hv: Explicitly trap VMXE and PCIDE bit for CR4 write

Now, we let guest own most CR4 bit. Which means guest handles whether the CR4 writting is invalid or not and GP injection if it's invalid writing. Two bits are exception here: we filter VMX and PCID feature to guest (which means they are supported on native). So we can't depends on guest to inject GP for these bits. Instead, we should explicitly trap these CR4 bits update and inject GP to guest from HV. Signed-off-by: Yin Fengwei <fengwei.yin@intel.com> Acked-by: Anthony Xu <anthony.xu@intel.com>
2025-09-24 02:08:04 +00:00 · 2018-07-27 15:12:56 +08:00
parent f0ef41c754
commit 13a50c929d
2 changed files with 25 additions and 16 deletions
--- a/hypervisor/include/arch/x86/vmx.h
+++ b/hypervisor/include/arch/x86/vmx.h
@@ -404,7 +404,7 @@
 			   CR0_NE |  CR0_ET | CR0_TS | CR0_EM | CR0_MP | CR0_PE)

 /* CR4 bits hv want to trap to track status change */
-#define CR4_TRAP_MASK (CR4_PSE | CR4_PAE)
+#define CR4_TRAP_MASK (CR4_PSE | CR4_PAE | CR4_VMXE | CR4_PCIDE)
 #define	CR4_RESERVED_MASK ~(CR4_VME | CR4_PVI | CR4_TSD | CR4_DE | CR4_PSE | \
 				CR4_PAE | CR4_MCE | CR4_PGE | CR4_PCE |	     \
 				CR4_OSFXSR | CR4_PCIDE | CR4_OSXSAVE |       \