On Sun, Jan 06, 2019 at 01:57:24PM -0500, Mike Haboustak wrote:
[ Backport of upstream commit d391f1207067268261add0485f0f34503539c5b0 ]
I was investigating an issue with seabios >= 1.10 which stopped working for nested KVM on Hyper-V. The problem appears to be in handle_ept_violation() function: when we do fast mmio we need to skip the instruction so we do kvm_skip_emulated_instruction(). This, however, depends on VM_EXIT_INSTRUCTION_LEN field being set correctly in VMCS. However, this is not the case.
Intel's manual doesn't mandate VM_EXIT_INSTRUCTION_LEN to be set when EPT MISCONFIG occurs. While on real hardware it was observed to be set, some hypervisors follow the spec and don't set it; we end up advancing IP with some random value.
I checked with Microsoft and they confirmed they don't fill VM_EXIT_INSTRUCTION_LEN on EPT MISCONFIG.
Fix the issue by doing instruction skip through emulator when running nested.
Fixes: 68c3b4d1676d870f0453c31d5a52e7e65c7448ae Suggested-by: Radim Krčmář rkrcmar@redhat.com Suggested-by: Paolo Bonzini pbonzini@redhat.com Signed-off-by: Vitaly Kuznetsov vkuznets@redhat.com Acked-by: Michael S. Tsirkin mst@redhat.com Signed-off-by: Radim Krčmář rkrcmar@redhat.com Signed-off-by: Sasha Levin alexander.levin@microsoft.com [mhaboustak: backport to 4.9.y] Signed-off-by: Mike Haboustak haboustak@gmail.com
arch/x86/kvm/vmx.c | 19 +++++++++++++++++-- arch/x86/kvm/x86.c | 3 ++- 2 files changed, 19 insertions(+), 3 deletions(-)
Now queued up, thanks.
greg k-h