vmm(4): save and restore Intel CET state on vm entry/exit.

author dv <dv@openbsd.org>

Sun, 16 Apr 2023 01:50:12 +0000 (01:50 +0000)

committer dv <dv@openbsd.org>

Sun, 16 Apr 2023 01:50:12 +0000 (01:50 +0000)
author dv <dv@openbsd.org>
Sun, 16 Apr 2023 01:50:12 +0000 (01:50 +0000)
committer dv <dv@openbsd.org>
Sun, 16 Apr 2023 01:50:12 +0000 (01:50 +0000)
diff --git a/sys/arch/amd64/amd64/vmm.c b/sys/arch/amd64/amd64/vmm.c

index d8c8abc..8db981f 100644 (file)
--- a/sys/arch/amd64/amd64/vmm.c
+++ b/sys/arch/amd64/amd64/vmm.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: vmm.c,v 1.337 2023/01/30 14:05:36 dv Exp $    */
+/*     $OpenBSD: vmm.c,v 1.338 2023/04/16 01:50:12 dv Exp $    */
  /*
   * Copyright (c) 2014 Mike Larkin <mlarkin@openbsd.org>
   *
@@ -3192,6 +3192,11 @@ vcpu_reset_regs_vmx(struct vcpu *vcpu, struct vcpu_reg_state *vrs)
                 ctrlval = vcpu->vc_vmx_exit_ctls;
         }
  
+       if (rcr4() & CR4_CET)
+               want1 |= IA32_VMX_LOAD_HOST_CET_STATE;
+       else
+               want0 |= IA32_VMX_LOAD_HOST_CET_STATE;
+
         if (vcpu_vmx_compute_ctrl(ctrlval, ctrl, want1, want0, &exit)) {
                 DPRINTF("%s: error computing exit controls\n", __func__);
                 ret = EINVAL;
@@ -3231,6 +3236,11 @@ vcpu_reset_regs_vmx(struct vcpu *vcpu, struct vcpu_reg_state *vrs)
                 ctrlval = vcpu->vc_vmx_entry_ctls;
         }
  
+       if (rcr4() & CR4_CET)
+               want1 |= IA32_VMX_LOAD_GUEST_CET_STATE;
+       else
+               want0 |= IA32_VMX_LOAD_GUEST_CET_STATE;
+
         if (vcpu_vmx_compute_ctrl(ctrlval, ctrl, want1, want0, &entry)) {
                 ret = EINVAL;
                 goto exit;
author	dv <dv@openbsd.org>
	Sun, 16 Apr 2023 01:50:12 +0000 (01:50 +0000)
committer	dv <dv@openbsd.org>
	Sun, 16 Apr 2023 01:50:12 +0000 (01:50 +0000)