From 80982c971fc3d49622412a9b2cb038e004acef49 Mon Sep 17 00:00:00 2001 From: Keir Fraser Date: Fri, 27 Jun 2008 16:20:59 +0100 Subject: [PATCH] hvm: Fix lmsw handling The lmsw instruction can be used to set CR0_PE, but can never clear it, once set. Signed-off-by: Trolle Selander --- xen/arch/x86/hvm/vmx/vmx.c | 3 ++- xen/arch/x86/x86_emulate/x86_emulate.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 5f048ab550..b486721962 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -1523,7 +1523,8 @@ static int vmx_cr_access(unsigned long exit_qualification, break; case VMX_CONTROL_REG_ACCESS_TYPE_LMSW: value = v->arch.hvm_vcpu.guest_cr[0]; - value = (value & ~0xFFFF) | ((exit_qualification >> 16) & 0xFFFF); + /* NB. LMSW can set, but never clear, PE. */ + value = (value & 0xFFFF0001) | ((exit_qualification >> 16) & 0xFFFF); HVMTRACE_LONG_1D(LMSW, current, value); return !hvm_set_cr0(value); default: diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c index 33718f2e85..1e67c0f4d7 100644 --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -3284,7 +3284,7 @@ x86_emulate( else if ( (rc = ops->read(ea.mem.seg, ea.mem.off, &cr0w, 2, ctxt)) ) goto done; - cr0 &= 0xffff0000; + cr0 &= 0xffff0001; /* lmsw can set, but never clear, PE */ cr0 |= (uint16_t)cr0w; if ( (rc = ops->write_cr(0, cr0, ctxt)) ) goto done; -- 2.30.2