nSVM: Check for reserved encodings of TLB_CONTROL in nested VMCB

According to section "TLB Flush" in APM vol 2,

    "Support for TLB_CONTROL commands other than the first two, is
     optional and is indicated by CPUID Fn8000_000A_EDX[FlushByAsid].

     All encodings of TLB_CONTROL not defined in the APM are reserved."

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Message-Id: <20210920235134.101970-3-krish.sadhukhan@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 31fd4bd..f8b7bc0 100644 (file)
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -238,6 +238,18 @@ static bool nested_svm_check_bitmap_pa(struct kvm_vcpu *vcpu, u64 pa, u32 size)
            kvm_vcpu_is_legal_gpa(vcpu, addr + size - 1);
 }
 
+static bool nested_svm_check_tlb_ctl(struct kvm_vcpu *vcpu, u8 tlb_ctl)
+{
+       /* Nested FLUSHBYASID is not supported yet.  */
+       switch(tlb_ctl) {
+               case TLB_CONTROL_DO_NOTHING:
+               case TLB_CONTROL_FLUSH_ALL_ASID:
+                       return true;
+               default:
+                       return false;
+       }
+}
+
 static bool nested_vmcb_check_controls(struct kvm_vcpu *vcpu,
                                       struct vmcb_control_area *control)
 {
@@ -257,6 +269,9 @@ static bool nested_vmcb_check_controls(struct kvm_vcpu *vcpu,
                                           IOPM_SIZE)))
                return false;
 
+       if (CC(!nested_svm_check_tlb_ctl(vcpu, control->tlb_ctl)))
+               return false;
+
        return true;
 }