KVM: x86: Bail to userspace if emulation of atomic user access faults

commit 5d6c7de6446e9ab3fb41d6f7d82770e50998f3de upstream.

Exit to userspace when emulating an atomic guest access if the CMPXCHG on
the userspace address faults.  Emulating the access as a write and thus
likely treating it as emulated MMIO is wrong, as KVM has already
confirmed there is a valid, writable memslot.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220202004945.2540433-6-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index a742deca6388cc586aab236f855236441a9dcb19..1560c7610f3141fd826c1ad248734f78fb4b74d6 100644 (file)
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -7108,7 +7108,7 @@ static int emulator_cmpxchg_emulated(struct x86_emulate_ctxt *ctxt,
        }
 
        if (r < 0)
-               goto emul_write;
+               return X86EMUL_UNHANDLEABLE;
        if (r)
                return X86EMUL_CMPXCHG_FAILED;