Skip to content

Commit 461b4ba

Browse files
Krish Sadhukhanbonzini
Krish Sadhukhan
authored and
bonzini
committed
KVM: nVMX: Move the checks for VM-Execution Control Fields to a separate helper function
.. to improve readability and maintainability, and to align the code as per the layout of the checks in chapter "VM Entries" in Intel SDM vol 3C. Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com> Reviewed-by: Mihai Carabas <mihai.carabas@oracle.com> Reviewed-by: Mark Kanda <mark.kanda@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
1 parent 16322a3 commit 461b4ba

File tree

1 file changed

+62
-69
lines changed

1 file changed

+62
-69
lines changed

arch/x86/kvm/vmx/nested.c

Lines changed: 62 additions & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -2444,94 +2444,90 @@ static bool valid_ept_address(struct kvm_vcpu *vcpu, u64 address)
24442444
return true;
24452445
}
24462446

2447-
static int nested_vmx_check_vmentry_prereqs(struct kvm_vcpu *vcpu,
2448-
struct vmcs12 *vmcs12)
2447+
/*
2448+
* Checks related to VM-Execution Control Fields
2449+
*/
2450+
static int nested_check_vm_execution_controls(struct kvm_vcpu *vcpu,
2451+
struct vmcs12 *vmcs12)
24492452
{
24502453
struct vcpu_vmx *vmx = to_vmx(vcpu);
2451-
bool ia32e;
2452-
2453-
if (vmcs12->guest_activity_state != GUEST_ACTIVITY_ACTIVE &&
2454-
vmcs12->guest_activity_state != GUEST_ACTIVITY_HLT)
2455-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2456-
2457-
if (nested_cpu_has_vpid(vmcs12) && !vmcs12->virtual_processor_id)
2458-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2459-
2460-
if (nested_vmx_check_io_bitmap_controls(vcpu, vmcs12))
2461-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2462-
2463-
if (nested_vmx_check_msr_bitmap_controls(vcpu, vmcs12))
2464-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2465-
2466-
if (nested_vmx_check_apic_access_controls(vcpu, vmcs12))
2467-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2468-
2469-
if (nested_vmx_check_tpr_shadow_controls(vcpu, vmcs12))
2470-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2471-
2472-
if (nested_vmx_check_apicv_controls(vcpu, vmcs12))
2473-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
24742454

2475-
if (nested_vmx_check_msr_switch_controls(vcpu, vmcs12))
2476-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2477-
2478-
if (!nested_cpu_has_preemption_timer(vmcs12) &&
2479-
nested_cpu_has_save_preemption_timer(vmcs12))
2480-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2481-
2482-
if (nested_vmx_check_pml_controls(vcpu, vmcs12))
2483-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2484-
2485-
if (nested_vmx_check_unrestricted_guest_controls(vcpu, vmcs12))
2486-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2487-
2488-
if (nested_vmx_check_mode_based_ept_exec_controls(vcpu, vmcs12))
2489-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2490-
2491-
if (nested_vmx_check_shadow_vmcs_controls(vcpu, vmcs12))
2492-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2493-
2494-
if (!vmx_control_verify(vmcs12->cpu_based_vm_exec_control,
2495-
vmx->nested.msrs.procbased_ctls_low,
2496-
vmx->nested.msrs.procbased_ctls_high) ||
2497-
(nested_cpu_has(vmcs12, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
2498-
!vmx_control_verify(vmcs12->secondary_vm_exec_control,
2499-
vmx->nested.msrs.secondary_ctls_low,
2500-
vmx->nested.msrs.secondary_ctls_high)) ||
2501-
!vmx_control_verify(vmcs12->pin_based_vm_exec_control,
2455+
if (!vmx_control_verify(vmcs12->pin_based_vm_exec_control,
25022456
vmx->nested.msrs.pinbased_ctls_low,
25032457
vmx->nested.msrs.pinbased_ctls_high) ||
2504-
!vmx_control_verify(vmcs12->vm_exit_controls,
2505-
vmx->nested.msrs.exit_ctls_low,
2506-
vmx->nested.msrs.exit_ctls_high) ||
2507-
!vmx_control_verify(vmcs12->vm_entry_controls,
2508-
vmx->nested.msrs.entry_ctls_low,
2509-
vmx->nested.msrs.entry_ctls_high))
2510-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2458+
!vmx_control_verify(vmcs12->cpu_based_vm_exec_control,
2459+
vmx->nested.msrs.procbased_ctls_low,
2460+
vmx->nested.msrs.procbased_ctls_high))
2461+
return -EINVAL;
25112462

2512-
if (nested_vmx_check_nmi_controls(vmcs12))
2513-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2463+
if (nested_cpu_has(vmcs12, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
2464+
!vmx_control_verify(vmcs12->secondary_vm_exec_control,
2465+
vmx->nested.msrs.secondary_ctls_low,
2466+
vmx->nested.msrs.secondary_ctls_high))
2467+
return -EINVAL;
2468+
2469+
if (vmcs12->cr3_target_count > nested_cpu_vmx_misc_cr3_count(vcpu) ||
2470+
nested_vmx_check_io_bitmap_controls(vcpu, vmcs12) ||
2471+
nested_vmx_check_msr_bitmap_controls(vcpu, vmcs12) ||
2472+
nested_vmx_check_tpr_shadow_controls(vcpu, vmcs12) ||
2473+
nested_vmx_check_apic_access_controls(vcpu, vmcs12) ||
2474+
nested_vmx_check_apicv_controls(vcpu, vmcs12) ||
2475+
nested_vmx_check_nmi_controls(vmcs12) ||
2476+
nested_vmx_check_pml_controls(vcpu, vmcs12) ||
2477+
nested_vmx_check_unrestricted_guest_controls(vcpu, vmcs12) ||
2478+
nested_vmx_check_mode_based_ept_exec_controls(vcpu, vmcs12) ||
2479+
nested_vmx_check_shadow_vmcs_controls(vcpu, vmcs12) ||
2480+
(nested_cpu_has_vpid(vmcs12) && !vmcs12->virtual_processor_id))
2481+
return -EINVAL;
2482+
2483+
if (nested_cpu_has_ept(vmcs12) &&
2484+
!valid_ept_address(vcpu, vmcs12->ept_pointer))
2485+
return -EINVAL;
25142486

25152487
if (nested_cpu_has_vmfunc(vmcs12)) {
25162488
if (vmcs12->vm_function_control &
25172489
~vmx->nested.msrs.vmfunc_controls)
2518-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2490+
return -EINVAL;
25192491

25202492
if (nested_cpu_has_eptp_switching(vmcs12)) {
25212493
if (!nested_cpu_has_ept(vmcs12) ||
25222494
!page_address_valid(vcpu, vmcs12->eptp_list_address))
2523-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2495+
return -EINVAL;
25242496
}
25252497
}
25262498

2527-
if (vmcs12->cr3_target_count > nested_cpu_vmx_misc_cr3_count(vcpu))
2499+
return 0;
2500+
}
2501+
2502+
static int nested_vmx_check_vmentry_prereqs(struct kvm_vcpu *vcpu,
2503+
struct vmcs12 *vmcs12)
2504+
{
2505+
struct vcpu_vmx *vmx = to_vmx(vcpu);
2506+
bool ia32e;
2507+
2508+
if (vmcs12->guest_activity_state != GUEST_ACTIVITY_ACTIVE &&
2509+
vmcs12->guest_activity_state != GUEST_ACTIVITY_HLT)
2510+
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2511+
2512+
if (nested_check_vm_execution_controls(vcpu, vmcs12))
25282513
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
25292514

2515+
if (nested_vmx_check_msr_switch_controls(vcpu, vmcs12))
2516+
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2517+
25302518
if (!nested_host_cr0_valid(vcpu, vmcs12->host_cr0) ||
25312519
!nested_host_cr4_valid(vcpu, vmcs12->host_cr4) ||
25322520
!nested_cr3_valid(vcpu, vmcs12->host_cr3))
25332521
return VMXERR_ENTRY_INVALID_HOST_STATE_FIELD;
25342522

2523+
if (!vmx_control_verify(vmcs12->vm_exit_controls,
2524+
vmx->nested.msrs.exit_ctls_low,
2525+
vmx->nested.msrs.exit_ctls_high) ||
2526+
!vmx_control_verify(vmcs12->vm_entry_controls,
2527+
vmx->nested.msrs.entry_ctls_low,
2528+
vmx->nested.msrs.entry_ctls_high))
2529+
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2530+
25352531
/*
25362532
* If the load IA32_EFER VM-exit control is 1, bits reserved in the
25372533
* IA32_EFER MSR must be 0 in the field for that register. In addition,
@@ -2603,10 +2599,6 @@ static int nested_vmx_check_vmentry_prereqs(struct kvm_vcpu *vcpu,
26032599
}
26042600
}
26052601

2606-
if (nested_cpu_has_ept(vmcs12) &&
2607-
!valid_ept_address(vcpu, vmcs12->ept_pointer))
2608-
return VMXERR_ENTRY_INVALID_CONTROL_FIELD;
2609-
26102602
return 0;
26112603
}
26122604

@@ -2638,7 +2630,8 @@ static int nested_vmx_check_vmcs_link_ptr(struct kvm_vcpu *vcpu,
26382630
}
26392631

26402632
static int nested_vmx_check_vmentry_postreqs(struct kvm_vcpu *vcpu,
2641-
struct vmcs12 *vmcs12, u32 *exit_qual)
2633+
struct vmcs12 *vmcs12,
2634+
u32 *exit_qual)
26422635
{
26432636
bool ia32e;
26442637

0 commit comments

Comments
 (0)