Commit 0893d460 authored by Anthony Liguori's avatar Anthony Liguori
Browse files

Merge remote-tracking branch 'qemu-kvm/uq/master' into staging 



* qemu-kvm/uq/master:
  target-i386: kvm: prevent buffer overflow if -cpu foo, [x]level is too big
  vmxcap: bit 9 of VMX_PROCBASED_CTLS2 is 'virtual interrupt delivery'

Conflicts:
	target-i386/kvm.c

Trivial merge resolution due to lack of context.

Signed-off-by: default avatarAnthony Liguori <aliguori@us.ibm.com>
parents 0c770679 f8bb0565

scripts/kvm/vmxcap

+1 −0
Original line number Diff line number Diff line
@@ -147,6 +147,7 @@ controls = [ 
            5: 'Enable VPID',

            6: 'WBINVD exiting',

            7: 'Unrestricted guest',

            9: 'Virtual interrupt delivery',

            10: 'PAUSE-loop exiting',

            11: 'RDRAND exiting',

            12: 'Enable INVPCID',

target-i386/kvm.c

+25 −1
Original line number Diff line number Diff line
@@ -417,11 +417,13 @@ unsigned long kvm_arch_vcpu_id(CPUState *cs) 
    return cpu->env.cpuid_apic_id;

}



#define KVM_MAX_CPUID_ENTRIES  100



int kvm_arch_init_vcpu(CPUState *cs)

{

    struct {

        struct kvm_cpuid2 cpuid;

        struct kvm_cpuid_entry2 entries[100];

        struct kvm_cpuid_entry2 entries[KVM_MAX_CPUID_ENTRIES];

    } QEMU_PACKED cpuid_data;

    X86CPU *cpu = X86_CPU(cs);

    CPUX86State *env = &cpu->env;
@@ -508,6 +510,10 @@ int kvm_arch_init_vcpu(CPUState *cs) 
    cpu_x86_cpuid(env, 0, 0, &limit, &unused, &unused, &unused);



    for (i = 0; i <= limit; i++) {

        if (cpuid_i == KVM_MAX_CPUID_ENTRIES) {

            fprintf(stderr, "unsupported level value: 0x%x\n", limit);

            abort();

        }

        c = &cpuid_data.entries[cpuid_i++];



        switch (i) {
@@ -522,6 +528,11 @@ int kvm_arch_init_vcpu(CPUState *cs) 
            times = c->eax & 0xff;



            for (j = 1; j < times; ++j) {

                if (cpuid_i == KVM_MAX_CPUID_ENTRIES) {

                    fprintf(stderr, "cpuid_data is full, no space for "

                            "cpuid(eax:2):eax & 0xf = 0x%x\n", times);

                    abort();

                }

                c = &cpuid_data.entries[cpuid_i++];

                c->function = i;

                c->flags = KVM_CPUID_FLAG_STATEFUL_FUNC;
@@ -550,6 +561,11 @@ int kvm_arch_init_vcpu(CPUState *cs) 
                if (i == 0xd && c->eax == 0) {

                    continue;

                }

                if (cpuid_i == KVM_MAX_CPUID_ENTRIES) {

                    fprintf(stderr, "cpuid_data is full, no space for "

                            "cpuid(eax:0x%x,ecx:0x%x)\n", i, j);

                    abort();

                }

                c = &cpuid_data.entries[cpuid_i++];

            }

            break;
@@ -563,6 +579,10 @@ int kvm_arch_init_vcpu(CPUState *cs) 
    cpu_x86_cpuid(env, 0x80000000, 0, &limit, &unused, &unused, &unused);



    for (i = 0x80000000; i <= limit; i++) {

        if (cpuid_i == KVM_MAX_CPUID_ENTRIES) {

            fprintf(stderr, "unsupported xlevel value: 0x%x\n", limit);

            abort();

        }

        c = &cpuid_data.entries[cpuid_i++];



        c->function = i;
@@ -575,6 +595,10 @@ int kvm_arch_init_vcpu(CPUState *cs) 
        cpu_x86_cpuid(env, 0xC0000000, 0, &limit, &unused, &unused, &unused);



        for (i = 0xC0000000; i <= limit; i++) {

            if (cpuid_i == KVM_MAX_CPUID_ENTRIES) {

                fprintf(stderr, "unsupported xlevel2 value: 0x%x\n", limit);

                abort();

            }

            c = &cpuid_data.entries[cpuid_i++];



            c->function = i;