KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
authorSean Christopherson <sean.j.christopherson@intel.com>
Tue, 2 Apr 2019 15:19:15 +0000 (08:19 -0700)
committerPaolo Bonzini <pbonzini@redhat.com>
Tue, 16 Apr 2019 13:39:07 +0000 (15:39 +0200)
commit11988499e62b310f3bf6f6d0a807a06d3f9ccc96
tree15b10aaa497dd7e4308278168361612b1baec035
parentc80add0f487e28c48e855245189dc28bd3d5c250
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes

KVM allows userspace to violate consistency checks related to the
guest's CPUID model to some degree.  Generally speaking, userspace has
carte blanche when it comes to guest state so long as jamming invalid
state won't negatively affect the host.

Currently this is seems to be a non-issue as most of the interesting
EFER checks are missing, e.g. NX and LME, but those will be added
shortly.  Proactively exempt userspace from the CPUID checks so as not
to break userspace.

Note, the efer_reserved_bits check still applies to userspace writes as
that mask reflects the host's capabilities, e.g. KVM shouldn't allow a
guest to run with NX=1 if it has been disabled in the host.

Fixes: d80174745ba39 ("KVM: SVM: Only allow setting of EFER_SVME when CPUID SVM is set")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
arch/x86/kvm/x86.c