From 5b5db5906dc96f641b3bc48c9235f1844dd17aa4 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Fri, 21 Jun 2013 10:04:42 -0700
Subject: [PATCH] 3.4-stable patches

added patches:
	kvm-x86-remove-vcpu-s-cpl-check-in-host-invoked-xcr-set.patch
---
 ...-s-cpl-check-in-host-invoked-xcr-set.patch | 54 +++++++++++++++++++
 queue-3.4/series                              |  1 +
 2 files changed, 55 insertions(+)
 create mode 100644 queue-3.4/kvm-x86-remove-vcpu-s-cpl-check-in-host-invoked-xcr-set.patch

diff --git a/queue-3.4/kvm-x86-remove-vcpu-s-cpl-check-in-host-invoked-xcr-set.patch b/queue-3.4/kvm-x86-remove-vcpu-s-cpl-check-in-host-invoked-xcr-set.patch
new file mode 100644
index 00000000000..016f8c2ea08
--- /dev/null
+++ b/queue-3.4/kvm-x86-remove-vcpu-s-cpl-check-in-host-invoked-xcr-set.patch
@@ -0,0 +1,54 @@
+From 764bcbc5a6d7a2f3e75c9f0e4caa984e2926e346 Mon Sep 17 00:00:00 2001
+From: "Zhanghaoyu (A)" <haoyu.zhang@huawei.com>
+Date: Fri, 14 Jun 2013 07:36:13 +0000
+Subject: KVM: x86: remove vcpu's CPL check in host-invoked XCR set
+
+From: "Zhanghaoyu (A)" <haoyu.zhang@huawei.com>
+
+commit 764bcbc5a6d7a2f3e75c9f0e4caa984e2926e346 upstream.
+
+__kvm_set_xcr function does the CPL check when set xcr. __kvm_set_xcr is
+called in two flows, one is invoked by guest, call stack shown as below,
+
+  handle_xsetbv(or xsetbv_interception)
+    kvm_set_xcr
+      __kvm_set_xcr
+
+the other one is invoked by host, for example during system reset:
+
+  kvm_arch_vcpu_ioctl
+    kvm_vcpu_ioctl_x86_set_xcrs
+      __kvm_set_xcr
+
+The former does need the CPL check, but the latter does not.
+
+Signed-off-by: Zhang Haoyu <haoyu.zhang@huawei.com>
+[Tweaks to commit message. - Paolo]
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kvm/x86.c |    5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+--- a/arch/x86/kvm/x86.c
++++ b/arch/x86/kvm/x86.c
+@@ -555,8 +555,6 @@ int __kvm_set_xcr(struct kvm_vcpu *vcpu,
+ 	if (index != XCR_XFEATURE_ENABLED_MASK)
+ 		return 1;
+ 	xcr0 = xcr;
+-	if (kvm_x86_ops->get_cpl(vcpu) != 0)
+-		return 1;
+ 	if (!(xcr0 & XSTATE_FP))
+ 		return 1;
+ 	if ((xcr0 & XSTATE_YMM) && !(xcr0 & XSTATE_SSE))
+@@ -570,7 +568,8 @@ int __kvm_set_xcr(struct kvm_vcpu *vcpu,
+ 
+ int kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr)
+ {
+-	if (__kvm_set_xcr(vcpu, index, xcr)) {
++	if (kvm_x86_ops->get_cpl(vcpu) != 0 ||
++	    __kvm_set_xcr(vcpu, index, xcr)) {
+ 		kvm_inject_gp(vcpu, 0);
+ 		return 1;
+ 	}
diff --git a/queue-3.4/series b/queue-3.4/series
index 1c4e34debdb..3c3b1360090 100644
--- a/queue-3.4/series
+++ b/queue-3.4/series
@@ -2,3 +2,4 @@ alsa-usb-audio-fix-invalid-volume-resolution-for-logitech-hd-webcam-c310.patch
 alsa-usb-audio-work-around-android-accessory-firmware-bug.patch
 clk-remove-notifier-from-list-before-freeing-it.patch
 tilepro-work-around-module-link-error-with-gcc-4.7.patch
+kvm-x86-remove-vcpu-s-cpl-check-in-host-invoked-xcr-set.patch
-- 
2.47.3