# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1202031059 0
# Node ID aecbf98aa7099458fe6895bbd8f15d506e0901b3
# Parent 39ddd51318e9faa7517b8d3d2a385a19f4d357f7
vmx realmode: HOST_CR0.TS must be cleared when restoring guest FPU
state, otherwise in-Xen CR0.TS value becomes set again on next
vmexit. Then we crash the next time we try to emulate an FPU
instruction.
Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
xen/arch/x86/hvm/vmx/vmcs.c | 3 ++-
xen/arch/x86/hvm/vmx/vmx.c | 11 +++++++++++
xen/include/asm-x86/hvm/vmx/cpu.h | 13 -------------
xen/include/asm-x86/hvm/vmx/vmcs.h | 2 ++
4 files changed, 15 insertions(+), 14 deletions(-)
diff -r 39ddd51318e9 -r aecbf98aa709 xen/arch/x86/hvm/vmx/vmcs.c
--- a/xen/arch/x86/hvm/vmx/vmcs.c Sun Feb 03 09:09:21 2008 +0000
+++ b/xen/arch/x86/hvm/vmx/vmcs.c Sun Feb 03 09:30:59 2008 +0000
@@ -489,7 +489,8 @@ static int construct_vmcs(struct vcpu *v
__vmwrite(HOST_GS_BASE, 0);
/* Host control registers. */
- __vmwrite(HOST_CR0, read_cr0() | X86_CR0_TS);
+ v->arch.hvm_vmx.host_cr0 = read_cr0() | X86_CR0_TS;
+ __vmwrite(HOST_CR0, v->arch.hvm_vmx.host_cr0);
__vmwrite(HOST_CR4, mmu_cr4_features);
/* Host CS:RIP. */
diff -r 39ddd51318e9 -r aecbf98aa709 xen/arch/x86/hvm/vmx/vmx.c
--- a/xen/arch/x86/hvm/vmx/vmx.c Sun Feb 03 09:09:21 2008 +0000
+++ b/xen/arch/x86/hvm/vmx/vmx.c Sun Feb 03 09:30:59 2008 +0000
@@ -742,6 +742,13 @@ static int vmx_load_vmcs_ctxt(struct vcp
static void vmx_ctxt_switch_from(struct vcpu *v)
{
+ ASSERT(read_cr0() & X86_CR0_TS);
+ if ( !(v->arch.hvm_vmx.host_cr0 & X86_CR0_TS) )
+ {
+ v->arch.hvm_vmx.host_cr0 |= X86_CR0_TS;
+ __vmwrite(HOST_CR0, v->arch.hvm_vmx.host_cr0);
+ }
+
vmx_save_guest_msrs(v);
vmx_restore_host_msrs();
vmx_save_dr(v);
@@ -1231,6 +1238,10 @@ void vmx_do_no_device_fault(void)
setup_fpu(current);
__vm_clear_bit(EXCEPTION_BITMAP, TRAP_no_device);
+
+ ASSERT(v->arch.hvm_vmx.host_cr0 & X86_CR0_TS);
+ v->arch.hvm_vmx.host_cr0 &= ~X86_CR0_TS;
+ __vmwrite(HOST_CR0, v->arch.hvm_vmx.host_cr0);
/* Disable TS in guest CR0 unless the guest wants the exception too. */
if ( !(v->arch.hvm_vcpu.guest_cr[0] & X86_CR0_TS) )
diff -r 39ddd51318e9 -r aecbf98aa709 xen/include/asm-x86/hvm/vmx/cpu.h
--- a/xen/include/asm-x86/hvm/vmx/cpu.h Sun Feb 03 09:09:21 2008 +0000
+++ b/xen/include/asm-x86/hvm/vmx/cpu.h Sun Feb 03 09:30:59 2008 +0000
@@ -19,19 +19,6 @@
#ifndef __ASM_X86_HVM_VMX_CPU_H__
#define __ASM_X86_HVM_VMX_CPU_H__
-/*
- * Virtual CPU
- */
-struct arch_state_struct {
- unsigned long mode_flags; /* vm86, 32-bit, 64-bit, etc. */
- /* debug registers */
- /* MSRs */
-};
-
-#define VMX_MF_VM86 0
-#define VMX_MF_32 1
-#define VMX_MF_64 2
-
#define NUM_CORES_RESET_MASK 0x00003FFF
#define NUM_THREADS_RESET_MASK 0xFF00FFFF
diff -r 39ddd51318e9 -r aecbf98aa709 xen/include/asm-x86/hvm/vmx/vmcs.h
--- a/xen/include/asm-x86/hvm/vmx/vmcs.h Sun Feb 03 09:09:21 2008 +0000
+++ b/xen/include/asm-x86/hvm/vmx/vmcs.h Sun Feb 03 09:30:59 2008 +0000
@@ -91,6 +91,8 @@ struct arch_vmx_struct {
struct vmx_msr_entry *msr_area;
unsigned int host_msr_count;
struct vmx_msr_entry *host_msr_area;
+
+ unsigned long host_cr0;
#ifdef VMXASSIST
unsigned long vmxassist_enabled:1;
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|