[RHEL7,COMMIT] ms/KVM: x86: set ctxt->have_exception in x86_decode_insn()

Submitted by Konstantin Khorenko on Oct. 3, 2019, 12:03 p.m.


Message ID 201910031203.x93C3m7b010751@finist-ce7.sw.ru
State New
Series "ms/KVM: x86: set ctxt->have_exception in x86_decode_insn()"
Headers show

Commit Message

Konstantin Khorenko Oct. 3, 2019, 12:03 p.m.
The commit is pushed to "branch-rh7-3.10.0-957.27.2.vz7.107.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-957.27.2.vz7.107.13
commit 0233d7fda444bf90759fcaec1dbd810c2298eb1d
Author: Jan Dakinevich <jan.dakinevich@virtuozzo.com>
Date:   Thu Oct 3 15:03:47 2019 +0300

    ms/KVM: x86: set ctxt->have_exception in x86_decode_insn()
    x86_emulate_instruction() takes into account ctxt->have_exception flag
    during instruction decoding, but in practice this flag is never set in
    Fixes: 6ea6e84309ca ("KVM: x86: inject exceptions produced by x86_decode_insn")
    Cc: stable@vger.kernel.org
    Cc: Denis Lunev <den@virtuozzo.com>
    Cc: Roman Kagan <rkagan@virtuozzo.com>
    Cc: Denis Plotnikov <dplotnikov@virtuozzo.com>
    Signed-off-by: Jan Dakinevich <jan.dakinevich@virtuozzo.com>
    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
    (cherry-picked from c8848cee74ff05638e913582a476bde879c968ad)
    Patchset description:
    fix emulation error on Windows bootup
    This series intended to fix (again) a bug that was a subject of the
    following change:
      6ea6e84 ("KVM: x86: inject exceptions produced by x86_decode_insn")
    Suddenly, that fix had a couple mistakes. First, ctxt->have_exception was
    not set if fault happened during instruction decoding. Second, returning
    value of inject_emulated_instruction was used to make the decision to
    reenter guest, but this could happen iff on nested page fault, that is not
    the scope where this bug could occur.
    Jan Dakinevich (2):
      KVM: x86: always stop emulation on page fault
      KVM: x86: set ctxt->have_exception in x86_decode_insn()
    Paolo Bonzini (1):
      KVM: x86: inject exceptions produced by x86_decode_insn
 arch/x86/kvm/emulate.c | 2 ++
 arch/x86/kvm/x86.c     | 6 ++++++
 2 files changed, 8 insertions(+)

Patch hide | download patch | download mbox

diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
index 94898cd05857..93d2203a7942 100644
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -5311,6 +5311,8 @@  int x86_decode_insn(struct x86_emulate_ctxt *ctxt, void *insn, int insn_len)
 					ctxt->memopp->addr.mem.ea + ctxt->_eip);
+		ctxt->have_exception = true;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 8ed5b23ff055..980d469f3f63 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -5760,6 +5760,12 @@  int x86_emulate_instruction(struct kvm_vcpu *vcpu,
 				return EMULATE_DONE;
 			if (ctxt->have_exception) {
+				/*
+				 * #UD should result in just EMULATION_FAILED, and trap-like
+				 * exception should not be encountered during decode.
+				 */
+				WARN_ON_ONCE(ctxt->exception.vector == UD_VECTOR ||
+					     exception_type(ctxt->exception.vector) == EXCPT_TRAP);
 				return EMULATE_DONE;