Rather than changing the host intercepts in nested_svm_vmrun, mask the intercepts we only want to see from the guest out in recalc_intercepts.
Signed-off-by: Joerg Roedel <[email protected]> --- arch/x86/kvm/svm.c | 17 ++++++++++------- 1 files changed, 10 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index c83315a..ab48dd4 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -102,6 +102,9 @@ struct nested_state { u32 intercept_exceptions; u64 intercept; + /* Mask of relevant host intercepts for recalculation */ + u32 intercept_cr_mask; + /* Nested Paging related state */ u64 nested_cr3; @@ -250,10 +253,11 @@ static void recalc_intercepts(struct vcpu_svm *svm) h = &svm->host_vmcb->control; g = &svm->nested; - c->intercept_cr = h->intercept_cr | g->intercept_cr; + c->intercept_cr = (h->intercept_cr & g->intercept_cr_mask) | + g->intercept_cr; c->intercept_dr = h->intercept_dr | g->intercept_dr; c->intercept_exceptions = h->intercept_exceptions | g->intercept_exceptions; - c->intercept = h->intercept | g->intercept; + c->intercept = (h->intercept & ~(INTERCEPT_VMMCALL)) | g->intercept; } static inline void set_cr_intercept(struct vcpu_svm *svm, int bit) @@ -2376,13 +2380,12 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm) svm->vcpu.arch.hflags |= HF_VINTR_MASK; /* We only want the cr8 intercept bits of the guest */ - clr_cr_intercept(svm, INTERCEPT_CR8_READ); - clr_cr_intercept(svm, INTERCEPT_CR8_WRITE); + svm->nested.intercept_cr_mask = ~(INTERCEPT_CR8_READ | + INTERCEPT_CR8_WRITE); + } else { + svm->nested.intercept_cr_mask = 0ULL; } - /* We don't want to see VMMCALLs from a nested guest */ - clr_intercept(svm, INTERCEPT_VMMCALL); - if (nested_vmcb->control.nested_ctl) { kvm_mmu_unload(&svm->vcpu); svm->nested.nested_cr3 = nested_vmcb->control.nested_cr3; -- 1.7.4.1 -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
