• Sean Christopherson's avatar
    KVM: x86: Disallow KVM_SET_SREGS{2} if incoming CR0 is invalid · 26a0652c
    Sean Christopherson authored
    Reject KVM_SET_SREGS{2} with -EINVAL if the incoming CR0 is invalid,
    e.g. due to setting bits 63:32, illegal combinations, or to a value that
    isn't allowed in VMX (non-)root mode.  The VMX checks in particular are
    "fun" as failure to disallow Real Mode for an L2 that is configured with
    unrestricted guest disabled, when KVM itself has unrestricted guest
    enabled, will result in KVM forcing VM86 mode to virtual Real Mode for
    L2, but then fail to unwind the related metadata when synthesizing a
    nested VM-Exit back to L1 (which has unrestricted guest enabled).
    
    Opportunistically fix a benign typo in the prototype for is_valid_cr4().
    
    Cc: stable@vger.kernel.org
    Reported-by: syzbot+5feef0b9ee9c8e9e5689@syzkaller.appspotmail.com
    Closes: https://lore.kernel.org/all/000000000000f316b705fdf6e2b4@google.comSigned-off-by: default avatarSean Christopherson <seanjc@google.com>
    Message-Id: <20230613203037.1968489-2-seanjc@google.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    26a0652c
svm.c 142 KB