[thirdparty/kernel/stable-queue.git] / releases / 3.18.86 / kvm-x86-exit-to-user-mode-on-ud-intercept-when-emulator-requires.patch

From 61cb57c9ed631c95b54f8e9090c89d18b3695b3c Mon Sep 17 00:00:00 2001
From: Liran Alon <liran.alon@oracle.com>
Date: Sun, 5 Nov 2017 16:56:32 +0200
Subject: KVM: x86: Exit to user-mode on #UD intercept when emulator requires
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From: Liran Alon <liran.alon@oracle.com>

commit 61cb57c9ed631c95b54f8e9090c89d18b3695b3c upstream.

Instruction emulation after trapping a #UD exception can result in an
MMIO access, for example when emulating a MOVBE on a processor that
doesn't support the instruction.  In this case, the #UD vmexit handler
must exit to user mode, but there wasn't any code to do so.  Add it for
both VMX and SVM.

Signed-off-by: Liran Alon <liran.alon@oracle.com>
Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Wanpeng Li <wanpeng.li@hotmail.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 arch/x86/kvm/svm.c |    2 ++
 arch/x86/kvm/vmx.c |    2 ++
 2 files changed, 4 insertions(+)

--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -1785,6 +1785,8 @@ static int ud_interception(struct vcpu_s
 	int er;
 
 	er = emulate_instruction(&svm->vcpu, EMULTYPE_TRAP_UD);
+	if (er == EMULATE_USER_EXIT)
+		return 0;
 	if (er != EMULATE_DONE)
 		kvm_queue_exception(&svm->vcpu, UD_VECTOR);
 	return 1;
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -4899,6 +4899,8 @@ static int handle_exception(struct kvm_v
 
 	if (is_invalid_opcode(intr_info)) {
 		er = emulate_instruction(vcpu, EMULTYPE_TRAP_UD);
+		if (er == EMULATE_USER_EXIT)
+			return 0;
 		if (er != EMULATE_DONE)
 			kvm_queue_exception(vcpu, UD_VECTOR);
 		return 1;
Commit	Line	Data
b3d5543a GKH	1	From 61cb57c9ed631c95b54f8e9090c89d18b3695b3c Mon Sep 17 00:00:00 2001
	2	From: Liran Alon <liran.alon@oracle.com>
	3	Date: Sun, 5 Nov 2017 16:56:32 +0200
	4	Subject: KVM: x86: Exit to user-mode on #UD intercept when emulator requires
	5	MIME-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8
	9	From: Liran Alon <liran.alon@oracle.com>
	10
	11	commit 61cb57c9ed631c95b54f8e9090c89d18b3695b3c upstream.
	12
	13	Instruction emulation after trapping a #UD exception can result in an
	14	MMIO access, for example when emulating a MOVBE on a processor that
	15	doesn't support the instruction. In this case, the #UD vmexit handler
	16	must exit to user mode, but there wasn't any code to do so. Add it for
	17	both VMX and SVM.
	18
	19	Signed-off-by: Liran Alon <liran.alon@oracle.com>
	20	Reviewed-by: Nikita Leshenko <nikita.leshchenko@oracle.com>
	21	Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
	22	Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
	23	Reviewed-by: Wanpeng Li <wanpeng.li@hotmail.com>
	24	Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
	25	Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
	26	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	27
	28	---
	29	arch/x86/kvm/svm.c \| 2 ++
	30	arch/x86/kvm/vmx.c \| 2 ++
	31	2 files changed, 4 insertions(+)
	32
	33	--- a/arch/x86/kvm/svm.c
	34	+++ b/arch/x86/kvm/svm.c
	35	@@ -1785,6 +1785,8 @@ static int ud_interception(struct vcpu_s
	36	int er;
	37
	38	er = emulate_instruction(&svm->vcpu, EMULTYPE_TRAP_UD);
	39	+ if (er == EMULATE_USER_EXIT)
	40	+ return 0;
	41	if (er != EMULATE_DONE)
	42	kvm_queue_exception(&svm->vcpu, UD_VECTOR);
	43	return 1;
	44	--- a/arch/x86/kvm/vmx.c
	45	+++ b/arch/x86/kvm/vmx.c
	46	@@ -4899,6 +4899,8 @@ static int handle_exception(struct kvm_v
	47
	48	if (is_invalid_opcode(intr_info)) {
	49	er = emulate_instruction(vcpu, EMULTYPE_TRAP_UD);
	50	+ if (er == EMULATE_USER_EXIT)
	51	+ return 0;
	52	if (er != EMULATE_DONE)
	53	kvm_queue_exception(vcpu, UD_VECTOR);
	54	return 1;