3 files changed, 9 insertions, 6 deletions

diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 2ba58206812a..737361fcd503 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -2067,7 +2067,7 @@ static int cpuid_interception(struct vcpu_svm *svm)
 static int iret_interception(struct vcpu_svm *svm)
 {
         ++svm->vcpu.stat.nmi_window_exits;
-        svm->vmcb->control.intercept &= ~(1UL << INTERCEPT_IRET);
+        svm->vmcb->control.intercept &= ~(1ULL << INTERCEPT_IRET);
         svm->vcpu.arch.hflags |= HF_IRET_MASK;
         return 1;
 }
@@ -2479,7 +2479,7 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu)
 
         svm->vmcb->control.event_inj = SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI;
         vcpu->arch.hflags |= HF_NMI_MASK;
-        svm->vmcb->control.intercept |= (1UL << INTERCEPT_IRET);
+        svm->vmcb->control.intercept |= (1ULL << INTERCEPT_IRET);
         ++vcpu->stat.nmi_injections;
 }
 
@@ -2539,10 +2539,10 @@ static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked)
 
         if (masked) {
                 svm->vcpu.arch.hflags |= HF_NMI_MASK;
-                svm->vmcb->control.intercept |= (1UL << INTERCEPT_IRET);
+                svm->vmcb->control.intercept |= (1ULL << INTERCEPT_IRET);
         } else {
                 svm->vcpu.arch.hflags &= ~HF_NMI_MASK;
-                svm->vmcb->control.intercept &= ~(1UL << INTERCEPT_IRET);
+                svm->vmcb->control.intercept &= ~(1ULL << INTERCEPT_IRET);
         }
 }
 
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 32022a8a5c3b..edca080407a5 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2703,8 +2703,7 @@ static int vmx_nmi_allowed(struct kvm_vcpu *vcpu)
                 return 0;
 
         return  !(vmcs_read32(GUEST_INTERRUPTIBILITY_INFO) &
-                        (GUEST_INTR_STATE_STI | GUEST_INTR_STATE_MOV_SS |
-                                GUEST_INTR_STATE_NMI));
+                        (GUEST_INTR_STATE_MOV_SS | GUEST_INTR_STATE_NMI));
 }
 
 static bool vmx_get_nmi_mask(struct kvm_vcpu *vcpu)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 73d854c36e39..dd9bc8fb81ab 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1713,6 +1713,7 @@ static int kvm_vcpu_ioctl_set_cpuid(struct kvm_vcpu *vcpu,
         if (copy_from_user(cpuid_entries, entries,
                            cpuid->nent * sizeof(struct kvm_cpuid_entry)))
                 goto out_free;
+        vcpu_load(vcpu);
         for (i = 0; i < cpuid->nent; i++) {
                 vcpu->arch.cpuid_entries[i].function = cpuid_entries[i].function;
                 vcpu->arch.cpuid_entries[i].eax = cpuid_entries[i].eax;
@@ -1730,6 +1731,7 @@ static int kvm_vcpu_ioctl_set_cpuid(struct kvm_vcpu *vcpu,
         r = 0;
         kvm_apic_set_version(vcpu);
         kvm_x86_ops->cpuid_update(vcpu);
+        vcpu_put(vcpu);
 
 out_free:
         vfree(cpuid_entries);
@@ -1750,9 +1752,11 @@ static int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
         if (copy_from_user(&vcpu->arch.cpuid_entries, entries,
                            cpuid->nent * sizeof(struct kvm_cpuid_entry2)))
                 goto out;
+        vcpu_load(vcpu);
         vcpu->arch.cpuid_nent = cpuid->nent;
         kvm_apic_set_version(vcpu);
         kvm_x86_ops->cpuid_update(vcpu);
+        vcpu_put(vcpu);
         return 0;
 
 out: