From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH 12/13] KVM: SVM: Add checks for IO instructions Date: Mon, 28 Mar 2011 14:28:12 +0200 Message-ID: <4D907EDC.1050607@redhat.com> References: <1301309210-11120-1-git-send-email-joerg.roedel@amd.com> <1301309210-11120-13-git-send-email-joerg.roedel@amd.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Marcelo Tosatti , kvm@vger.kernel.org To: Joerg Roedel Return-path: Received: from mx1.redhat.com ([209.132.183.28]:3375 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751919Ab1C1M2R (ORCPT ); Mon, 28 Mar 2011 08:28:17 -0400 In-Reply-To: <1301309210-11120-13-git-send-email-joerg.roedel@amd.com> Sender: kvm-owner@vger.kernel.org List-ID: On 03/28/2011 12:46 PM, Joerg Roedel wrote: > This patch adds code to check for IOIO intercepts on > instructions decoded by the KVM instruction emulator. > > > @@ -3926,6 +3926,10 @@ static struct __x86_intercept { > [x86_intercept_iret] = PRE_EX(SVM_EXIT_IRET), > [x86_intercept_icebp] = PRE_EX(SVM_EXIT_ICEBP), > [x86_intercept_hlt] = POST_EX(SVM_EXIT_HLT), > + [x86_intercept_in] = POST_EX(SVM_EXIT_IOIO), > + [x86_intercept_ins] = POST_EX(SVM_EXIT_IOIO), > + [x86_intercept_out] = POST_EX(SVM_EXIT_IOIO), > + [x86_intercept_outs] = POST_EX(SVM_EXIT_IOIO), > }; The spec indicates we need to check the TSS and IOPL based permissions before the intercept (vmx agrees). With the code as is, it happens afterwards. One way to do this is to have an ExtraChecks bit in the opcode::flags. Then opcode::u.xcheck->perms() is the pre-intercept check and opcode::u.xcheck->execute() is the post-intercept execution. Should work for monitor/mwait/rdtsc(p)/rdpmc/other crap x86 throws at us. -- error compiling committee.c: too many arguments to function