> @@ -7752,7 +7769,29 @@ static int handle_preemption_timer(struct kvm_vcpu
> *vcpu)
>
> static int handle_vmfunc(struct kvm_vcpu *vcpu)
> {
> - kvm_queue_exception(vcpu, UD_VECTOR);
> + struct vcpu_vmx *vmx = to_vmx(vcpu);
> + struct vmcs12 *vmcs12;
> + u32 function = vcpu->arch.regs[VCPU_REGS_RAX];
> +
> + /*
> + * VMFUNC is only supported for nested guests, but we always enable the
> + * secondary control for simplicity; for non-nested mode, fake that we
> + * didn't by injecting #UD.
> + */
> + if (!is_guest_mode(vcpu)) {
> + kvm_queue_exception(vcpu, UD_VECTOR);
> + return 1;
> + }
> +
> + vmcs12 = get_vmcs12(vcpu);
> + if ((vmcs12->vm_function_control & (1 << function)) == 0)
(learned that in c, shifting beyond the type size is undefined)
Should we check for function < 64 here? (as SDM mentions)
> + goto fail;
> + WARN(1, "VMCS12 VM function control should have been zero");
> +
> +fail:
We will never hit the case !nested_cpu_has_vmfunc(vmcs12) here, correct?
> + nested_vmx_vmexit(vcpu, vmx->exit_reason,
> + vmcs_read32(VM_EXIT_INTR_INFO),
> + vmcs_readl(EXIT_QUALIFICATION));
> return 1;
> }
>
--
Thanks,
David
