From: bluhm <bluhm@openbsd.org>
Date: Fri, 26 Jul 2024 15:59:04 +0000 (+0000)
Subject: On AMD vmm(4) set SVM_INTERCEPT_INVLPGA in intercept1.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=35c0c3c8be824570446ab151ac94dddf975de69d;p=openbsd

On AMD vmm(4) set SVM_INTERCEPT_INVLPGA in intercept1.

According to the AMD64 Architecture Programmer's Manual volume 2
the intercept SVM_INTERCEPT_INVLPGA needs to be set in vmcb.intercept1
(vector 3, offest 00Ch) instead of intercept2 (vector 4, offset
010h).  SVM_INTERCEPT_INVLPGA is bit 26, so before vcpu_reset_regs_svm()
was actually setting an intercept for CR10, which does not exist.

from hshoexer@; OK mlarkin@
---

diff --git a/sys/arch/amd64/amd64/vmm_machdep.c b/sys/arch/amd64/amd64/vmm_machdep.c
index bfb748aad89..22c16005c23 100644
--- a/sys/arch/amd64/amd64/vmm_machdep.c
+++ b/sys/arch/amd64/amd64/vmm_machdep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: vmm_machdep.c,v 1.30 2024/07/24 21:04:12 dv Exp $ */
+/* $OpenBSD: vmm_machdep.c,v 1.31 2024/07/26 15:59:04 bluhm Exp $ */
 /*
  * Copyright (c) 2014 Mike Larkin <mlarkin@openbsd.org>
  *
@@ -1905,6 +1905,7 @@ vcpu_reset_regs_svm(struct vcpu *vcpu, struct vcpu_reg_state *vrs)
 	 * I/O instructions (SVM_INTERCEPT_INOUT)
 	 * MSR access (SVM_INTERCEPT_MSR)
 	 * shutdown events (SVM_INTERCEPT_SHUTDOWN)
+	 * INVLPGA instruction (SVM_INTERCEPT_INVLPGA)
 	 *
 	 * VMRUN instruction (SVM_INTERCEPT_VMRUN)
 	 * VMMCALL instruction (SVM_INTERCEPT_VMMCALL)
@@ -1918,19 +1919,17 @@ vcpu_reset_regs_svm(struct vcpu *vcpu, struct vcpu_reg_state *vrs)
 	 * MWAIT instruction (SVM_INTERCEPT_MWAIT_COND)
 	 * MONITOR instruction (SVM_INTERCEPT_MONITOR)
 	 * RDTSCP instruction (SVM_INTERCEPT_RDTSCP)
-	 * INVLPGA instruction (SVM_INTERCEPT_INVLPGA)
 	 * XSETBV instruction (SVM_INTERCEPT_XSETBV) (if available)
 	 */
 	vmcb->v_intercept1 = SVM_INTERCEPT_INTR | SVM_INTERCEPT_NMI |
 	    SVM_INTERCEPT_CPUID | SVM_INTERCEPT_HLT | SVM_INTERCEPT_INOUT |
-	    SVM_INTERCEPT_MSR | SVM_INTERCEPT_SHUTDOWN;
+	    SVM_INTERCEPT_MSR | SVM_INTERCEPT_SHUTDOWN | SVM_INTERCEPT_INVLPGA;
 
 	vmcb->v_intercept2 = SVM_INTERCEPT_VMRUN | SVM_INTERCEPT_VMMCALL |
 	    SVM_INTERCEPT_VMLOAD | SVM_INTERCEPT_VMSAVE | SVM_INTERCEPT_STGI |
 	    SVM_INTERCEPT_CLGI | SVM_INTERCEPT_SKINIT | SVM_INTERCEPT_ICEBP |
 	    SVM_INTERCEPT_MWAIT_UNCOND | SVM_INTERCEPT_MONITOR |
-	    SVM_INTERCEPT_MWAIT_COND | SVM_INTERCEPT_RDTSCP |
-	    SVM_INTERCEPT_INVLPGA;
+	    SVM_INTERCEPT_MWAIT_COND | SVM_INTERCEPT_RDTSCP;
 
 	if (xsave_mask)
 		vmcb->v_intercept2 |= SVM_INTERCEPT_XSETBV;