KVM: SVM: Intercept the 'invd' and 'wbinvd' instructions
authorAvi Kivity <avi@qumranet.com>
Sun, 28 Oct 2007 14:11:58 +0000 (16:11 +0200)
committerAvi Kivity <avi@qumranet.com>
Thu, 8 Nov 2007 10:05:45 +0000 (12:05 +0200)
'invd' can destroy host data, and 'wbinvd' allows the guest to induce
long (milliseconds) latencies.

Noted by Ben Serebrin.

Signed-off-by: Avi Kivity <avi@qumranet.com>
drivers/kvm/svm.c

index 7376805c88ab09a7a128e172f46b99f1f721898d..7a6eead63a6bc14537d36fb09756ba5001bc8634 100644 (file)
@@ -494,6 +494,7 @@ static void init_vmcb(struct vmcb *vmcb)
                 */
                /*              (1ULL << INTERCEPT_SELECTIVE_CR0) | */
                                (1ULL << INTERCEPT_CPUID) |
+                               (1ULL << INTERCEPT_INVD) |
                                (1ULL << INTERCEPT_HLT) |
                                (1ULL << INTERCEPT_INVLPGA) |
                                (1ULL << INTERCEPT_IOIO_PROT) |
@@ -507,6 +508,7 @@ static void init_vmcb(struct vmcb *vmcb)
                                (1ULL << INTERCEPT_STGI) |
                                (1ULL << INTERCEPT_CLGI) |
                                (1ULL << INTERCEPT_SKINIT) |
+                               (1ULL << INTERCEPT_WBINVD) |
                                (1ULL << INTERCEPT_MONITOR) |
                                (1ULL << INTERCEPT_MWAIT);
 
@@ -1247,6 +1249,7 @@ static int (*svm_exit_handlers[])(struct vcpu_svm *svm,
        [SVM_EXIT_VINTR]                        = interrupt_window_interception,
        /* [SVM_EXIT_CR0_SEL_WRITE]             = emulate_on_interception, */
        [SVM_EXIT_CPUID]                        = cpuid_interception,
+       [SVM_EXIT_INVD]                         = emulate_on_interception,
        [SVM_EXIT_HLT]                          = halt_interception,
        [SVM_EXIT_INVLPG]                       = emulate_on_interception,
        [SVM_EXIT_INVLPGA]                      = invalid_op_interception,
@@ -1261,6 +1264,7 @@ static int (*svm_exit_handlers[])(struct vcpu_svm *svm,
        [SVM_EXIT_STGI]                         = invalid_op_interception,
        [SVM_EXIT_CLGI]                         = invalid_op_interception,
        [SVM_EXIT_SKINIT]                       = invalid_op_interception,
+       [SVM_EXIT_WBINVD]                       = emulate_on_interception,
        [SVM_EXIT_MONITOR]                      = invalid_op_interception,
        [SVM_EXIT_MWAIT]                        = invalid_op_interception,
 };