KVM: x86: nSVM: don't copy virt_ext from vmcb12

These field correspond to features that we don't expose yet to L2 While currently there are no CVE worthy features in this field, if AMD adds more features to this field, that could allow guest escapes similar to CVE-2021-3653 and CVE-2021-3656. Signed-off-by: Maxim Levitsky <[email protected]> Message-Id: <[email protected]> Cc: [email protected] Signed-off-by: Paolo Bonzini <[email protected]>
author: Maxim Levitsky <[email protected]> 2021-09-14 18:48:16 +0300
committer: Paolo Bonzini <[email protected]> 2021-09-23 10:06:46 -0400
commit: faf6b755629627f19feafa75b32e81cd7738f12d (patch)
tree: db74db774aa57c6abeec1340a9d1806de8da51b7
parent: d1cba6c9223751f580dcd97501f513a8a9bf88bc (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index b41a21cac544..510b833cbd39 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -545,7 +545,6 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm)
 		(svm->nested.ctl.int_ctl & int_ctl_vmcb12_bits) |
 		(svm->vmcb01.ptr->control.int_ctl & int_ctl_vmcb01_bits);
 
-	svm->vmcb->control.virt_ext            = svm->nested.ctl.virt_ext;
 	svm->vmcb->control.int_vector          = svm->nested.ctl.int_vector;
 	svm->vmcb->control.int_state           = svm->nested.ctl.int_state;
 	svm->vmcb->control.event_inj           = svm->nested.ctl.event_inj;
author	Maxim Levitsky <[email protected]>	2021-09-14 18:48:16 +0300
committer	Paolo Bonzini <[email protected]>	2021-09-23 10:06:46 -0400
commit	faf6b755629627f19feafa75b32e81cd7738f12d (patch)
tree	db74db774aa57c6abeec1340a9d1806de8da51b7
parent	d1cba6c9223751f580dcd97501f513a8a9bf88bc (diff)