On 16/06/2016 13:49, Borislav Petkov wrote:
>> > enum segment_cache_field {
>> > @@ -2907,7 +2908,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct
>> > msr_data *msr_info)
>> > case MSR_IA32_FEATURE_CONTROL:
>> > if (!nested_vmx_allowed(vcpu))
>> > return 1;
>> > - msr_info->data = to_vmx(vcpu)->nested.msr_ia32_feature_control;
>> > + msr_info->data = to_vmx(vcpu)->msr_ia32_feature_control;
> Since this moves out of struct nested_vmx, that check above it:
>
> if (!nested_vmx_allowed(vcpu))
>
> should not influence it anymore, no?
For get, yes, this "if" should go.
For set, you need to check that the guest doesn't write to reserved
bits. So as of this patch the "if" remains tied to VMX, but the next
patch changes it to be generic.
Paolo
> Ditto for the rest.
