nEPT: fix INVEPT instruction parameter

While emulating the INVEPT instruction in L0 VMM, the EPT pointer
should be fetched from the instruction decoding result, but not
the current loaded EPT pointer.

Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Committed-by: Jan Beulich <jbeulich@suse.com>

diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index cf4d52096f15598ff89bebe384cbe7c0dbc4e09d..4f3f94d3c7eaecaee9317b8ef05d68f3a09dd754 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1705,7 +1705,7 @@ int nvmx_handle_invept(struct cpu_user_regs *regs)
     {
     case INVEPT_SINGLE_CONTEXT:
     {
-        struct p2m_domain *p2m = vcpu_nestedhvm(current).nv_p2m;
+        struct p2m_domain *p2m = p2m_get_nestedp2m(current, eptp);
         if ( p2m )
         {
             p2m_flush(current, p2m);