From 08710a981672b36e5b7dfc7bf759c1e51c1b63c0 Mon Sep 17 00:00:00 2001
From: Keir Fraser <keir@xensource.com>
Date: Wed, 28 Mar 2007 16:52:05 +0100
Subject: [PATCH] hvm svm: Inject #UD exception if guest tries to execute any
 SVM-related function (except VMMCALL). Signed-off-by: Mats Petersson
 <mats.petersson@amd.com>

---
 xen/arch/x86/hvm/svm/svm.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index ba799d27be..0159e3cd0b 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -3156,14 +3156,22 @@ asmlinkage void svm_vmexit_handler(struct cpu_user_regs *regs)
         hvm_triple_fault();
         break;
 
+    case VMEXIT_VMRUN:
+    case VMEXIT_VMLOAD:
+    case VMEXIT_VMSAVE:
+    case VMEXIT_STGI:
+    case VMEXIT_CLGI:
+    case VMEXIT_SKINIT:
+        /* Report "Invalid opcode" on any VM-operation except VMMCALL */
+        svm_inject_exception(v, TRAP_invalid_op, 0, 0);
+        break;
+
     case VMEXIT_NPF:
-    {
         regs->error_code = vmcb->exitinfo1;
         if ( !svm_do_nested_pgfault(vmcb->exitinfo2, regs) ) {
             domain_crash(v->domain);
         }
         break;
-    }
 
     default:
     exit_and_crash:
-- 
2.30.2