KVM: VMX: enable VMXON check with SMX enabled (Intel TXT)
Per document, for feature control MSR: Bit 1 enables VMXON in SMX operation. If the bit is clear, execution of VMXON in SMX operation causes a general-protection exception. Bit 2 enables VMXON outside SMX operation. If the bit is clear, execution of VMXON outside SMX operation causes a general-protection exception. This patch is to enable this kind of check with SMX for VMXON in KVM. Signed-off-by: Shane Wang <shane.wang@intel.com> Signed-off-by: Avi Kivity <avi@redhat.com>
This commit is contained in:
parent
f1d86e469b
commit
cafd66595d
4 changed files with 26 additions and 13 deletions
|
@ -202,8 +202,9 @@
|
|||
#define MSR_IA32_EBL_CR_POWERON 0x0000002a
|
||||
#define MSR_IA32_FEATURE_CONTROL 0x0000003a
|
||||
|
||||
#define FEATURE_CONTROL_LOCKED (1<<0)
|
||||
#define FEATURE_CONTROL_VMXON_ENABLED (1<<2)
|
||||
#define FEATURE_CONTROL_LOCKED (1<<0)
|
||||
#define FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX (1<<1)
|
||||
#define FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX (1<<2)
|
||||
|
||||
#define MSR_IA32_APICBASE 0x0000001b
|
||||
#define MSR_IA32_APICBASE_BSP (1<<8)
|
||||
|
|
|
@ -46,6 +46,7 @@
|
|||
|
||||
/* Global pointer to shared data; NULL means no measured launch. */
|
||||
struct tboot *tboot __read_mostly;
|
||||
EXPORT_SYMBOL(tboot);
|
||||
|
||||
/* timeout for APs (in secs) to enter wait-for-SIPI state during shutdown */
|
||||
#define AP_WAIT_TIMEOUT 1
|
||||
|
|
|
@ -27,6 +27,7 @@
|
|||
#include <linux/moduleparam.h>
|
||||
#include <linux/ftrace_event.h>
|
||||
#include <linux/slab.h>
|
||||
#include <linux/tboot.h>
|
||||
#include "kvm_cache_regs.h"
|
||||
#include "x86.h"
|
||||
|
||||
|
@ -1272,9 +1273,16 @@ static __init int vmx_disabled_by_bios(void)
|
|||
u64 msr;
|
||||
|
||||
rdmsrl(MSR_IA32_FEATURE_CONTROL, msr);
|
||||
return (msr & (FEATURE_CONTROL_LOCKED |
|
||||
FEATURE_CONTROL_VMXON_ENABLED))
|
||||
== FEATURE_CONTROL_LOCKED;
|
||||
if (msr & FEATURE_CONTROL_LOCKED) {
|
||||
if (!(msr & FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX)
|
||||
&& tboot_enabled())
|
||||
return 1;
|
||||
if (!(msr & FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX)
|
||||
&& !tboot_enabled())
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
/* locked but not enabled */
|
||||
}
|
||||
|
||||
|
@ -1282,21 +1290,23 @@ static int hardware_enable(void *garbage)
|
|||
{
|
||||
int cpu = raw_smp_processor_id();
|
||||
u64 phys_addr = __pa(per_cpu(vmxarea, cpu));
|
||||
u64 old;
|
||||
u64 old, test_bits;
|
||||
|
||||
if (read_cr4() & X86_CR4_VMXE)
|
||||
return -EBUSY;
|
||||
|
||||
INIT_LIST_HEAD(&per_cpu(vcpus_on_cpu, cpu));
|
||||
rdmsrl(MSR_IA32_FEATURE_CONTROL, old);
|
||||
if ((old & (FEATURE_CONTROL_LOCKED |
|
||||
FEATURE_CONTROL_VMXON_ENABLED))
|
||||
!= (FEATURE_CONTROL_LOCKED |
|
||||
FEATURE_CONTROL_VMXON_ENABLED))
|
||||
|
||||
test_bits = FEATURE_CONTROL_LOCKED;
|
||||
test_bits |= FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX;
|
||||
if (tboot_enabled())
|
||||
test_bits |= FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX;
|
||||
|
||||
if ((old & test_bits) != test_bits) {
|
||||
/* enable and lock */
|
||||
wrmsrl(MSR_IA32_FEATURE_CONTROL, old |
|
||||
FEATURE_CONTROL_LOCKED |
|
||||
FEATURE_CONTROL_VMXON_ENABLED);
|
||||
wrmsrl(MSR_IA32_FEATURE_CONTROL, old | test_bits);
|
||||
}
|
||||
write_cr4(read_cr4() | X86_CR4_VMXE); /* FIXME: not cpu hotplug safe */
|
||||
asm volatile (ASM_VMX_VMXON_RAX
|
||||
: : "a"(&phys_addr), "m"(phys_addr)
|
||||
|
|
|
@ -150,6 +150,7 @@ extern int tboot_force_iommu(void);
|
|||
|
||||
#else
|
||||
|
||||
#define tboot_enabled() 0
|
||||
#define tboot_probe() do { } while (0)
|
||||
#define tboot_shutdown(shutdown_type) do { } while (0)
|
||||
#define tboot_sleep(sleep_state, pm1a_control, pm1b_control) \
|
||||
|
|
Loading…
Reference in a new issue