hv: Extend the always off mask of CR0 and CR4

According to SDM: writing a nonzero value to 63:32 bits of CR0 and CR4 results #GP(0). writing a nonzero value to reserved bit of CR4 results #GP(0). We merge the check with always off mask of CR0 and CR4. Signed-off-by: Yin Fengwei <fengwei.yin@intel.com> Acked-by: Anthony Xu <anthony.xu@intel.com>
2025-06-22 13:37:10 +00:00 · 2018-07-27 13:36:00 +08:00 · 2018-07-27 13:36:00 +08:00 · f0ef41c754
commit f0ef41c754
parent d18642a8a6
3 changed files with 38 additions and 19 deletions
--- a/hypervisor/arch/x86/vmx.c
+++ b/hypervisor/arch/x86/vmx.c
@ -278,9 +278,13 @@ static void init_cr0_cr4_host_mask(__unused struct vcpu *vcpu)
 		 * guest" feature */
 		cr0_always_on_mask = fixed0 & (~(CR0_PE | CR0_PG));
 		cr0_always_off_mask = ~fixed1;
+		/* SDM 2.5
+		 * bit 63:32 of CR0 and CR4 ar reserved and must be written
+		 * zero. We could merge it with always off mask.
+		 */
+		cr0_always_off_mask |= 0xFFFFFFFF00000000UL;

-
-		/* Read the CR$ fixed0 / fixed1 MSR registers */
+		/* Read the CR4 fixed0 / fixed1 MSR registers */
 		fixed0 = msr_read(MSR_IA32_VMX_CR4_FIXED0);
 		fixed1 = msr_read(MSR_IA32_VMX_CR4_FIXED1);

@ -290,6 +294,12 @@ static void init_cr0_cr4_host_mask(__unused struct vcpu *vcpu)
 		cr4_always_on_mask = fixed0;
 		/* Record the bit fixed to 0 for CR4, including reserved bits */
 		cr4_always_off_mask = ~fixed1;
+		/* SDM 2.5
+		 * bit 63:32 of CR0 and CR4 ar reserved and must be written
+		 * zero. We could merge it with always off mask.
+		 */
+		cr4_always_off_mask |= 0xFFFFFFFF00000000UL;
+		cr4_always_off_mask |= CR4_RESERVED_MASK;
 		inited = true;
 	}

--- a/hypervisor/include/arch/x86/cpu.h
+++ b/hypervisor/include/arch/x86/cpu.h
@ -70,26 +70,29 @@
 #define CR3_PCD                 (1UL<<4U)	/* page-level cache disable */

 /* CR4 register definitions */
-#define CR4_VME                 (1UL<<0)	/* virtual 8086 mode extensions */
-#define CR4_PVI                 (1UL<<1)	/* protected mode virtual interrupts */
-#define CR4_TSD                 (1UL<<2)	/* time stamp disable */
-#define CR4_DE                  (1UL<<3)	/* debugging extensions */
-#define CR4_PSE                 (1UL<<4)	/* page size extensions */
-#define CR4_PAE                 (1UL<<5)	/* physical address extensions */
-#define CR4_MCE                 (1UL<<6)	/* machine check enable */
-#define CR4_PGE                 (1UL<<7)	/* page global enable */
-#define CR4_PCE                 (1UL<<8)
+#define CR4_VME                 (1UL<<0U)	/* virtual 8086 mode extensions */
+#define CR4_PVI                 (1UL<<1U)	/* protected mode virtual interrupts */
+#define CR4_TSD                 (1UL<<2U)	/* time stamp disable */
+#define CR4_DE                  (1UL<<3U)	/* debugging extensions */
+#define CR4_PSE                 (1UL<<4U)	/* page size extensions */
+#define CR4_PAE                 (1UL<<5U)	/* physical address extensions */
+#define CR4_MCE                 (1UL<<6U)	/* machine check enable */
+#define CR4_PGE                 (1UL<<7U)	/* page global enable */
+#define CR4_PCE                 (1UL<<8U)
 /* performance monitoring counter enable */
-#define CR4_OSFXSR              (1UL<<9)	/* OS support for FXSAVE/FXRSTOR */
-#define CR4_OSXMMEXCPT          (1UL<<10)
+#define CR4_OSFXSR              (1UL<<9U)	/* OS support for FXSAVE/FXRSTOR */
+#define CR4_OSXMMEXCPT          (1UL<<10U)
 /* OS support for unmasked SIMD floating point exceptions */
-#define CR4_VMXE                (1UL<<13)	/* VMX enable */
-#define CR4_SMXE                (1UL<<14)	/* SMX enable */
-#define CR4_PCIDE               (1UL<<17)	/* PCID enable */
-#define CR4_OSXSAVE             (1UL<<18)
-#define CR4_SMEP                (1UL<<20)
-#define CR4_SMAP                (1UL<<21)
+#define CR4_UMIP                (1UL<<11U)	/* User-Mode Inst prevention */
+#define CR4_VMXE                (1UL<<13U)	/* VMX enable */
+#define CR4_SMXE                (1UL<<14U)	/* SMX enable */
+#define CR4_FSGSBASE            (1UL<<16U)	/* RD(FS|GS|FS)BASE inst */
+#define CR4_PCIDE               (1UL<<17U)	/* PCID enable */
+#define CR4_OSXSAVE             (1UL<<18U)
 /* XSAVE and Processor Extended States enable bit */
+#define CR4_SMEP                (1UL<<20U)
+#define CR4_SMAP                (1UL<<21U)
+#define CR4_PKE                 (1UL<<22U)	/* Protect-key-enable */


 /*
--- a/hypervisor/include/arch/x86/vmx.h
+++ b/hypervisor/include/arch/x86/vmx.h
@ -405,6 +405,12 @@

 /* CR4 bits hv want to trap to track status change */
 #define CR4_TRAP_MASK (CR4_PSE | CR4_PAE)
+#define	CR4_RESERVED_MASK ~(CR4_VME | CR4_PVI | CR4_TSD | CR4_DE | CR4_PSE | \
+				CR4_PAE | CR4_MCE | CR4_PGE | CR4_PCE |	     \
+				CR4_OSFXSR | CR4_PCIDE | CR4_OSXSAVE |       \
+				CR4_SMEP | CR4_FSGSBASE | CR4_VMXE |         \
+				CR4_OSXMMEXCPT | CR4_SMAP | CR4_PKE |        \
+				CR4_SMXE | CR4_UMIP )

 #define VMX_SUPPORT_UNRESTRICTED_GUEST (1U<<5)