github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-09-04 18:30:18 +00:00
Code Issues Projects Releases Wiki Activity

hv: clear CPUID.07H.EBX[2] to disable SGX from guests

Browse Source 
Regarding SGX, guests could access CPUID.07H.EBX[2] before query CPUID
leaf 12H.

Intel SDM 36.7.2: "If CPUID.(EAX=07H, ECX=0H):EBX.SGX = 1, the processor
also supports querying CPUID with EAX=12H on Intel SGX resource capability
and configuration."

Clear CPUID.07H.ECX[30] SGX_LC to make the guest view consistent.

Tracked-On: #1867
Signed-off-by: Zide Chen <zide.chen@intel.com>
Acked-by: Anthony Xu <anthony.xu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
Zide Chen
2018-11-26 09:14:05 -08:00
committed by Xie, Nanlin
parent 26dc54ce37
commit 36ba7f8aa8
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hypervisor/include/arch/x86/cpuid.h
View File

@@ -72,6 +72,10 @@
#define CPUID_EDX_PBE (1U<<31U)
/* CPUID.07H:EBX.TSC_ADJUST*/
#define CPUID_EBX_TSC_ADJ (1U<<1U)
/* CPUID.07H:EBX.SGX */
#define CPUID_EBX_SGX (1U<<2U)
/* CPUID.07H:ECX.SGX_LC*/
#define CPUID_ECX_SGX_LC (1U<<30U)
/* CPUID.07H:EDX.IBRS_IBPB*/
#define CPUID_EDX_IBRS_IBPB (1U<<26U)
/* CPUID.07H:EDX.STIBP*/