KVM: x86: Inject #GP if guest attempts to set unsupported EFER bits

EFER.LME and EFER.NX are considered reserved if their respective feature bits are not advertised to the guest. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

KVM: x86: Inject #GP if guest attempts to set unsupported EFER bits
EFER.LME and EFER.NX are considered reserved if their respective feature bits are not advertised to the guest. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
0a629563 · Sean Christopherson · Paolo Bonzini · 11988499 · 0a629563
Commit 0a629563 authored Apr 02, 2019 by Sean Christopherson Committed by Paolo Bonzini Apr 16, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 0 deletions

arch/x86/kvm/x86.c arch/x86/kvm/x86.c +7 -0

No files found.
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1266,6 +1266,13 @@ static bool __kvm_valid_efer(struct kvm_vcpu *vcpu, u64 efer)
 	if (efer & EFER_SVME && !guest_cpuid_has(vcpu, X86_FEATURE_SVM))
 		return false;

+	if (efer & (EFER_LME | EFER_LMA) &&
+	    !guest_cpuid_has(vcpu, X86_FEATURE_LM))
+		return false;
+
+	if (efer & EFER_NX && !guest_cpuid_has(vcpu, X86_FEATURE_NX))
+		return false;
+
 	return true;

 }