From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 30 Jun 2015 00:48:32 +0000 (-0700)
Subject: 3.10-stable patches
X-Git-Tag: v3.10.83~10
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=db81c0a58a1c78519e8910febf3257b0eabf0091;p=thirdparty%2Fkernel%2Fstable-queue.git

3.10-stable patches

added patches:
	kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch
---

diff --git a/queue-3.10/kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch b/queue-3.10/kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch
new file mode 100644
index 00000000000..725ed908b50
--- /dev/null
+++ b/queue-3.10/kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch
@@ -0,0 +1,50 @@
+From f104765b4f81fd74d69e0eb161e89096deade2db Mon Sep 17 00:00:00 2001
+From: Bandan Das <bsd@redhat.com>
+Date: Thu, 11 Jun 2015 02:05:33 -0400
+Subject: KVM: nSVM: Check for NRIPS support before updating control field
+
+From: Bandan Das <bsd@redhat.com>
+
+commit f104765b4f81fd74d69e0eb161e89096deade2db upstream.
+
+If hardware doesn't support DecodeAssist - a feature that provides
+more information about the intercept in the VMCB, KVM decodes the
+instruction and then updates the next_rip vmcb control field.
+However, NRIP support itself depends on cpuid Fn8000_000A_EDX[NRIPS].
+Since skip_emulated_instruction() doesn't verify nrip support
+before accepting control.next_rip as valid, avoid writing this
+field if support isn't present.
+
+Signed-off-by: Bandan Das <bsd@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/svm.c |    8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+--- a/arch/x86/kvm/svm.c
++++ b/arch/x86/kvm/svm.c
+@@ -495,8 +495,10 @@ static void skip_emulated_instruction(st
+ {
+ 	struct vcpu_svm *svm = to_svm(vcpu);
+ 
+-	if (svm->vmcb->control.next_rip != 0)
++	if (svm->vmcb->control.next_rip != 0) {
++		WARN_ON(!static_cpu_has(X86_FEATURE_NRIPS));
+ 		svm->next_rip = svm->vmcb->control.next_rip;
++	}
+ 
+ 	if (!svm->next_rip) {
+ 		if (emulate_instruction(vcpu, EMULTYPE_SKIP) !=
+@@ -4229,7 +4231,9 @@ static int svm_check_intercept(struct kv
+ 		break;
+ 	}
+ 
+-	vmcb->control.next_rip  = info->next_rip;
++	/* TODO: Advertise NRIPS to guest hypervisor unconditionally */
++	if (static_cpu_has(X86_FEATURE_NRIPS))
++		vmcb->control.next_rip  = info->next_rip;
+ 	vmcb->control.exit_code = icpt_info.exit_code;
+ 	vmexit = nested_svm_exit_handled(svm);
+ 
diff --git a/queue-3.10/series b/queue-3.10/series
index d633bf07463..44499948012 100644
--- a/queue-3.10/series
+++ b/queue-3.10/series
@@ -18,3 +18,4 @@ ipv6-prevent-fib6_run_gc-contention.patch
 ipv6-update-ip6_rt_last_gc-every-time-gc-is-run.patch
 d_walk-might-skip-too-much.patch
 arm-clk-imx6q-refine-sata-s-parent.patch
+kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch