[pve-kernel.git] / patches / kernel / 0014-KVM-x86-SVM-don-t-save-SVM-state-to-SMRAM-when-VM-is.patch

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Maxim Levitsky <mlevitsk@redhat.com>
Date: Wed, 3 Aug 2022 18:50:10 +0300
Subject: [PATCH] KVM: x86: SVM: don't save SVM state to SMRAM when VM is not
 long mode capable

When the guest CPUID doesn't have support for long mode, 32 bit SMRAM
layout is used and it has no support for preserving EFER and/or SVM
state.

Note that this isn't relevant to running 32 bit guests on VM which is
long mode capable - such VM can still run 32 bit guests in compatibility
mode.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 arch/x86/kvm/svm/svm.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index bfacbef667d7..6b02f99fe70c 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4394,6 +4394,15 @@ static int svm_enter_smm(struct kvm_vcpu *vcpu, union kvm_smram *smram)
 	if (!is_guest_mode(vcpu))
 		return 0;
 
+	/*
+	 * 32 bit SMRAM format doesn't preserve EFER and SVM state.
+	 * SVM should not be enabled by the userspace without marking
+	 * the CPU as at least long mode capable.
+	 */
+
+	if (!guest_cpuid_has(vcpu, X86_FEATURE_LM))
+		return 1;
+
 	smram->smram64.svm_guest_flag = 1;
 	smram->smram64.svm_guest_vmcb_gpa = svm->nested.vmcb12_gpa;
Commit	Line	Data
4fc427d9 TL	1	From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
	2	From: Maxim Levitsky <mlevitsk@redhat.com>
	3	Date: Wed, 3 Aug 2022 18:50:10 +0300
	4	Subject: [PATCH] KVM: x86: SVM: don't save SVM state to SMRAM when VM is not
	5	long mode capable
	6
	7	When the guest CPUID doesn't have support for long mode, 32 bit SMRAM
	8	layout is used and it has no support for preserving EFER and/or SVM
	9	state.
	10
	11	Note that this isn't relevant to running 32 bit guests on VM which is
	12	long mode capable - such VM can still run 32 bit guests in compatibility
	13	mode.
	14
	15	Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
	16	Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
	17	---
	18	arch/x86/kvm/svm/svm.c \| 9 +++++++++
	19	1 file changed, 9 insertions(+)
	20
	21	diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
12247ad0	22	index bfacbef667d7..6b02f99fe70c 100644
4fc427d9 TL	23	--- a/arch/x86/kvm/svm/svm.c
4fc427d9 TL	24	+++ b/arch/x86/kvm/svm/svm.c
12247ad0	25	@@ -4394,6 +4394,15 @@ static int svm_enter_smm(struct kvm_vcpu vcpu, union kvm_smram smram)
4fc427d9 TL	26	if (!is_guest_mode(vcpu))
	27	return 0;
	28
	29	+ /*
	30	+ * 32 bit SMRAM format doesn't preserve EFER and SVM state.
	31	+ * SVM should not be enabled by the userspace without marking
	32	+ * the CPU as at least long mode capable.
	33	+ */
	34	+
	35	+ if (!guest_cpuid_has(vcpu, X86_FEATURE_LM))
	36	+ return 1;
	37	+
	38	smram->smram64.svm_guest_flag = 1;
	39	smram->smram64.svm_guest_vmcb_gpa = svm->nested.vmcb12_gpa;
	40