diff --git a/hypervisor/arch/x86/vmx.c b/hypervisor/arch/x86/vmx.c index d241ce9d7..0518a7cd7 100644 --- a/hypervisor/arch/x86/vmx.c +++ b/hypervisor/arch/x86/vmx.c @@ -278,9 +278,13 @@ static void init_cr0_cr4_host_mask(__unused struct vcpu *vcpu) * guest" feature */ cr0_always_on_mask = fixed0 & (~(CR0_PE | CR0_PG)); cr0_always_off_mask = ~fixed1; + /* SDM 2.5 + * bit 63:32 of CR0 and CR4 ar reserved and must be written + * zero. We could merge it with always off mask. + */ + cr0_always_off_mask |= 0xFFFFFFFF00000000UL; - - /* Read the CR$ fixed0 / fixed1 MSR registers */ + /* Read the CR4 fixed0 / fixed1 MSR registers */ fixed0 = msr_read(MSR_IA32_VMX_CR4_FIXED0); fixed1 = msr_read(MSR_IA32_VMX_CR4_FIXED1); @@ -290,6 +294,12 @@ static void init_cr0_cr4_host_mask(__unused struct vcpu *vcpu) cr4_always_on_mask = fixed0; /* Record the bit fixed to 0 for CR4, including reserved bits */ cr4_always_off_mask = ~fixed1; + /* SDM 2.5 + * bit 63:32 of CR0 and CR4 ar reserved and must be written + * zero. We could merge it with always off mask. + */ + cr4_always_off_mask |= 0xFFFFFFFF00000000UL; + cr4_always_off_mask |= CR4_RESERVED_MASK; inited = true; } diff --git a/hypervisor/include/arch/x86/cpu.h b/hypervisor/include/arch/x86/cpu.h index bb58fed38..23a8f0638 100644 --- a/hypervisor/include/arch/x86/cpu.h +++ b/hypervisor/include/arch/x86/cpu.h @@ -70,26 +70,29 @@ #define CR3_PCD (1UL<<4U) /* page-level cache disable */ /* CR4 register definitions */ -#define CR4_VME (1UL<<0) /* virtual 8086 mode extensions */ -#define CR4_PVI (1UL<<1) /* protected mode virtual interrupts */ -#define CR4_TSD (1UL<<2) /* time stamp disable */ -#define CR4_DE (1UL<<3) /* debugging extensions */ -#define CR4_PSE (1UL<<4) /* page size extensions */ -#define CR4_PAE (1UL<<5) /* physical address extensions */ -#define CR4_MCE (1UL<<6) /* machine check enable */ -#define CR4_PGE (1UL<<7) /* page global enable */ -#define CR4_PCE (1UL<<8) +#define CR4_VME (1UL<<0U) /* virtual 8086 mode extensions */ +#define CR4_PVI (1UL<<1U) /* protected mode virtual interrupts */ +#define CR4_TSD (1UL<<2U) /* time stamp disable */ +#define CR4_DE (1UL<<3U) /* debugging extensions */ +#define CR4_PSE (1UL<<4U) /* page size extensions */ +#define CR4_PAE (1UL<<5U) /* physical address extensions */ +#define CR4_MCE (1UL<<6U) /* machine check enable */ +#define CR4_PGE (1UL<<7U) /* page global enable */ +#define CR4_PCE (1UL<<8U) /* performance monitoring counter enable */ -#define CR4_OSFXSR (1UL<<9) /* OS support for FXSAVE/FXRSTOR */ -#define CR4_OSXMMEXCPT (1UL<<10) +#define CR4_OSFXSR (1UL<<9U) /* OS support for FXSAVE/FXRSTOR */ +#define CR4_OSXMMEXCPT (1UL<<10U) /* OS support for unmasked SIMD floating point exceptions */ -#define CR4_VMXE (1UL<<13) /* VMX enable */ -#define CR4_SMXE (1UL<<14) /* SMX enable */ -#define CR4_PCIDE (1UL<<17) /* PCID enable */ -#define CR4_OSXSAVE (1UL<<18) -#define CR4_SMEP (1UL<<20) -#define CR4_SMAP (1UL<<21) +#define CR4_UMIP (1UL<<11U) /* User-Mode Inst prevention */ +#define CR4_VMXE (1UL<<13U) /* VMX enable */ +#define CR4_SMXE (1UL<<14U) /* SMX enable */ +#define CR4_FSGSBASE (1UL<<16U) /* RD(FS|GS|FS)BASE inst */ +#define CR4_PCIDE (1UL<<17U) /* PCID enable */ +#define CR4_OSXSAVE (1UL<<18U) /* XSAVE and Processor Extended States enable bit */ +#define CR4_SMEP (1UL<<20U) +#define CR4_SMAP (1UL<<21U) +#define CR4_PKE (1UL<<22U) /* Protect-key-enable */ /* diff --git a/hypervisor/include/arch/x86/vmx.h b/hypervisor/include/arch/x86/vmx.h index dcd4d7b78..a7ee662df 100644 --- a/hypervisor/include/arch/x86/vmx.h +++ b/hypervisor/include/arch/x86/vmx.h @@ -405,6 +405,12 @@ /* CR4 bits hv want to trap to track status change */ #define CR4_TRAP_MASK (CR4_PSE | CR4_PAE) +#define CR4_RESERVED_MASK ~(CR4_VME | CR4_PVI | CR4_TSD | CR4_DE | CR4_PSE | \ + CR4_PAE | CR4_MCE | CR4_PGE | CR4_PCE | \ + CR4_OSFXSR | CR4_PCIDE | CR4_OSXSAVE | \ + CR4_SMEP | CR4_FSGSBASE | CR4_VMXE | \ + CR4_OSXMMEXCPT | CR4_SMAP | CR4_PKE | \ + CR4_SMXE | CR4_UMIP ) #define VMX_SUPPORT_UNRESTRICTED_GUEST (1U<<5)