Consult the 'unconditional IO exiting' and 'use IO bitmaps' VM-execution
controls when checking instruction interception. If the 'use IO bitmaps'
VM-execution control is 1, check the instruction access against the IO
bitmaps to determine if the instruction causes a VM-exit.
Signed-off-by: Oliver Upton <email address hidden>
Signed-off-by: Paolo Bonzini <email address hidden>
(cherry picked from commit 35a571346a94fb93b5b3b6a599675ef3384bc75c)
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Benjamin M Romer <email address hidden>
Acked-by: Khalid Elmously <email address hidden>
Signed-off-by: Khalid Elmously <email address hidden>
KVM: nVMX: Refactor IO bitmap checks into helper function
CVE-2020-2732
Checks against the IO bitmap are useful for both instruction emulation
and VM-exit reflection. Refactor the IO bitmap checks into a helper
function.
Signed-off-by: Oliver Upton <email address hidden>
Reviewed-by: Vitaly Kuznetsov <email address hidden>
Signed-off-by: Paolo Bonzini <email address hidden>
(backported from commit e71237d3ff1abf9f3388337cfebf53b96df2020d)
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Benjamin M Romer <email address hidden>
Acked-by: Khalid Elmously <email address hidden>
Signed-off-by: Khalid Elmously <email address hidden>
67e9cef...
by
Paolo Bonzini <email address hidden>
KVM: nVMX: Don't emulate instructions in guest mode
CVE-2020-2732
vmx_check_intercept is not yet fully implemented. To avoid emulating
instructions disallowed by the L1 hypervisor, refuse to emulate
instructions by default.
Cc: <email address hidden>
[Made commit, added commit msg - Oliver]
Signed-off-by: Oliver Upton <email address hidden>
Signed-off-by: Paolo Bonzini <email address hidden>
(cherry picked from commit 07721feee46b4b248402133228235318199b05ec)
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Benjamin M Romer <email address hidden>
Acked-by: Khalid Elmously <email address hidden>
Signed-off-by: Khalid Elmously <email address hidden>
Now that we are mapping kvm_steal_time from the guest directly we
don't need keep a copy of it in kvm_vcpu_arch.st. The same is true
for the stime field.
This is part of CVE-2019-3016.
Signed-off-by: Boris Ostrovsky <email address hidden>
Reviewed-by: Joao Martins <email address hidden>
Cc: <email address hidden>
Signed-off-by: Paolo Bonzini <email address hidden>
(backported from commit a6bd811f1209fe1c64c9f6fd578101d6436c6b6e upstream)
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Sultan Alsawaf <email address hidden>
Acked-by: Stefan Bader <email address hidden>
Signed-off-by: Kleber Sacilotto de Souza <email address hidden>