KVM: nVMX: Force enlightened VMCS sync from nested_vmx_failValid()

'need_vmcs12_to_shadow_sync' is used for both shadow and enlightened
VMCS sync when we exit to L1. The comment in nested_vmx_failValid()
validly states why shadow vmcs sync can be omitted but this doesn't
apply to enlightened VMCS as it 'shadows' all VMCS12 fields.

Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210526132026.270394-9-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 3787be1..c73668b 100644 (file)
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -173,9 +173,13 @@ static int nested_vmx_failValid(struct kvm_vcpu *vcpu,
                        | X86_EFLAGS_ZF);
        get_vmcs12(vcpu)->vm_instruction_error = vm_instruction_error;
        /*
-        * We don't need to force a shadow sync because
-        * VM_INSTRUCTION_ERROR is not shadowed
+        * We don't need to force sync to shadow VMCS because
+        * VM_INSTRUCTION_ERROR is not shadowed. Enlightened VMCS 'shadows' all
+        * fields and thus must be synced.
         */
+       if (to_vmx(vcpu)->nested.hv_evmcs_vmptr != EVMPTR_INVALID)
+               to_vmx(vcpu)->nested.need_vmcs12_to_shadow_sync = true;
+
        return kvm_skip_emulated_instruction(vcpu);
 }