From: "Joerg Roedel" <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
To: "Avi Kivity" <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: [PATCH] SVM: forbid guest to execute monitor/mwait
Date: Wed, 21 Mar 2007 19:47:00 +0100 [thread overview]
Message-ID: <20070321184700.GA20139@amd.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 427 bytes --]
From: Joerg Roedel <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
This patch forbids the guest to execute monitor/mwait instructions on
SVM. This is necessary because the guest can execute these instructions
if they are available even if the kvm cpuid doesn't report its
existence.
Signed-off-by: Joerg Roedel <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
--
Joerg Roedel
Operating System Research Center
AMD Saxony LLC & Co. KG
[-- Attachment #2: kvm-svm-monitor-disable.patch --]
[-- Type: text/plain, Size: 1430 bytes --]
diff --git a/drivers/kvm/svm.c b/drivers/kvm/svm.c
index d3cc115..68a2520 100644
--- a/drivers/kvm/svm.c
+++ b/drivers/kvm/svm.c
@@ -511,7 +511,9 @@ static void init_vmcb(struct vmcb *vmcb)
(1ULL << INTERCEPT_VMSAVE) |
(1ULL << INTERCEPT_STGI) |
(1ULL << INTERCEPT_CLGI) |
- (1ULL << INTERCEPT_SKINIT);
+ (1ULL << INTERCEPT_SKINIT) |
+ (1ULL << INTERCEPT_MONITOR) |
+ (1ULL << INTERCEPT_MWAIT);
control->iopm_base_pa = iopm_base;
control->msrpm_base_pa = msrpm_base;
@@ -1292,6 +1294,8 @@ static int (*svm_exit_handlers[])(struct kvm_vcpu *vcpu,
[SVM_EXIT_STGI] = invalid_op_interception,
[SVM_EXIT_CLGI] = invalid_op_interception,
[SVM_EXIT_SKINIT] = invalid_op_interception,
+ [SVM_EXIT_MONITOR] = invalid_op_interception,
+ [SVM_EXIT_MWAIT] = invalid_op_interception,
};
diff --git a/drivers/kvm/svm.h b/drivers/kvm/svm.h
index df731c3..5e93814 100644
--- a/drivers/kvm/svm.h
+++ b/drivers/kvm/svm.h
@@ -44,6 +44,9 @@ enum {
INTERCEPT_RDTSCP,
INTERCEPT_ICEBP,
INTERCEPT_WBINVD,
+ INTERCEPT_MONITOR,
+ INTERCEPT_MWAIT,
+ INTERCEPT_MWAIT_COND,
};
@@ -298,6 +301,9 @@ struct __attribute__ ((__packed__)) vmcb {
#define SVM_EXIT_RDTSCP 0x087
#define SVM_EXIT_ICEBP 0x088
#define SVM_EXIT_WBINVD 0x089
+#define SVM_EXIT_MONITOR 0x08a
+#define SVM_EXIT_MWAIT 0x08b
+#define SVM_EXIT_MWAIT_COND 0x08c
#define SVM_EXIT_NPF 0x400
#define SVM_EXIT_ERR -1
[-- Attachment #3: Type: text/plain, Size: 345 bytes --]
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
[-- Attachment #4: Type: text/plain, Size: 186 bytes --]
_______________________________________________
kvm-devel mailing list
kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/kvm-devel
next reply other threads:[~2007-03-21 18:47 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-03-21 18:47 Joerg Roedel [this message]
[not found] ` <20070321184700.GA20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 7:38 ` [PATCH] SVM: forbid guest to execute monitor/mwait Avi Kivity
[not found] ` <46023264.4010105-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 9:56 ` Joerg Roedel
[not found] ` <20070322095605.GB20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 10:06 ` Avi Kivity
[not found] ` <46025528.5010707-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 10:17 ` Joerg Roedel
[not found] ` <20070322101729.GC20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 10:42 ` Avi Kivity
[not found] ` <46025D94.8050606-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 11:07 ` Joerg Roedel
[not found] ` <20070322110733.GE20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 11:40 ` Avi Kivity
[not found] ` <46026B2A.2080501-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 11:56 ` Joerg Roedel
[not found] ` <20070322115602.GF20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 12:01 ` Avi Kivity
[not found] ` <4602700E.1030500-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 12:22 ` Joerg Roedel
[not found] ` <20070322122249.GG20139-5C7GfCeVMHo@public.gmane.org>
2007-03-22 12:33 ` Avi Kivity
[not found] ` <460277AE.9040403-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2007-03-22 12:46 ` Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070321184700.GA20139@amd.com \
--to=joerg.roedel-5c7gfcevmho@public.gmane.org \
--cc=avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org \
--cc=kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.