KVM: nVMX: WARN if subtly-impossible VMFUNC conditions occur

WARN and inject #UD when emulating VMFUNC for L2 if the function is out-of-bounds or if VMFUNC is not enabled in vmcs12. Neither condition should occur in practice, as the CPU is supposed to prioritize the #UD over VM-Exit for out-of-bounds input and KVM is supposed to enable VMFUNC in vmcs02 if and only if it's enabled in vmcs12, but neither of those dependencies is obvious. Signed-off-by: Sean Christopherson <seanjc@google.com> Message-Id: <20210609234235.1244004-15-seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
author: Sean Christopherson <seanjc@google.com> 2021-06-09 16:42:34 -0700
committer: Paolo Bonzini <pbonzini@redhat.com> 2021-06-17 13:09:54 -0400
commit: 546e8398bc0c7f75f696a24a997d2befeb632154 (patch)
tree: 4490e2fcf3ddefefb07f5f1445dc0c538e2a1533 /arch/x86/kvm/vmx/nested.c
parent: c906066288d0da7b8c2b5ac4d0d8e85f10f5d5b8 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index aba11422500c..6342bb4c46b3 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -5552,6 +5552,16 @@ static int handle_vmfunc(struct kvm_vcpu *vcpu)
 	}
 
 	vmcs12 = get_vmcs12(vcpu);
+
+	/*
+	 * #UD on out-of-bounds function has priority over VM-Exit, and VMFUNC
+	 * is enabled in vmcs02 if and only if it's enabled in vmcs12.
+	 */
+	if (WARN_ON_ONCE((function > 63) || !nested_cpu_has_vmfunc(vmcs12))) {
+		kvm_queue_exception(vcpu, UD_VECTOR);
+		return 1;
+	}
+
 	if (!(vmcs12->vm_function_control & BIT_ULL(function)))
 		goto fail;
author	Sean Christopherson <seanjc@google.com>	2021-06-09 16:42:34 -0700
committer	Paolo Bonzini <pbonzini@redhat.com>	2021-06-17 13:09:54 -0400
commit	546e8398bc0c7f75f696a24a997d2befeb632154 (patch)
tree	4490e2fcf3ddefefb07f5f1445dc0c538e2a1533 /arch/x86/kvm/vmx/nested.c
parent	c906066288d0da7b8c2b5ac4d0d8e85f10f5d5b8 (diff)