mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-14 17:55:42 +08:00
771a579c6e
This fixes three issues in nested SVM: 1) in the shutdown_interception() vmexit handler we call kvm_vcpu_reset(). However, if running nested and L1 doesn't intercept shutdown, the function resets vcpu->arch.hflags without properly leaving the nested state. This leaves the vCPU in inconsistent state and later triggers a kernel panic in SVM code. The same bug can likely be triggered by sending INIT via local apic to a vCPU which runs a nested guest. On VMX we are lucky that the issue can't happen because VMX always intercepts triple faults, thus triple fault in L2 will always be redirected to L1. Plus, handle_triple_fault() doesn't reset the vCPU. INIT IPI can't happen on VMX either because INIT events are masked while in VMX mode. Secondarily, KVM doesn't honour SHUTDOWN intercept bit of L1 on SVM. A normal hypervisor should always intercept SHUTDOWN, a unit test on the other hand might want to not do so. Finally, the guest can trigger a kernel non rate limited printk on SVM from the guest, which is fixed as well. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
||
|---|---|---|
| .. | ||
| capabilities.h | ||
| evmcs.c | ||
| evmcs.h | ||
| nested.c | ||
| nested.h | ||
| pmu_intel.c | ||
| posted_intr.c | ||
| posted_intr.h | ||
| run_flags.h | ||
| sgx.c | ||
| sgx.h | ||
| vmcs12.c | ||
| vmcs12.h | ||
| vmcs_shadow_fields.h | ||
| vmcs.h | ||
| vmenter.S | ||
| vmx_ops.h | ||
| vmx.c | ||
| vmx.h | ||