KVM: x86/mmu: nested EPT cannot be used in SMM

The role.base.smm flag is always zero when setting up shadow EPT,
do not bother copying it over from vcpu->arch.root_mmu.

Reviewed-by: David Matlack <dmatlack@google.com>
Reviewed-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index 7b08841..3a2d39f 100644 (file)
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -4953,9 +4953,11 @@ kvm_calc_shadow_ept_root_page_role(struct kvm_vcpu *vcpu, bool accessed_dirty,
 {
        union kvm_mmu_role role = {0};
 
-       /* SMM flag is inherited from root_mmu */
-       role.base.smm = vcpu->arch.root_mmu.mmu_role.base.smm;
-
+       /*
+        * KVM does not support SMM transfer monitors, and consequently does not
+        * support the "entry to SMM" control either.  role.base.smm is always 0.
+        */
+       WARN_ON_ONCE(is_smm(vcpu));
        role.base.level = level;
        role.base.has_4_byte_gpte = false;
        role.base.direct = false;