From 88f95c29db5949bf2ee667143bcf3561ae51aa6c Mon Sep 17 00:00:00 2001
From: Eduardo Habkost <ehabkost@redhat.com>
Date: Wed, 2 Sep 2009 16:15:11 -0300
Subject: [PATCH 2/2] VMX: Fix cr8 exiting control clobbering by EPT
Message-id: <20090830070644.GS30093@redhat.com>
Author: Gleb Natapov <gleb@redhat.com>
Patchwork-id: 3347
O-Subject: [PATCH] VMX: Fix cr8 exiting control clobbering by EPT
Bugzilla: 520285
CVE:
RH-Acked-by: Avi Kivity <avi@redhat.com>
RH-Acked-by: Juan Quintela <quintela@redhat.com>
RH-Acked-by: Kevin Wolf <kwolf@redhat.com>
Don't call adjust_vmx_controls() two times for the same control.
It restores options that were dropped earlier. This loses us the cr8
exit control, which causes a massive performance regression Windows x64.
Upstream status: 786212855ddce3df06e9c28ab228648f66e39409
BZ: 520285
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
--
Gleb.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
arch/x86/kvm/vmx.c | 9 +++------
1 files changed, 3 insertions(+), 6 deletions(-)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 8f5037f..3f1f928 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1205,12 +1205,9 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf)
if (_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_EPT) {
/* CR3 accesses and invlpg don't need to cause VM Exits when EPT
enabled */
- min &= ~(CPU_BASED_CR3_LOAD_EXITING |
- CPU_BASED_CR3_STORE_EXITING |
- CPU_BASED_INVLPG_EXITING);
- if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_PROCBASED_CTLS,
- &_cpu_based_exec_control) < 0)
- return -EIO;
+ _cpu_based_exec_control &= ~(CPU_BASED_CR3_LOAD_EXITING |
+ CPU_BASED_CR3_STORE_EXITING |
+ CPU_BASED_INVLPG_EXITING);
rdmsr(MSR_IA32_VMX_EPT_VPID_CAP,
vmx_capability.ept, vmx_capability.vpid);
}
--
1.6.3.rc4.29.g8146
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
3160499aacb81f6735941eb4c372d87a
>
files
>
442
