|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-3.1-testing] hvm: Check CR0/CR4/EFER on HVM restore.
# HG changeset patch
# User Keir Fraser <keir@xxxxxxxxxxxxx>
# Date 1190991902 -3600
# Node ID 3ef467ebd2f89ea38d6c83598fd674818bf62e31
# Parent 8c1042c6cdeac8621ba4991dc6500fc16fd81581
hvm: Check CR0/CR4/EFER on HVM restore.
Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx>
Partial backport of:
xen-unstable changeset: 15976:ff4ff3e3ebbee196efdaf036688fed89cd19e721
xen-unstable date: Fri Sep 28 16:00:44 2007 +0100
---
xen/arch/x86/hvm/hvm.c | 28 ++++++++++++++++++++++++++++
xen/include/asm-x86/hvm/hvm.h | 8 ++++++++
2 files changed, 36 insertions(+)
diff -r 8c1042c6cdea -r 3ef467ebd2f8 xen/arch/x86/hvm/hvm.c
--- a/xen/arch/x86/hvm/hvm.c Fri Sep 28 16:02:18 2007 +0100
+++ b/xen/arch/x86/hvm/hvm.c Fri Sep 28 16:05:02 2007 +0100
@@ -332,6 +332,34 @@ static int hvm_load_cpu_ctxt(struct doma
if ( hvm_load_entry(CPU, h, &ctxt) != 0 )
return -EINVAL;
+
+ /* Sanity check some control registers. */
+ if ( (ctxt.cr0 & HVM_CR0_GUEST_RESERVED_BITS) ||
+ !(ctxt.cr0 & X86_CR0_ET) ||
+ ((ctxt.cr0 & (X86_CR0_PE|X86_CR0_PG)) == X86_CR0_PG) )
+ {
+ gdprintk(XENLOG_ERR, "HVM restore: bad CR0 0x%"PRIx64"\n",
+ ctxt.msr_efer);
+ return -EINVAL;
+ }
+
+ if ( ctxt.cr4 & HVM_CR4_GUEST_RESERVED_BITS )
+ {
+ gdprintk(XENLOG_ERR, "HVM restore: bad CR4 0x%"PRIx64"\n",
+ ctxt.msr_efer);
+ return -EINVAL;
+ }
+
+ if ( (ctxt.msr_efer & ~(EFER_LME | EFER_NX | EFER_SCE)) ||
+ ((sizeof(long) != 8) && (ctxt.msr_efer & EFER_LME)) ||
+ (!cpu_has_nx && (ctxt.msr_efer & EFER_NX)) ||
+ (!cpu_has_syscall && (ctxt.msr_efer & EFER_SCE)) ||
+ ((ctxt.msr_efer & (EFER_LME|EFER_LMA)) == EFER_LMA) )
+ {
+ gdprintk(XENLOG_ERR, "HVM restore: bad EFER 0x%"PRIx64"\n",
+ ctxt.msr_efer);
+ return -EINVAL;
+ }
/* Architecture-specific vmcs/vmcb bits */
if ( hvm_funcs.load_cpu_ctxt(v, &ctxt) < 0 )
diff -r 8c1042c6cdea -r 3ef467ebd2f8 xen/include/asm-x86/hvm/hvm.h
--- a/xen/include/asm-x86/hvm/hvm.h Fri Sep 28 16:02:18 2007 +0100
+++ b/xen/include/asm-x86/hvm/hvm.h Fri Sep 28 16:05:02 2007 +0100
@@ -293,6 +293,14 @@ static inline int hvm_event_injection_fa
return hvm_funcs.event_injection_faulted(v);
}
+/* These reserved bits in lower 32 remain 0 after any load of CR0 */
+#define HVM_CR0_GUEST_RESERVED_BITS \
+ (~((unsigned long) \
+ (X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | \
+ X86_CR0_TS | X86_CR0_ET | X86_CR0_NE | \
+ X86_CR0_WP | X86_CR0_AM | X86_CR0_NW | \
+ X86_CR0_CD | X86_CR0_PG)))
+
/* These bits in CR4 are owned by the host. */
#define HVM_CR4_HOST_MASK (mmu_cr4_features & \
(X86_CR4_VMXE | X86_CR4_PAE | X86_CR4_MCE))
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |