KVM: nVMX: Fix switching of debug state

First of all, do not blindly overwrite GUEST_DR7 on L2 entry. The host
may have guest debugging enabled. Then properly reset DR7 and DEBUG_CTL
on L2->L1 switch as specified in the SDM.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

1 files changed, 4 insertions, 1 deletions

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 58fb7c27e3b5..097f5d662275 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -6978,7 +6978,7 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
                 vmcs12->guest_interruptibility_info);
         vmcs_write32(GUEST_ACTIVITY_STATE, vmcs12->guest_activity_state);
         vmcs_write32(GUEST_SYSENTER_CS, vmcs12->guest_sysenter_cs);
-        vmcs_writel(GUEST_DR7, vmcs12->guest_dr7);
+        kvm_set_dr(vcpu, 7, vmcs12->guest_dr7);
         vmcs_writel(GUEST_RFLAGS, vmcs12->guest_rflags);
         vmcs_writel(GUEST_PENDING_DBG_EXCEPTIONS,
                 vmcs12->guest_pending_dbg_exceptions);
@@ -7492,6 +7492,9 @@ static void load_vmcs12_host_state(struct kvm_vcpu *vcpu,
         if (vmcs12->vm_exit_controls & VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL)
                 vmcs_write64(GUEST_IA32_PERF_GLOBAL_CTRL,
                         vmcs12->host_ia32_perf_global_ctrl);
+
+        kvm_set_dr(vcpu, 7, 0x400);
+        vmcs_write64(GUEST_IA32_DEBUGCTL, 0);
 }
 
 /*