According to SDM Chapter ADVANCED PROGRAMMABLE INTERRUPT CONTROLLER (APIC)
-> Extended XAPIC (x2APIC) -> x2APIC State Transitions, The existing code to
handle guest's writing MSR_IA32_APICBASE has two flaws:
1. Transition from x2APIC Mode to Disabled Mode is allowed but wrongly
disabled currently. Fix it by removing the related check.
2. Transition from x2APIC Mode to xAPIC Mode is illegal but wrongly allowed
currently. Considering changing ENABLE bit of the MSR has been handled,
it can be fixed by only allowing transition from xAPIC Mode to x2APIC Mode
(the other two transitions: from x2APIC mode to xAPIC Mode, from disabled mode
to invalid state (EN=0, EXTD=1) are disabled).
Signed-off-by: Chao Gao <chao.gao@intel.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
}
else
{
- if ( unlikely(vlapic_x2apic_mode(vlapic)) )
- return 0;
vlapic->hw.disabled |= VLAPIC_HW_DISABLED;
pt_may_unmask_irq(vlapic_domain(vlapic), NULL);
}
}
- else if ( !(value & MSR_IA32_APICBASE_ENABLE) &&
- unlikely(value & MSR_IA32_APICBASE_EXTD) )
+ else if ( ((vlapic->hw.apic_base_msr ^ value) & MSR_IA32_APICBASE_EXTD) &&
+ unlikely(!vlapic_xapic_mode(vlapic)) )
return 0;
vlapic->hw.apic_base_msr = value;
#define vlapic_base_address(vlapic) \
((vlapic)->hw.apic_base_msr & MSR_IA32_APICBASE_BASE)
+/* Only check EXTD bit as EXTD can't be set if it is disabled by hardware */
#define vlapic_x2apic_mode(vlapic) \
((vlapic)->hw.apic_base_msr & MSR_IA32_APICBASE_EXTD)
+#define vlapic_xapic_mode(vlapic) \
+ (!vlapic_hw_disabled(vlapic) && \
+ !((vlapic)->hw.apic_base_msr & MSR_IA32_APICBASE_EXTD))
/*
* Generic APIC bitmap vector update & search routines.
projects / people / royger / xen.git / commitdiff