On Mon, Mar 28, 2011 at 08:08:21AM -0400, Avi Kivity wrote: > On 03/28/2011 12:46 PM, Joerg Roedel wrote: > > This patch adds the necessary code changes in the > > instruction emulator and the extensions to svm.c to > > implement intercept checks for the svm instructions. > > > > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > > index 485a09f..9b22f5f 100644 > > --- a/arch/x86/kvm/svm.c > > +++ b/arch/x86/kvm/svm.c > > @@ -3896,6 +3896,14 @@ static struct __x86_intercept { > > [x86_intercept_sidt] = POST_MEM(SVM_EXIT_IDTR_READ), > > [x86_intercept_lgdt] = POST_MEM(SVM_EXIT_GDTR_WRITE), > > [x86_intercept_lidt] = POST_MEM(SVM_EXIT_IDTR_WRITE), > > + [x86_intercept_vmrun] = POST_EX(SVM_EXIT_VMRUN), > > + [x86_intercept_vmmcall] = POST_EX(SVM_EXIT_VMMCALL), > > VMMCALL is not privileged, is it?
Right, thanks. Here is the updated patch. >From aeaa38bf81c9386aeff4368c2b23ec95c0d08e4c Mon Sep 17 00:00:00 2001 From: Joerg Roedel <joerg.roe...@amd.com> Date: Fri, 11 Mar 2011 11:53:39 +0100 Subject: [PATCH 08/13] KVM: SVM: Add intercept checks for SVM instructions This patch adds the necessary code changes in the instruction emulator and the extensions to svm.c to implement intercept checks for the svm instructions. Signed-off-by: Joerg Roedel <joerg.roe...@amd.com> --- arch/x86/kvm/emulate.c | 23 ++++++++++++++++++++++- arch/x86/kvm/svm.c | 8 ++++++++ 2 files changed, 30 insertions(+), 1 deletions(-) diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index ec2e9ad..8b8f63d 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -75,6 +75,8 @@ #define Stack (1<<13) /* Stack instruction (push/pop) */ #define Group (1<<14) /* Bits 3:5 of modrm byte extend opcode */ #define GroupDual (1<<15) /* Alternate decoding of mod == 3 */ +#define RMExt (1<<16) /* Opcode extension in ModRM r/m if mod == 3 */ + /* Misc flags */ #define VendorSpecific (1<<22) /* Vendor specific instruction */ #define NoAccess (1<<23) /* Don't access memory (lea/invlpg/verr etc) */ @@ -2349,6 +2351,7 @@ static int em_mov(struct x86_emulate_ctxt *ctxt) #define D(_y) { .flags = (_y) } #define DI(_y, _i) { .flags = (_y), .intercept = x86_intercept_##_i } #define N D(0) +#define EXT(_f, _e) { .flags = ((_f) | RMExt), .u.group = (_e) } #define G(_f, _g) { .flags = ((_f) | Group), .u.group = (_g) } #define GD(_f, _g) { .flags = ((_f) | Group | GroupDual), .u.gdual = (_g) } #define I(_f, _e) { .flags = (_f), .u.execute = (_e) } @@ -2363,6 +2366,17 @@ static int em_mov(struct x86_emulate_ctxt *ctxt) D2bv(((_f) & ~Lock) | DstAcc | SrcImm) +static struct opcode group7_rm3[] = { + DI(SrcNone | ModRM | Priv, vmrun), + DI(SrcNone | ModRM , vmmcall), + DI(SrcNone | ModRM | Priv, vmload), + DI(SrcNone | ModRM | Priv, vmsave), + DI(SrcNone | ModRM | Priv, stgi), + DI(SrcNone | ModRM | Priv, clgi), + DI(SrcNone | ModRM | Priv, skinit), + DI(SrcNone | ModRM | Priv, invlpga), +}; + static struct opcode group1[] = { X7(D(Lock)), N }; @@ -2406,7 +2420,7 @@ static struct group_dual group7 = { { DI(SrcMem | ModRM | ByteOp | Priv | NoAccess, invlpg), }, { D(SrcNone | ModRM | Priv | VendorSpecific), N, - N, D(SrcNone | ModRM | Priv | VendorSpecific), + N, EXT(0, group7_rm3), DI(SrcNone | ModRM | DstMem | Mov, smsw), N, DI(SrcMem16 | ModRM | Mov | Priv, lmsw), N, } }; @@ -2601,6 +2615,7 @@ static struct opcode twobyte_table[256] = { #undef G #undef GD #undef I +#undef EXT #undef D2bv #undef I2bv @@ -2778,6 +2793,12 @@ done_prefixes: opcode = g_mod3[goffset]; else opcode = g_mod012[goffset]; + + if (opcode.flags & RMExt) { + goffset = c->modrm & 7; + opcode = opcode.u.group[goffset]; + } + c->d |= opcode.flags; } diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 485a09f..9b22f5f 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -3896,6 +3896,14 @@ static struct __x86_intercept { [x86_intercept_sidt] = POST_MEM(SVM_EXIT_IDTR_READ), [x86_intercept_lgdt] = POST_MEM(SVM_EXIT_GDTR_WRITE), [x86_intercept_lidt] = POST_MEM(SVM_EXIT_IDTR_WRITE), + [x86_intercept_vmrun] = POST_EX(SVM_EXIT_VMRUN), + [x86_intercept_vmmcall] = POST_EX(SVM_EXIT_VMMCALL), + [x86_intercept_vmload] = POST_EX(SVM_EXIT_VMLOAD), + [x86_intercept_vmsave] = POST_EX(SVM_EXIT_VMSAVE), + [x86_intercept_stgi] = POST_EX(SVM_EXIT_STGI), + [x86_intercept_clgi] = POST_EX(SVM_EXIT_CLGI), + [x86_intercept_skinit] = POST_EX(SVM_EXIT_SKINIT), + [x86_intercept_invlpga] = POST_EX(SVM_EXIT_INVLPGA), }; #undef POST_EX -- 1.7.1 -- AMD Operating System Research Center Advanced Micro Devices GmbH Einsteinring 24 85609 Dornach General Managers: Alberto Bozzo, Andrew Bowd Registration: Dornach, Landkr. Muenchen; Registerger. Muenchen, HRB Nr. 43632 -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html