Virtual BIOS may use the "Limit CPUID Maxval" and "XD Bit Disable" fields in
IA32_MISC_ENABLE. These two fields update the CPUID, and in the case of "XD Bit
Disable" also disable NX support.
This patch reflects this behavior in CPUID, and disables NX bit accordingly.
Signed-off-by: Nadav Amit <namit@xxxxxxxxxxxxxxxxx>
---
arch/x86/kvm/cpuid.c | 20 ++++++++++++++++++++
arch/x86/kvm/vmx.c | 8 ++++++--
2 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 38a0afe..ff7f429 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -757,6 +757,25 @@ static struct kvm_cpuid_entry2* check_cpuid_limit(struct kvm_vcpu *vcpu,
return kvm_find_cpuid_entry(vcpu, maxlevel->eax, index);
}
+static void cpuid_override(struct kvm_vcpu *vcpu, u32 function, u32 index,
+ u32 *eax, u32 *ebx, u32 *ecx, u32 *edx)
+{
+ switch (function) {
+ case 0:
+ if (vcpu->arch.ia32_misc_enable_msr &
+ MSR_IA32_MISC_ENABLE_LIMIT_CPUID)
+ *eax = min_t(u32, *eax, 3);
+ break;
+ case 1:
+ if (vcpu->arch.ia32_misc_enable_msr &
+ MSR_IA32_MISC_ENABLE_XD_DISABLE)
+ *edx &= ~bit(X86_FEATURE_NX);
+ break;
+ default:
+ break;
+ }
+}
+
void kvm_cpuid(struct kvm_vcpu *vcpu, u32 *eax, u32 *ebx, u32 *ecx, u32 *edx)
{
u32 function = *eax, index = *ecx;
@@ -774,6 +793,7 @@ void kvm_cpuid(struct kvm_vcpu *vcpu, u32 *eax, u32 *ebx, u32 *ecx, u32 *edx)
*edx = best->edx;
} else
*eax = *ebx = *ecx = *edx = 0;
+ cpuid_override(vcpu, function, index, eax, ebx, ecx, edx);
trace_kvm_cpuid(function, *eax, *ebx, *ecx, *edx);
}
EXPORT_SYMBOL_GPL(kvm_cpuid);
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index cad37d5..45bab55 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1633,9 +1633,13 @@ static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset)
vmx->guest_msrs[efer_offset].mask = ~ignore_bits;
clear_atomic_switch_msr(vmx, MSR_EFER);
+ /* Clear nx according if xd_disable is on */
+ guest_efer = vmx->vcpu.arch.efer;
+ if (vmx->vcpu.arch.ia32_misc_enable_msr &
+ MSR_IA32_MISC_ENABLE_XD_DISABLE)
+ guest_efer &= ~EFER_NX;
/* On ept, can't emulate nx, and must switch nx atomically */
- if (enable_ept && ((vmx->vcpu.arch.efer ^ host_efer) & EFER_NX)) {
- guest_efer = vmx->vcpu.arch.efer;
+ if (enable_ept && ((guest_efer ^ host_efer) & EFER_NX)) {
if (!(guest_efer & EFER_LMA))
guest_efer &= ~EFER_LME;
add_atomic_switch_msr(vmx, MSR_EFER, guest_efer, host_efer);
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
