On 2016/7/13 17:35, Paolo Bonzini wrote:
On 13/07/2016 11:21, Yang Zhang wrote:
+ if ((cr4 & X86_CR4_UMIP) && !boot_cpu_has(X86_FEATURE_UMIP)) {
+ vmcs_set_bits(SECONDARY_VM_EXEC_CONTROL,
+ SECONDARY_EXEC_DESC);
+ hw_cr4 &= ~X86_CR4_UMIP;
+ } else
+ vmcs_clear_bits(SECONDARY_VM_EXEC_CONTROL,
+ SECONDARY_EXEC_DESC);
+
Since the faults based on privilege level have priority over VM exits.
So we don't need to enable/disable SECONDARY_EXEC_DESC dynamically.
Instead, we can set it unconditionally.
I'm setting it dynamically because it slows down LGDT, LLDT, LIDT and LTR.
You are right. And SGDT, SIDT, SLDT, SMSW, STR also will be intercepted
even in CPL 0 if we don't disable it.
--
Yang
Alibaba Cloud Computing
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
