| From aede44fd0e5e3b4155c4cd4a06f48dd8f75c1845 Mon Sep 17 00:00:00 2001 |
| From: Oliver Upton <oupton@google.com> |
| Date: Fri, 7 Feb 2020 02:36:04 -0800 |
| Subject: [PATCH] KVM: x86: Mask off reserved bit from #DB exception payload |
| |
| commit 307f1cfa269657c63cfe2c932386fcc24684d9dd upstream. |
| |
| KVM defines the #DB payload as compatible with the 'pending debug |
| exceptions' field under VMX, not DR6. Mask off bit 12 when applying the |
| payload to DR6, as it is reserved on DR6 but not the 'pending debug |
| exceptions' field. |
| |
| Fixes: f10c729ff965 ("kvm: vmx: Defer setting of DR6 until #DB delivery") |
| Signed-off-by: Oliver Upton <oupton@google.com> |
| Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c |
| index 1fca05eb63d9..1c83722652e8 100644 |
| --- a/arch/x86/kvm/x86.c |
| +++ b/arch/x86/kvm/x86.c |
| @@ -440,6 +440,14 @@ void kvm_deliver_exception_payload(struct kvm_vcpu *vcpu) |
| * for #DB exceptions under VMX. |
| */ |
| vcpu->arch.dr6 ^= payload & DR6_RTM; |
| + |
| + /* |
| + * The #DB payload is defined as compatible with the 'pending |
| + * debug exceptions' field under VMX, not DR6. While bit 12 is |
| + * defined in the 'pending debug exceptions' field (enabled |
| + * breakpoint), it is reserved and must be zero in DR6. |
| + */ |
| + vcpu->arch.dr6 &= ~BIT(12); |
| break; |
| case PF_VECTOR: |
| vcpu->arch.cr2 = payload; |
| -- |
| 2.7.4 |
| |
