x86/svm: correct EFER.SVME intercept checks

author Brian Woods <brian.woods@amd.com>

Mon, 5 Feb 2018 09:15:25 +0000 (10:15 +0100)

committer Jan Beulich <jbeulich@suse.com>

Mon, 5 Feb 2018 09:15:25 +0000 (10:15 +0100)
author Brian Woods <brian.woods@amd.com>
Mon, 5 Feb 2018 09:15:25 +0000 (10:15 +0100)
committer Jan Beulich <jbeulich@suse.com>
Mon, 5 Feb 2018 09:15:25 +0000 (10:15 +0100)
diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c

index 1f7b0d3e88b83376716a6f2dcbfb2dcd47fa0d24..1f5981fc18a2d893db25be790ee7a9e19b449a0c 100644 (file)
--- a/xen/arch/x86/hvm/svm/nestedsvm.c
+++ b/xen/arch/x86/hvm/svm/nestedsvm.c
@@ -1620,7 +1620,12 @@ void svm_vmexit_do_stgi(struct cpu_user_regs *regs, struct vcpu *v)
  {
      unsigned int inst_len;
  
-    if ( !nestedhvm_enabled(v->domain) ) {
+    /*
+     * STGI doesn't require SVME to be set to be used.  See AMD APM vol
+     * 2 section 15.4 for details.
+     */
+    if ( !nestedhvm_enabled(v->domain) )
+    {
          hvm_inject_hw_exception(TRAP_invalid_op, X86_EVENT_NO_EC);
          return;
      }
@@ -1640,7 +1645,8 @@ void svm_vmexit_do_clgi(struct cpu_user_regs *regs, struct vcpu *v)
      uint32_t general1_intercepts = vmcb_get_general1_intercepts(vmcb);
      vintr_t intr;
  
-    if ( !nestedhvm_enabled(v->domain) ) {
+    if ( !nsvm_efer_svm_enabled(v) )
+    {
          hvm_inject_hw_exception(TRAP_invalid_op, X86_EVENT_NO_EC);
          return;
      }
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c

index dcbd550883805fe2af5267aea73b098b568eb63e..81cf5b8691b64e1a9a3b9701b59f2f8f270c014a 100644 (file)
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -2193,7 +2193,6 @@ svm_vmexit_do_vmrun(struct cpu_user_regs *regs,
  {
      if ( !nsvm_efer_svm_enabled(v) )
      {
-        gdprintk(XENLOG_ERR, "VMRUN: nestedhvm disabled, injecting #UD\n");
          hvm_inject_hw_exception(TRAP_invalid_op, X86_EVENT_NO_EC);
          return;
      }
@@ -2248,7 +2247,6 @@ svm_vmexit_do_vmload(struct vmcb_struct *vmcb,
  
      if ( !nsvm_efer_svm_enabled(v) ) 
      {
-        gdprintk(XENLOG_ERR, "VMLOAD: nestedhvm disabled, injecting #UD\n");
          hvm_inject_hw_exception(TRAP_invalid_op, X86_EVENT_NO_EC);
          return;
      }
@@ -2284,7 +2282,6 @@ svm_vmexit_do_vmsave(struct vmcb_struct *vmcb,
  
      if ( !nsvm_efer_svm_enabled(v) ) 
      {
-        gdprintk(XENLOG_ERR, "VMSAVE: nestedhvm disabled, injecting #UD\n");
          hvm_inject_hw_exception(TRAP_invalid_op, X86_EVENT_NO_EC);
          return;
      }
@@ -2758,6 +2755,11 @@ void svm_vmexit_handler(struct cpu_user_regs *regs)
          break;
  
      case VMEXIT_INVLPGA:
+        if ( !nsvm_efer_svm_enabled(v) )
+        {
+            hvm_inject_hw_exception(TRAP_invalid_op, X86_EVENT_NO_EC);
+            break;
+        }
          if ( (inst_len = __get_instruction_length(v, INSTR_INVLPGA)) == 0 )
              break;
          svm_invlpga_intercept(v, regs->rax, regs->ecx);
author	Brian Woods <brian.woods@amd.com>
	Mon, 5 Feb 2018 09:15:25 +0000 (10:15 +0100)
committer	Jan Beulich <jbeulich@suse.com>
	Mon, 5 Feb 2018 09:15:25 +0000 (10:15 +0100)
xen/arch/x86/hvm/svm/nestedsvm.c		patch \| blob \| blame \| history
xen/arch/x86/hvm/svm/svm.c		patch \| blob \| blame \| history