[HVM][VMX] Clear vmxe when VMX is not enabled.

The current Xen code keeps X86_CR4_VMXE set even if VMXON has not been
executed. The stop_vmx() code assumes that it is possible to call
VMXOFF if X86_CR4_VMXE is set which is not always true. Calling VMXOFF
without VMXON results in an illegal opcode trap, and to avoid this condition
this patch makes sure that X86_CR4_VMXE is only set when VMXON has
been called.

Tested using x86_32 on a Pentium D 930.

Signed-Off-By: Magnus Damm <magnus@valinux.co.jp>

diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index d22e158224496d8cc2745f4960d12a8873cda30b..8b162d75a90242298e0ceb7cfbf7c7fbb70c5af6 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -485,8 +485,10 @@ static void vmx_ctxt_switch_to(struct vcpu *v)
 
 static void stop_vmx(void)
 {
-    if (read_cr4() & X86_CR4_VMXE)
-        __vmxoff();
+    if ( !(read_cr4() & X86_CR4_VMXE) )
+        return;
+    __vmxoff();
+    clear_in_cr4(X86_CR4_VMXE);
 }
 
 void vmx_migrate_timers(struct vcpu *v)
@@ -806,12 +808,14 @@ int start_vmx(void)
 
     if ( (vmcs = vmx_alloc_host_vmcs()) == NULL )
     {
+        clear_in_cr4(X86_CR4_VMXE);
         printk("Failed to allocate host VMCS\n");
         return 0;
     }
 
     if ( __vmxon(virt_to_maddr(vmcs)) )
     {
+        clear_in_cr4(X86_CR4_VMXE);
         printk("VMXON failed\n");
         vmx_free_host_vmcs(vmcs);
         return 0;