x86/VMX: don't risk corrupting host CR4

Instead of "syncing" the live value to what mmu_cr4_features has, make
sure vCPU-s run with the value most recently loaded into %cr4, such that
after the next VM exit we continue to run with the intended value rather
than a possibly stale one.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>

diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index 78c84cc1c12b9d8da54969018bc45a999cb3aec5..326dd024deb102e9e73d8bf172a361f4e9b00782 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -1676,6 +1676,7 @@ void vmx_vmentry_failure(void)
 void vmx_do_resume(struct vcpu *v)
 {
     bool_t debug_state;
+    unsigned long host_cr4;
 
     if ( v->arch.hvm_vmx.active_cpu == smp_processor_id() )
         vmx_vmcs_reload(v);
@@ -1725,6 +1726,12 @@ void vmx_do_resume(struct vcpu *v)
     }
 
     hvm_do_resume(v);
+
+    /* Sync host CR4 in case its value has changed. */
+    __vmread(HOST_CR4, &host_cr4);
+    if ( host_cr4 != read_cr4() )
+        __vmwrite(HOST_CR4, read_cr4());
+
     reset_stack_and_jump(vmx_asm_do_vmentry);
 }
 

diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index c7c8a0812f2eec1a33137a8eecb9fe5fa0d4bd4a..8d2c9eafe91754dd3eff916ff64eaf087d11c926 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -947,12 +947,6 @@ static void vmx_ctxt_switch_from(struct vcpu *v)
 
 static void vmx_ctxt_switch_to(struct vcpu *v)
 {
-    unsigned long old_cr4 = read_cr4(), new_cr4 = mmu_cr4_features;
-
-    /* HOST_CR4 in VMCS is always mmu_cr4_features. Sync CR4 now. */
-    if ( old_cr4 != new_cr4 )
-        write_cr4(new_cr4);
-
     vmx_restore_guest_msrs(v);
     vmx_restore_dr(v);