diff options
| author | Sean Christopherson <sean.j.christopherson@intel.com> | 2019-04-02 08:19:15 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-05-21 18:49:01 +0200 |
| commit | 0dd8bef58e0bd262962d9a2f4d42f670d64f9e44 (patch) | |
| tree | a232786b5ff6d5b87d1c5c50f234287cda8977d6 /arch/x86/Kconfig.debug | |
| parent | 51776204959bd7c1db0f76b8d1a3bccf9411abc1 (diff) | |
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
commit 11988499e62b310f3bf6f6d0a807a06d3f9ccc96 upstream.
KVM allows userspace to violate consistency checks related to the
guest's CPUID model to some degree. Generally speaking, userspace has
carte blanche when it comes to guest state so long as jamming invalid
state won't negatively affect the host.
Currently this is seems to be a non-issue as most of the interesting
EFER checks are missing, e.g. NX and LME, but those will be added
shortly. Proactively exempt userspace from the CPUID checks so as not
to break userspace.
Note, the efer_reserved_bits check still applies to userspace writes as
that mask reflects the host's capabilities, e.g. KVM shouldn't allow a
guest to run with NX=1 if it has been disabled in the host.
Fixes: d80174745ba39 ("KVM: SVM: Only allow setting of EFER_SVME when CPUID SVM is set")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'arch/x86/Kconfig.debug')
0 files changed, 0 insertions, 0 deletions