KVM: x86: nVMX: re-evaluate emulation_required on nested VM exit

Maxim Levitsky · bonzini · commit dbab610a5be6 · 2021-09-22T10:47:50.000-04:00
If L1 had invalid state on VM entry (can happen on SMM transactions
when we enter from real mode, straight to nested guest),

then after we load 'host' state from VMCS12, the state has to become
valid again, but since we load the segment registers with
__vmx_set_segment we weren't always updating emulation_required.

Update emulation_required explicitly at end of load_vmcs12_host_state.

Signed-off-by: Maxim Levitsky &lt;mlevitsk@redhat.com&gt;
Message-Id: &lt;20210913140954.165665-8-mlevitsk@redhat.com&gt;
Signed-off-by: Paolo Bonzini &lt;pbonzini@redhat.com&gt;
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
@@ -4356,6 +4356,8 @@ static void load_vmcs12_host_state(struct kvm_vcpu *vcpu,
 	if (nested_vmx_load_msr(vcpu, vmcs12->vm_exit_msr_load_addr,
 				vmcs12->vm_exit_msr_load_count))
 		nested_vmx_abort(vcpu, VMX_ABORT_LOAD_HOST_MSR_FAIL);
+
+	to_vmx(vcpu)->emulation_required = vmx_emulation_required(vcpu);
 }
 
 static inline u64 nested_vmx_get_vmcs01_guest_efer(struct vcpu_vmx *vmx)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
@@ -1323,7 +1323,7 @@ static void vmx_vcpu_put(struct kvm_vcpu *vcpu)
 	vmx_prepare_switch_to_host(to_vmx(vcpu));
 }
 
-static bool emulation_required(struct kvm_vcpu *vcpu)
+bool vmx_emulation_required(struct kvm_vcpu *vcpu)
 {
 	return emulate_invalid_guest_state && !vmx_guest_state_valid(vcpu);
 }
@@ -1367,7 +1367,7 @@ void vmx_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags)
 	vmcs_writel(GUEST_RFLAGS, rflags);
 
 	if ((old_rflags ^ vmx->rflags) & X86_EFLAGS_VM)
-		vmx->emulation_required = emulation_required(vcpu);
+		vmx->emulation_required = vmx_emulation_required(vcpu);
 }
 
 u32 vmx_get_interrupt_shadow(struct kvm_vcpu *vcpu)
@@ -3078,7 +3078,7 @@ void vmx_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)
 	}
 
 	/* depends on vcpu->arch.cr0 to be set to a new value */
-	vmx->emulation_required = emulation_required(vcpu);
+	vmx->emulation_required = vmx_emulation_required(vcpu);
 }
 
 static int vmx_get_max_tdp_level(void)
@@ -3331,7 +3331,7 @@ static void vmx_set_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int
 {
 	__vmx_set_segment(vcpu, var, seg);
 
-	to_vmx(vcpu)->emulation_required = emulation_required(vcpu);
+	to_vmx(vcpu)->emulation_required = vmx_emulation_required(vcpu);
 }
 
 static void vmx_get_cs_db_l_bits(struct kvm_vcpu *vcpu, int *db, int *l)
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
@@ -355,6 +355,7 @@ void vmx_prepare_switch_to_guest(struct kvm_vcpu *vcpu);
 void vmx_set_host_fs_gs(struct vmcs_host_state *host, u16 fs_sel, u16 gs_sel,
 			unsigned long fs_base, unsigned long gs_base);
 int vmx_get_cpl(struct kvm_vcpu *vcpu);
+bool vmx_emulation_required(struct kvm_vcpu *vcpu);
 unsigned long vmx_get_rflags(struct kvm_vcpu *vcpu);
 void vmx_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags);
 u32 vmx_get_interrupt_shadow(struct kvm_vcpu *vcpu);

Original file line number	Diff line number	Diff line change
`@@ -4356,6 +4356,8 @@ static void load_vmcs12_host_state(struct kvm_vcpu *vcpu,`
`4356`	`4356`	`if (nested_vmx_load_msr(vcpu, vmcs12->vm_exit_msr_load_addr,`
`4357`	`4357`	`vmcs12->vm_exit_msr_load_count))`
`4358`	`4358`	`nested_vmx_abort(vcpu, VMX_ABORT_LOAD_HOST_MSR_FAIL);`
	`4359`	`+`
	`4360`	`+ to_vmx(vcpu)->emulation_required = vmx_emulation_required(vcpu);`
`4359`	`4361`	`}`
`4360`	`4362`
`4361`	`4363`	`static inline u64 nested_vmx_get_vmcs01_guest_efer(struct vcpu_vmx *vmx)`
Original file line number	Diff line number	Diff line change
`@@ -1323,7 +1323,7 @@ static void vmx_vcpu_put(struct kvm_vcpu *vcpu)`
`1323`	`1323`	`vmx_prepare_switch_to_host(to_vmx(vcpu));`
`1324`	`1324`	`}`
`1325`	`1325`
`1326`		`-static bool emulation_required(struct kvm_vcpu *vcpu)`
	`1326`	`+bool vmx_emulation_required(struct kvm_vcpu *vcpu)`
`1327`	`1327`	`{`
`1328`	`1328`	`return emulate_invalid_guest_state && !vmx_guest_state_valid(vcpu);`
`1329`	`1329`	`}`
`@@ -1367,7 +1367,7 @@ void vmx_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags)`
`1367`	`1367`	`vmcs_writel(GUEST_RFLAGS, rflags);`
`1368`	`1368`
`1369`	`1369`	`if ((old_rflags ^ vmx->rflags) & X86_EFLAGS_VM)`
`1370`		`- vmx->emulation_required = emulation_required(vcpu);`
	`1370`	`+ vmx->emulation_required = vmx_emulation_required(vcpu);`
`1371`	`1371`	`}`
`1372`	`1372`
`1373`	`1373`	`u32 vmx_get_interrupt_shadow(struct kvm_vcpu *vcpu)`
`@@ -3078,7 +3078,7 @@ void vmx_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)`
`3078`	`3078`	`}`
`3079`	`3079`
`3080`	`3080`	`/* depends on vcpu->arch.cr0 to be set to a new value */`
`3081`		`- vmx->emulation_required = emulation_required(vcpu);`
	`3081`	`+ vmx->emulation_required = vmx_emulation_required(vcpu);`
`3082`	`3082`	`}`
`3083`	`3083`
`3084`	`3084`	`static int vmx_get_max_tdp_level(void)`
`@@ -3331,7 +3331,7 @@ static void vmx_set_segment(struct kvm_vcpu vcpu, struct kvm_segment var, int`
`3331`	`3331`	`{`
`3332`	`3332`	`__vmx_set_segment(vcpu, var, seg);`
`3333`	`3333`
`3334`		`- to_vmx(vcpu)->emulation_required = emulation_required(vcpu);`
	`3334`	`+ to_vmx(vcpu)->emulation_required = vmx_emulation_required(vcpu);`
`3335`	`3335`	`}`
`3336`	`3336`
`3337`	`3337`	`static void vmx_get_cs_db_l_bits(struct kvm_vcpu vcpu, int db, int *l)`