From: Yang Zhang <yang.z.zhang@intel.com>
To: xen-devel@lists.xensource.com
Cc: Yang Zhang <yang.z.zhang@Intel.com>,
Andrew.Cooper3@citrix.com, eddie.dong@intel.com,
JBeulich@suse.com
Subject: [PATCH v3 3/3] Nested VMX: Fix IA32_VMX_CR4_FIXED1 msr emulation
Date: Wed, 11 Sep 2013 10:52:40 +0800 [thread overview]
Message-ID: <1378867960-10950-4-git-send-email-yang.z.zhang@intel.com> (raw)
In-Reply-To: <1378867960-10950-1-git-send-email-yang.z.zhang@intel.com>
From: Yang Zhang <yang.z.zhang@Intel.com>
Currently, it use hardcode value for IA32_VMX_CR4_FIXED1. This is wrong.
We should check guest's cpuid to know which bits are writeable in CR4 by guest
and allow the guest to set the corresponding bit only when guest has the feature.
Signed-off-by: Yang Zhang <yang.z.zhang@Intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 49 ++++++++++++++++++++++++++++++++++++-
xen/include/asm-x86/cpufeature.h | 1 +
xen/include/asm-x86/processor.h | 1 +
3 files changed, 49 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index 48cfbc6..f9c7832 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1947,8 +1947,53 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
data = X86_CR4_VMXE;
break;
case MSR_IA32_VMX_CR4_FIXED1:
- /* allow 0-settings except SMXE */
- data = 0x267ff & ~X86_CR4_SMXE;
+ if ( edx & cpufeat_mask(X86_FEATURE_VME) )
+ data |= X86_CR4_VME | X86_CR4_PVI;
+ if ( edx & cpufeat_mask(X86_FEATURE_TSC) )
+ data |= X86_CR4_TSD;
+ if ( edx & cpufeat_mask(X86_FEATURE_DE) )
+ data |= X86_CR4_DE;
+ if ( edx & cpufeat_mask(X86_FEATURE_PSE) )
+ data |= X86_CR4_PSE;
+ if ( edx & cpufeat_mask(X86_FEATURE_PAE) )
+ data |= X86_CR4_PAE;
+ if ( edx & cpufeat_mask(X86_FEATURE_MCE) )
+ data |= X86_CR4_MCE;
+ if ( edx & cpufeat_mask(X86_FEATURE_PGE) )
+ data |= X86_CR4_PGE;
+ if ( edx & cpufeat_mask(X86_FEATURE_FXSR) )
+ data |= X86_CR4_OSFXSR;
+ if ( edx & cpufeat_mask(X86_FEATURE_XMM) )
+ data |= X86_CR4_OSXMMEXCPT;
+ if ( ecx & cpufeat_mask(X86_FEATURE_VMXE) )
+ data |= X86_CR4_VMXE;
+ if ( ecx & cpufeat_mask(X86_FEATURE_SMXE) )
+ data |= X86_CR4_SMXE;
+ if ( ecx & cpufeat_mask(X86_FEATURE_PCID) )
+ data |= X86_CR4_PCIDE;
+ if ( ecx & cpufeat_mask(X86_FEATURE_XSAVE) )
+ data |= X86_CR4_OSXSAVE;
+
+ hvm_cpuid(0x0, &eax, &ebx, &ecx, &edx);
+ if ( eax >= 0x7 )
+ {
+ ecx = 0;
+ hvm_cpuid(0x7, &ecx, &ebx, &ecx, &edx);
+ if ( ebx & cpufeat_mask(X86_FEATURE_FSGSBASE) )
+ data |= X86_CR4_FSGSBASE;
+ if ( ebx & cpufeat_mask(X86_FEATURE_SMEP) )
+ data |= X86_CR4_SMEP;
+ if ( ebx & cpufeat_mask(X86_FEATURE_SMAP) )
+ data |= X86_CR4_SMAP;
+
+ if ( eax >= 0xa )
+ {
+ hvm_cpuid(0xa, &eax, &ebx, &ecx, &edx);
+ /* Check whether guest has the perf monitor feature. */
+ if ( (eax & 0xff) && (eax & 0xff00) )
+ data |= X86_CR4_PCE;
+ }
+ }
break;
case MSR_IA32_VMX_MISC:
/* Do not support CR3-target feature now */
diff --git a/xen/include/asm-x86/cpufeature.h b/xen/include/asm-x86/cpufeature.h
index 065c265..73d5cb6 100644
--- a/xen/include/asm-x86/cpufeature.h
+++ b/xen/include/asm-x86/cpufeature.h
@@ -148,6 +148,7 @@
#define X86_FEATURE_INVPCID (7*32+10) /* Invalidate Process Context ID */
#define X86_FEATURE_RTM (7*32+11) /* Restricted Transactional Memory */
#define X86_FEATURE_NO_FPU_SEL (7*32+13) /* FPU CS/DS stored as zero */
+#define X86_FEATURE_SMAP (7*32+ 20) /* Supervisor Mode Access Prevention */
#define cpu_has(c, bit) test_bit(bit, (c)->x86_capability)
#define boot_cpu_has(bit) test_bit(bit, boot_cpu_data.x86_capability)
diff --git a/xen/include/asm-x86/processor.h b/xen/include/asm-x86/processor.h
index 5cdacc7..893afa3 100644
--- a/xen/include/asm-x86/processor.h
+++ b/xen/include/asm-x86/processor.h
@@ -87,6 +87,7 @@
#define X86_CR4_PCIDE 0x20000 /* enable PCID */
#define X86_CR4_OSXSAVE 0x40000 /* enable XSAVE/XRSTOR */
#define X86_CR4_SMEP 0x100000/* enable SMEP */
+#define X86_CR4_SMAP 0x200000/* enable SMAP */
/*
* Trap/fault mnemonics.
--
1.7.1
next prev parent reply other threads:[~2013-09-11 2:52 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-11 2:52 [PATCH v3 0/3] Nested VMX: fix bugs when reading VMX MSRs Yang Zhang
2013-09-11 2:52 ` [PATCH v3 1/3] Nested VMX: Check VMX capability before read VMX related MSRs Yang Zhang
2013-09-11 7:31 ` Jan Beulich
2013-09-11 8:35 ` Andrew Cooper
2013-09-11 8:47 ` Zhang, Yang Z
2013-09-11 2:52 ` [PATCH v3 2/3] Nested VMX: Clear bit 31 of IA32_VMX_BASIC MSR Yang Zhang
2013-09-11 7:31 ` Jan Beulich
2013-09-11 2:52 ` Yang Zhang [this message]
2013-09-11 7:39 ` [PATCH v3 3/3] Nested VMX: Fix IA32_VMX_CR4_FIXED1 msr emulation Jan Beulich
2013-09-17 2:25 ` Zhang, Yang Z
2013-09-17 6:21 ` Jan Beulich
2013-09-22 5:34 ` Zhang, Yang Z
2013-09-23 10:15 ` Jan Beulich
2013-09-24 1:19 ` Zhang, Yang Z
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1378867960-10950-4-git-send-email-yang.z.zhang@intel.com \
--to=yang.z.zhang@intel.com \
--cc=Andrew.Cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=eddie.dong@intel.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).