KVM: nSVM: Check that DR6[63:32] and DR7[64:32] are not set on vmrun of nested guests

According to section "Canonicalization and Consistency Checks" in APM vol. 2 the following guest state is illegal: "DR6[63:32] are not zero." "DR7[63:32] are not zero." "Any MBZ bit of EFER is set." Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com> Message-Id: <20200522221954.32131-3-krish.sadhukhan@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
author: Krish Sadhukhan <krish.sadhukhan@oracle.com> 2020-05-22 18:19:52 -0400
committer: Paolo Bonzini <pbonzini@redhat.com> 2020-07-08 16:21:41 -0400
commit: 1aef8161b38a531895a8bffad0e9fb1445ca91f7 (patch)
tree: 19dac418430e856b559009dad3ebc9188dc9ba20 /arch/x86/kvm/svm/nested.c
parent: f5f6145e41d39c7fd04a17c3b2596c7abe933f10 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 6bceafb19108..e4ef980981af 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -231,6 +231,9 @@ static bool nested_vmcb_checks(struct vmcb *vmcb)
 	    (vmcb->save.cr0 & X86_CR0_NW))
 		return false;
 
+	if (!kvm_dr6_valid(vmcb->save.dr6) || !kvm_dr7_valid(vmcb->save.dr7))
+		return false;
+
 	return nested_vmcb_check_controls(&vmcb->control);
 }
author	Krish Sadhukhan <krish.sadhukhan@oracle.com>	2020-05-22 18:19:52 -0400
committer	Paolo Bonzini <pbonzini@redhat.com>	2020-07-08 16:21:41 -0400
commit	1aef8161b38a531895a8bffad0e9fb1445ca91f7 (patch)
tree	19dac418430e856b559009dad3ebc9188dc9ba20 /arch/x86/kvm/svm/nested.c
parent	f5f6145e41d39c7fd04a17c3b2596c7abe933f10 (diff)