If L1 doesn't intercept shutdown, then L1 itself gets it, which doesn't allow it to report the error that happened. Signed-off-by: Maxim Levitsky <mlevitsk@xxxxxxxxxx> --- x86/svm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/x86/svm.c b/x86/svm.c index f109caa..2210d68 100644 --- a/x86/svm.c +++ b/x86/svm.c @@ -174,7 +174,9 @@ void vmcb_ident(struct vmcb *vmcb) save->cr2 = read_cr2(); save->g_pat = rdmsr(MSR_IA32_CR_PAT); save->dbgctl = rdmsr(MSR_IA32_DEBUGCTLMSR); - ctrl->intercept = (1ULL << INTERCEPT_VMRUN) | (1ULL << INTERCEPT_VMMCALL); + ctrl->intercept = (1ULL << INTERCEPT_VMRUN) | + (1ULL << INTERCEPT_VMMCALL) | + (1ULL << INTERCEPT_SHUTDOWN); ctrl->iopm_base_pa = virt_to_phys(io_bitmap); ctrl->msrpm_base_pa = virt_to_phys(msr_bitmap); -- 2.26.3
