Whithout the check,
jailhouse enable configs/x86/sysconfig.cell
results in a GP and a reboot
do not allow enable if firmware has disabled VT-X on Intel VMX
Signed-off-by: Francois-Frederic Ozog <f...@ozog.com>
---
driver/main.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/driver/main.c b/driver/main.c
index ee585848..723a9576 100644
--- a/driver/main.c
+++ b/driver/main.c
@@ -40,6 +40,10 @@
#ifdef CONFIG_ARM
#include <asm/virt.h>
#endif
+#ifdef CONFIG_X86
+#include <asm/cpu.h>
+#include <asm/msr-index.h>
+#endif
#include "cell.h"
#include "jailhouse.h"
@@ -392,6 +396,18 @@ static int jailhouse_cmd_enable(struct
jailhouse_system __user *arg)
goto error_put_module;
}
#endif
+#ifdef CONFIG_X86
+ if (boot_cpu_has(X86_FEATURE_VMX)) {
+ u64 features;
+
+ rdmsrl(MSR_IA32_FEATURE_CONTROL, features);
+ if ((features &
FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX) == 0) {
+ pr_err("jailhouse: vt-x disabled by
Firmware/BIOS\n");
+ err = -ENODEV;
+ goto error_put_module;
+ }
+ }
+#endif
/* Load hypervisor image */
err = request_firmware(&hypervisor, fw_name, jailhouse_dev);
--
2.11.0
--
You received this message because you are subscribed to the Google Groups
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jailhouse-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
