx.c

index f427723dc7db34fab153b4faecbbb767b48f7e06..2d2cf8c1f0f413bb7a81fd37e37567ee0351ed2e 100644 (file)
@@ -4485,7 +4485,8 @@ static int vmx_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
                vmcs_set_bits(SECONDARY_VM_EXEC_CONTROL,
                              SECONDARY_EXEC_DESC);
                hw_cr4 &= ~X86_CR4_UMIP;
-       } else
+       } else if (!is_guest_mode(vcpu) ||
+                  !nested_cpu_has2(get_vmcs12(vcpu), SECONDARY_EXEC_DESC))
                vmcs_clear_bits(SECONDARY_VM_EXEC_CONTROL,
                                SECONDARY_EXEC_DESC);