diff --git a/hypervisor/arch/x86/guest/vcpuid.c b/hypervisor/arch/x86/guest/vcpuid.c index 5718f2911..21e9e1d13 100644 --- a/hypervisor/arch/x86/guest/vcpuid.c +++ b/hypervisor/arch/x86/guest/vcpuid.c @@ -315,6 +315,9 @@ void guest_cpuid(struct acrn_vcpu *vcpu, uint32_t *eax, uint32_t *ebx, uint32_t *edx &= ~CPUID_EDX_MTRR; #endif + /* mask Safer Mode Extension */ + *ecx &= ~CPUID_ECX_SMX; + /* mask pcid */ *ecx &= ~CPUID_ECX_PCID; diff --git a/hypervisor/arch/x86/guest/vmsr.c b/hypervisor/arch/x86/guest/vmsr.c index dd4064a89..bc5bf4446 100644 --- a/hypervisor/arch/x86/guest/vmsr.c +++ b/hypervisor/arch/x86/guest/vmsr.c @@ -53,7 +53,7 @@ static const uint32_t mtrr_msrs[NUM_MTRR_MSRS] = { }; /* Following MSRs are intercepted, but it throws GPs for any guest accesses */ -#define NUM_UNSUPPORTED_MSRS 95U +#define NUM_UNSUPPORTED_MSRS 96U static const uint32_t unsupported_msrs[NUM_UNSUPPORTED_MSRS] = { /* Variable MTRRs are not supported */ MSR_IA32_MTRR_PHYSBASE_0, @@ -173,6 +173,9 @@ static const uint32_t unsupported_msrs[NUM_UNSUPPORTED_MSRS] = { MSR_IA32_RTIT_ADDR2_B, MSR_IA32_RTIT_ADDR3_A, MSR_IA32_RTIT_ADDR3_B, + + /* SMM Monitor Configuration: CPUID.01H.ECX[5] and CPUID.01H.ECX[6] */ + MSR_IA32_SMM_MONITOR_CTL, }; #define NUM_X2APIC_MSRS 44U diff --git a/hypervisor/arch/x86/vmcs.c b/hypervisor/arch/x86/vmcs.c index 033e3565f..bd2657d46 100644 --- a/hypervisor/arch/x86/vmcs.c +++ b/hypervisor/arch/x86/vmcs.c @@ -281,8 +281,8 @@ static bool is_cr4_write_valid(struct acrn_vcpu *vcpu, uint64_t cr4) if ((cr4 & cr4_always_off_mask) != 0U) { ret = false; } else { - /* Do NOT support nested guest */ - if ((cr4 & CR4_VMXE) != 0UL) { + /* Do NOT support nested guest, nor SMX */ + if (((cr4 & CR4_VMXE) != 0UL) || ((cr4 & CR4_SMXE) != 0UL)) { ret = false; } else { /* Do NOT support PCID in guest */ @@ -417,7 +417,7 @@ static void init_guest_state(struct acrn_vcpu *vcpu) &vcpu->arch.contexts[vcpu->arch.cur_context]; init_guest_vmx(vcpu, ctx->run_ctx.cr0, ctx->ext_ctx.cr3, - ctx->run_ctx.cr4 & ~CR4_VMXE); + ctx->run_ctx.cr4 & ~(CR4_VMXE | CR4_SMXE)); } static void init_host_state(void)