From 0f8435b322a6c33d26caea389f0584273ae11b5b Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 29 Jun 2015 17:48:34 -0700
Subject: [PATCH] 3.14-stable patches

added patches:
	kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch
---
 ...upport-before-updating-control-field.patch | 50 +++++++++++++++++++
 queue-3.14/series                             |  1 +
 2 files changed, 51 insertions(+)
 create mode 100644 queue-3.14/kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch

diff --git a/queue-3.14/kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch b/queue-3.14/kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch
new file mode 100644
index 00000000000..18fb372beb5
--- /dev/null
+++ b/queue-3.14/kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch
@@ -0,0 +1,50 @@
+From f104765b4f81fd74d69e0eb161e89096deade2db Mon Sep 17 00:00:00 2001
+From: Bandan Das <bsd@redhat.com>
+Date: Thu, 11 Jun 2015 02:05:33 -0400
+Subject: KVM: nSVM: Check for NRIPS support before updating control field
+
+From: Bandan Das <bsd@redhat.com>
+
+commit f104765b4f81fd74d69e0eb161e89096deade2db upstream.
+
+If hardware doesn't support DecodeAssist - a feature that provides
+more information about the intercept in the VMCB, KVM decodes the
+instruction and then updates the next_rip vmcb control field.
+However, NRIP support itself depends on cpuid Fn8000_000A_EDX[NRIPS].
+Since skip_emulated_instruction() doesn't verify nrip support
+before accepting control.next_rip as valid, avoid writing this
+field if support isn't present.
+
+Signed-off-by: Bandan Das <bsd@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/svm.c |    8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+--- a/arch/x86/kvm/svm.c
++++ b/arch/x86/kvm/svm.c
+@@ -495,8 +495,10 @@ static void skip_emulated_instruction(st
+ {
+ 	struct vcpu_svm *svm = to_svm(vcpu);
+ 
+-	if (svm->vmcb->control.next_rip != 0)
++	if (svm->vmcb->control.next_rip != 0) {
++		WARN_ON(!static_cpu_has(X86_FEATURE_NRIPS));
+ 		svm->next_rip = svm->vmcb->control.next_rip;
++	}
+ 
+ 	if (!svm->next_rip) {
+ 		if (emulate_instruction(vcpu, EMULTYPE_SKIP) !=
+@@ -4246,7 +4248,9 @@ static int svm_check_intercept(struct kv
+ 		break;
+ 	}
+ 
+-	vmcb->control.next_rip  = info->next_rip;
++	/* TODO: Advertise NRIPS to guest hypervisor unconditionally */
++	if (static_cpu_has(X86_FEATURE_NRIPS))
++		vmcb->control.next_rip  = info->next_rip;
+ 	vmcb->control.exit_code = icpt_info.exit_code;
+ 	vmexit = nested_svm_exit_handled(svm);
+ 
diff --git a/queue-3.14/series b/queue-3.14/series
index 4c7fd46f12b..0ac014aa802 100644
--- a/queue-3.14/series
+++ b/queue-3.14/series
@@ -13,3 +13,4 @@ btrfs-make-xattr-replace-operations-atomic.patch
 net-mlx4_en-don-t-attempt-to-tx-offload-the-outer-udp-checksum-for-vxlan.patch
 splice-apply-generic-position-and-size-checks-to-each-write.patch
 arm-clk-imx6q-refine-sata-s-parent.patch
+kvm-nsvm-check-for-nrips-support-before-updating-control-field.patch
-- 
2.47.3