From: Jan Kiszka <[email protected]> Not doing so can have undesirable side effects, like clearing GIF on the calling CPU.
Signed-off-by: Jan Kiszka <[email protected]> --- I don't have real HW in reach, but looking at the spec and how QEMU emulates the instructions, this seems to be required. hypervisor/arch/x86/svm.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/hypervisor/arch/x86/svm.c b/hypervisor/arch/x86/svm.c index ac3cd541..8d1b631c 100644 --- a/hypervisor/arch/x86/svm.c +++ b/hypervisor/arch/x86/svm.c @@ -202,8 +202,13 @@ static void vmcb_setup(struct per_cpu *cpu_data) vmcb->general1_intercepts |= GENERAL1_INTERCEPT_MSR_PROT; vmcb->general1_intercepts |= GENERAL1_INTERCEPT_SHUTDOWN_EVT; - vmcb->general2_intercepts |= GENERAL2_INTERCEPT_VMRUN; /* Required */ + vmcb->general2_intercepts |= GENERAL2_INTERCEPT_VMRUN; vmcb->general2_intercepts |= GENERAL2_INTERCEPT_VMMCALL; + vmcb->general2_intercepts |= GENERAL2_INTERCEPT_VMLOAD; + vmcb->general2_intercepts |= GENERAL2_INTERCEPT_VMSAVE; + vmcb->general2_intercepts |= GENERAL2_INTERCEPT_STGI; + vmcb->general2_intercepts |= GENERAL2_INTERCEPT_CLGI; + vmcb->general2_intercepts |= GENERAL2_INTERCEPT_SKINIT; /* * We only intercept #DB and #AC to prevent that malicious guests can -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
