diff options
| -rw-r--r-- | arch/x86/kvm/vmx.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 1f2c69de7872..954e26079cd6 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c | |||
| @@ -2818,7 +2818,6 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx) | |||
| 2818 | vmx->nested.nested_vmx_secondary_ctls_high); | 2818 | vmx->nested.nested_vmx_secondary_ctls_high); |
| 2819 | vmx->nested.nested_vmx_secondary_ctls_low = 0; | 2819 | vmx->nested.nested_vmx_secondary_ctls_low = 0; |
| 2820 | vmx->nested.nested_vmx_secondary_ctls_high &= | 2820 | vmx->nested.nested_vmx_secondary_ctls_high &= |
| 2821 | SECONDARY_EXEC_RDSEED | | ||
| 2822 | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | | 2821 | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | |
| 2823 | SECONDARY_EXEC_DESC | | 2822 | SECONDARY_EXEC_DESC | |
| 2824 | SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | | 2823 | SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | |
| @@ -3671,6 +3670,7 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf) | |||
| 3671 | SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | | 3670 | SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | |
| 3672 | SECONDARY_EXEC_SHADOW_VMCS | | 3671 | SECONDARY_EXEC_SHADOW_VMCS | |
| 3673 | SECONDARY_EXEC_XSAVES | | 3672 | SECONDARY_EXEC_XSAVES | |
| 3673 | SECONDARY_EXEC_RDSEED | | ||
| 3674 | SECONDARY_EXEC_RDRAND | | 3674 | SECONDARY_EXEC_RDRAND | |
| 3675 | SECONDARY_EXEC_ENABLE_PML | | 3675 | SECONDARY_EXEC_ENABLE_PML | |
| 3676 | SECONDARY_EXEC_TSC_SCALING | | 3676 | SECONDARY_EXEC_TSC_SCALING | |
| @@ -5280,6 +5280,12 @@ static bool vmx_rdrand_supported(void) | |||
| 5280 | SECONDARY_EXEC_RDRAND; | 5280 | SECONDARY_EXEC_RDRAND; |
| 5281 | } | 5281 | } |
| 5282 | 5282 | ||
| 5283 | static bool vmx_rdseed_supported(void) | ||
| 5284 | { | ||
| 5285 | return vmcs_config.cpu_based_2nd_exec_ctrl & | ||
| 5286 | SECONDARY_EXEC_RDSEED; | ||
| 5287 | } | ||
| 5288 | |||
| 5283 | static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx) | 5289 | static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx) |
| 5284 | { | 5290 | { |
| 5285 | struct kvm_vcpu *vcpu = &vmx->vcpu; | 5291 | struct kvm_vcpu *vcpu = &vmx->vcpu; |
| @@ -5364,6 +5370,21 @@ static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx) | |||
| 5364 | } | 5370 | } |
| 5365 | } | 5371 | } |
| 5366 | 5372 | ||
| 5373 | if (vmx_rdseed_supported()) { | ||
| 5374 | bool rdseed_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDSEED); | ||
| 5375 | if (rdseed_enabled) | ||
| 5376 | exec_control &= ~SECONDARY_EXEC_RDSEED; | ||
| 5377 | |||
| 5378 | if (nested) { | ||
| 5379 | if (rdseed_enabled) | ||
| 5380 | vmx->nested.nested_vmx_secondary_ctls_high |= | ||
| 5381 | SECONDARY_EXEC_RDSEED; | ||
| 5382 | else | ||
| 5383 | vmx->nested.nested_vmx_secondary_ctls_high &= | ||
| 5384 | ~SECONDARY_EXEC_RDSEED; | ||
| 5385 | } | ||
| 5386 | } | ||
| 5387 | |||
| 5367 | vmx->secondary_exec_control = exec_control; | 5388 | vmx->secondary_exec_control = exec_control; |
| 5368 | } | 5389 | } |
| 5369 | 5390 | ||
| @@ -8119,6 +8140,7 @@ static int (*const kvm_vmx_exit_handlers[])(struct kvm_vcpu *vcpu) = { | |||
| 8119 | [EXIT_REASON_INVEPT] = handle_invept, | 8140 | [EXIT_REASON_INVEPT] = handle_invept, |
| 8120 | [EXIT_REASON_INVVPID] = handle_invvpid, | 8141 | [EXIT_REASON_INVVPID] = handle_invvpid, |
| 8121 | [EXIT_REASON_RDRAND] = handle_invalid_op, | 8142 | [EXIT_REASON_RDRAND] = handle_invalid_op, |
| 8143 | [EXIT_REASON_RDSEED] = handle_invalid_op, | ||
| 8122 | [EXIT_REASON_XSAVES] = handle_xsaves, | 8144 | [EXIT_REASON_XSAVES] = handle_xsaves, |
| 8123 | [EXIT_REASON_XRSTORS] = handle_xrstors, | 8145 | [EXIT_REASON_XRSTORS] = handle_xrstors, |
| 8124 | [EXIT_REASON_PML_FULL] = handle_pml_full, | 8146 | [EXIT_REASON_PML_FULL] = handle_pml_full, |