From patchwork Thu Mar 18 06:11:19 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sheng Yang <sheng@linux.intel.com>
X-Patchwork-Id: 86589
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by demeter.kernel.org (8.14.3/8.14.3) with ESMTP id o2I6BWF0011286
	for <patchwork-kvm@patchwork.kernel.org>;
	Thu, 18 Mar 2010 06:11:33 GMT
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751728Ab0CRGL2 (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Thu, 18 Mar 2010 02:11:28 -0400
Received: from mga14.intel.com ([143.182.124.37]:49580 "EHLO mga14.intel.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751204Ab0CRGLT (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 18 Mar 2010 02:11:19 -0400
Received: from azsmga001.ch.intel.com ([10.2.17.19])
	by azsmga102.ch.intel.com with ESMTP; 17 Mar 2010 23:11:19 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="4.51,264,1267430400"; d="scan'208";a="255987631"
Received: from syang10-desktop.sh.intel.com (HELO syang10-desktop)
	([10.239.36.15])
	by azsmga001.ch.intel.com with ESMTP; 17 Mar 2010 23:11:17 -0700
Received: from yasker by syang10-desktop with local (Exim 4.69)
	(envelope-from <sheng.yang@intel.com>)
	id 1Ns8wx-0005Nw-V0; Thu, 18 Mar 2010 14:11:19 +0800
From: Sheng Yang <sheng@linux.intel.com>
To: Greg KH <greg@kroah.com>
Cc: stable <stable@kernel.org>, kvm@vger.kernel.org,
	Avi Kivity <avi@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>,
	Alexander Graf <agraf@suse.de>, Sheng Yang <sheng@linux.intel.com>
Subject: [PATCH] KVM: VMX: Disable unrestricted guest when EPT disabled
Date: Thu, 18 Mar 2010 14:11:19 +0800
Message-Id: <1268892679-20674-1-git-send-email-sheng@linux.intel.com>
X-Mailer: git-send-email 1.6.3.3
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by
	milter-greylist-4.2.3 (demeter.kernel.org [140.211.167.41]);
	Thu, 18 Mar 2010 06:11:33 +0000 (UTC)


diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 80367c5..1092e8a 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2316,8 +2316,10 @@ static int vmx_vcpu_setup(struct vcpu_vmx *vmx)
 				~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
 		if (vmx->vpid == 0)
 			exec_control &= ~SECONDARY_EXEC_ENABLE_VPID;
-		if (!enable_ept)
+		if (!enable_ept) {
 			exec_control &= ~SECONDARY_EXEC_ENABLE_EPT;
+			enable_unrestricted_guest = 0;
+		}
 		if (!enable_unrestricted_guest)
 			exec_control &= ~SECONDARY_EXEC_UNRESTRICTED_GUEST;
		vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control);