KVM: SVM: Intercept the 'invd' and 'wbinvd' instructions
'invd' can destroy host data, and 'wbinvd' allows the guest to induce long (milliseconds) latencies. Noted by Ben Serebrin. Signed-off-by: Avi Kivity <avi@qumranet.com>
This commit is contained in:
parent
651a3e29b3
commit
cf5a94d133
1 changed files with 4 additions and 0 deletions
|
@ -494,6 +494,7 @@ static void init_vmcb(struct vmcb *vmcb)
|
|||
*/
|
||||
/* (1ULL << INTERCEPT_SELECTIVE_CR0) | */
|
||||
(1ULL << INTERCEPT_CPUID) |
|
||||
(1ULL << INTERCEPT_INVD) |
|
||||
(1ULL << INTERCEPT_HLT) |
|
||||
(1ULL << INTERCEPT_INVLPGA) |
|
||||
(1ULL << INTERCEPT_IOIO_PROT) |
|
||||
|
@ -507,6 +508,7 @@ static void init_vmcb(struct vmcb *vmcb)
|
|||
(1ULL << INTERCEPT_STGI) |
|
||||
(1ULL << INTERCEPT_CLGI) |
|
||||
(1ULL << INTERCEPT_SKINIT) |
|
||||
(1ULL << INTERCEPT_WBINVD) |
|
||||
(1ULL << INTERCEPT_MONITOR) |
|
||||
(1ULL << INTERCEPT_MWAIT);
|
||||
|
||||
|
@ -1247,6 +1249,7 @@ static int (*svm_exit_handlers[])(struct vcpu_svm *svm,
|
|||
[SVM_EXIT_VINTR] = interrupt_window_interception,
|
||||
/* [SVM_EXIT_CR0_SEL_WRITE] = emulate_on_interception, */
|
||||
[SVM_EXIT_CPUID] = cpuid_interception,
|
||||
[SVM_EXIT_INVD] = emulate_on_interception,
|
||||
[SVM_EXIT_HLT] = halt_interception,
|
||||
[SVM_EXIT_INVLPG] = emulate_on_interception,
|
||||
[SVM_EXIT_INVLPGA] = invalid_op_interception,
|
||||
|
@ -1261,6 +1264,7 @@ static int (*svm_exit_handlers[])(struct vcpu_svm *svm,
|
|||
[SVM_EXIT_STGI] = invalid_op_interception,
|
||||
[SVM_EXIT_CLGI] = invalid_op_interception,
|
||||
[SVM_EXIT_SKINIT] = invalid_op_interception,
|
||||
[SVM_EXIT_WBINVD] = emulate_on_interception,
|
||||
[SVM_EXIT_MONITOR] = invalid_op_interception,
|
||||
[SVM_EXIT_MWAIT] = invalid_op_interception,
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue