* Jan Kiszka <[email protected]> [2017-08-26 18:30:23 +0000]:
> Please tag new versions of your patch with "PATCH v2" etc.
Sorry, will do.
>
> On 2017-08-24 11:49, Gustavo Lima Chaves wrote:
> > This is a first take on the TODO-list entry
> >
> > - whitelist-based MSR access [v1.0]
> >
> > *for Intel architecture*. All the architectural MSRs where given a look
> > before the coding started: they were categorized, for ease of finding
> > things out when one needs to refer back to them and, for the ones that
> > were absolutely necessary (at least given the needs of a typical x86
> > Linux build, on both root and inmate cell contexts), access without
> > VM-exits was granted. Some actual model specific entries are there as
> > well, noticed while testing with our baremetal hardware.
> >
[...]
> > #define MSR_IA32_VMX_PINBASED_CTLS 0x00000481
> > #define MSR_IA32_VMX_PROCBASED_CTLS 0x00000482
> > diff --git a/hypervisor/arch/x86/vcpu.c b/hypervisor/arch/x86/vcpu.c
> > index 638d166..c88ae09 100644
> > --- a/hypervisor/arch/x86/vcpu.c
> > +++ b/hypervisor/arch/x86/vcpu.c
> > @@ -26,6 +26,8 @@
> > #include <asm/percpu.h>
> > #include <asm/vcpu.h>
> >
> > +#define MISC_ENABLE_RESERVED_BITS 0x00000001
>
> This is not really a mask of reserved bits in that MSR, is it? According
> to the manual, bits like 1, 2, 4-6 etc. are reserved. What is the
> semantic here?
A poor naming indeed, sorry. The intended semantic for this register
is: let inmates read from it, but when setting, take into account only
the 0th bit (one that is core-bound only, for sure) and for the rest
of them apply what was already there.
I see I did not quite get there yet, now. I'll keep looking, but any
hints to get there (if possible, at all)? Is changing the guest's rax
somewhat possible?
>
> > +
> > /* This page is mapped so the code begins at 0x000ffff0 */
> > static u8 __attribute__((aligned(PAGE_SIZE))) parking_code[PAGE_SIZE] = {
> > [0xff0] = 0xfa, /* 1: cli */
> > @@ -325,6 +327,46 @@ bool vcpu_handle_msr_write(void)
> > vcpu_vendor_set_guest_pat((val & MTRR_ENABLE) ?
> > cpu_data->pat : 0);
> > break;
> > + case MSR_IA32_MISC_ENABLE:
> > + /* Check for Fast-Strings Enable bit only set */
> > + val = get_wrmsr_value(&cpu_data->guest_regs);
> > + if ((val & MISC_ENABLE_RESERVED_BITS)
> > + != MISC_ENABLE_RESERVED_BITS) {
>
> And I don't understand this check as well yet. Why enforce bit 0 to be
> (virtually) set?
Yeah, like said before, not quite what I wanted.
Regards,
--
Gustavo Lima Chaves
Intel - Open Source Technology Center
--
You received this message because you are subscribed to the Google Groups
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
