The host pkru is restored right after vcpu exit (commit 1be0e61), so
KVM_GET_XSAVE will return the host PKRU value instead. In general,
the PKRU value in vcpu->arch.guest_fpu.state cannot be trusted.
Series as follows:
1) fix independent bug which would cause an oops
2) remove an unnecessary abstraction
3) fix the bug
Please test the patches, as I don't have the affected hardware. Note
that I need the results before tomorrow in order to send these patches
to Linus before going on vacation.
Thanks,
Paolo
Paolo Bonzini (3):
KVM: x86: block guest protection keys unless the host has them enabled
KVM: x86: simplify handling of PKRU
KVM, pkeys: do not use PKRU value in vcpu->arch.guest_fpu.state
arch/x86/include/asm/fpu/internal.h | 6 +++---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/cpuid.c | 2 +-
arch/x86/kvm/kvm_cache_regs.h | 5 -----
arch/x86/kvm/mmu.h | 2 +-
arch/x86/kvm/svm.c | 7 -------
arch/x86/kvm/vmx.c | 25 ++++++++-----------------
arch/x86/kvm/x86.c | 17 ++++++++++++++---
8 files changed, 28 insertions(+), 37 deletions(-)