summaryrefslogtreecommitdiffstats
path: root/tools
diff options
context:
space:
mode:
authorRoman Kagan <rkagan@virtuozzo.com>2016-05-18 17:48:20 +0300
committerPaolo Bonzini <pbonzini@redhat.com>2016-05-25 16:11:37 +0200
commit3ce424e45411cf5a13105e0386b6ecf6eeb4f66f (patch)
treeb161e0b3526d9dea8d3070f080b0492611e08432 /tools
parent079d08555cd116e3e04cb588aad1fd6f08b2a31b (diff)
downloadlinux-3ce424e45411cf5a13105e0386b6ecf6eeb4f66f.tar.gz
linux-3ce424e45411cf5a13105e0386b6ecf6eeb4f66f.tar.bz2
linux-3ce424e45411cf5a13105e0386b6ecf6eeb4f66f.zip
kvm:vmx: more complete state update on APICv on/off
The function to update APICv on/off state (in particular, to deactivate it when enabling Hyper-V SynIC) is incomplete: it doesn't adjust APICv-related fields among secondary processor-based VM-execution controls. As a result, Windows 2012 guests get stuck when SynIC-based auto-EOI interrupt intersected with e.g. an IPI in the guest. In addition, the MSR intercept bitmap isn't updated every time "virtualize x2APIC mode" is toggled. This path can only be triggered by a malicious guest, because Windows didn't use x2APIC but rather their own synthetic APIC access MSRs; however a guest running in a SynIC-enabled VM could switch to x2APIC and thus obtain direct access to host APIC MSRs (CVE-2016-4440). The patch fixes those omissions. Signed-off-by: Roman Kagan <rkagan@virtuozzo.com> Reported-by: Steve Rutherford <srutherford@google.com> Reported-by: Yang Zhang <yang.zhang.wz@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'tools')
0 files changed, 0 insertions, 0 deletions