KVM: x86: nSVM: Improve virtualization of VMCB12 G_PAT

[RFC PATCH 5/6] KVM: x86: nSVM: Add validity check for the VMCB12 g_pat

Posted by Jim Mattson 1 month, 1 week ago

When nested paging is enabled for VMCB12, an invalid g_pat causes an
immediate #VMEXIT with exit code VMEXIT_INVALID, as specified in the
APM.

Fixes: 3d6368ef580a ("KVM: SVM: Add VMRUN handler")
Signed-off-by: Jim Mattson <jmattson@google.com>
---
 arch/x86/kvm/svm/nested.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 6e48572e2bd7..43429399993c 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -336,6 +336,10 @@ static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu,
 	if (CC((control->nested_ctl & SVM_NESTED_CTL_NP_ENABLE) && !npt_enabled))
 		return false;
 
+	if (CC((control->nested_ctl & SVM_NESTED_CTL_NP_ENABLE) &&
+	       npt_enabled && !kvm_pat_valid(control->g_pat)))
+		return false;
+
 	if (CC(!nested_svm_check_bitmap_pa(vcpu, control->msrpm_base_pa,
 					   MSRPM_SIZE)))
 		return false;
-- 
2.51.2.1041.gc1ab5b90ca-goog

[RFC PATCH 1/6] KVM: x86: nSVM: Shuffle guest PAT and PAT MSR in svm_set_nested_state()
[RFC PATCH 2/6] KVM: x86: nSVM: Redirect PAT MSR accesses to gPAT when NPT is enabled in vmcb12
[RFC PATCH 3/6] KVM: x86: nSVM: Copy current vmcb02 g_pat to vmcb12 g_pat on #VMEXIT
[RFC PATCH 4/6] KVM: x86: nSVM: Cache g_pat in vmcb_ctrl_area_cached
[RFC PATCH 5/6] KVM: x86: nSVM: Add validity check for the VMCB12 g_pat
[RFC PATCH 6/6] KVM: x86: nSVM: Use cached VMCB12 g_pat in VMCB02 when using NPT