xen/522f2f9f-Nested-VMX-Clear-bit-31-of-IA32_VMX_BASIC-MSR.patch

# Commit f3a4eb9253826d1e49e682314c8666b28fa0b717
# Date 2013-09-10 16:41:35 +0200
# Author Yang Zhang <yang.z.zhang@Intel.com>
# Committer Jan Beulich <jbeulich@suse.com>
Nested VMX: Clear bit 31 of IA32_VMX_BASIC MSR

The bit 31 of revision_id will set to 1 if vmcs shadowing enabled. And
according intel SDM, the bit 31 of IA32_VMX_BASIC MSR is always 0. So we
cannot set low 32 bit of IA32_VMX_BASIC to revision_id directly. Must clear
the bit 31 to 0.

Signed-off-by: Yang Zhang <yang.z.zhang@Intel.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1828,7 +1828,7 @@ int nvmx_msr_read_intercept(unsigned int
     switch (msr) {
     case MSR_IA32_VMX_BASIC:
         data = (host_data & (~0ul << 32)) |
-               ((v->arch.hvm_vmx.vmcs)->vmcs_revision_id);
+               (v->arch.hvm_vmx.vmcs->vmcs_revision_id & 0x7fffffff);
         break;
     case MSR_IA32_VMX_PINBASED_CTLS:
     case MSR_IA32_VMX_TRUE_PINBASED_CTLS:
- Improvements to block-dmmd script bnc#828623 - bnc#839596 - VUL-0: CVE-2013-1442: XSA-62: xen: Information leak on AVX and/or LWP capable CPUs 5242a1b5-x86-xsave-initialize-extended-register-state-when-guests-enable-it.patch - bnc#840592 - VUL-0: CVE-2013-4355: XSA-63: xen: Information leaks through I/O instruction emulation CVE-2013-4355-xsa63.patch - bnc#840593 - VUL-0: CVE-2013-4356: XSA-64: xen: Memory accessible by 64-bit PV guests under live migration CVE-2013-4356-xsa64.patch - bnc#841766 - VUL-1: CVE-2013-4361: XSA-66: xen: Information leak through fbld instruction emulation CVE-2013-4361-xsa66.patch - bnc#833796 - L3: Xen: migration broken from xsave-capable to xsave-incapable host 52205e27-x86-xsave-initialization-improvements.patch 522dc0e6-x86-xsave-fix-migration-from-xsave-capable-to-xsave-incapable-host.patch - bnc#839600 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64 platform and sles11sp3 with xen environment, xen hypervisor will panic on multiple blades nPar. 523172d5-x86-fix-memory-cut-off-when-using-PFN-compression.patch - bnc#833251 - [HP BCS SLES11 Bug]: In HP’s UEFI x86_64 platform and with xen environment, in booting stage ,xen hypervisor will panic. 522d896b-x86-EFI-properly-handle-run-time-memory-regions-outside-the-1-1-map.patch - bnc#834751 - [HP BCS SLES11 Bug]: In xen, “shutdown –y 0 –h” cannot power off system 522d896b-x86-EFI-properly-handle-run-time-memory-regions-outside-the-1-1-map.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=274 2013-10-03 00:41:46 +02:00			`# Commit f3a4eb9253826d1e49e682314c8666b28fa0b717`
			`# Date 2013-09-10 16:41:35 +0200`
			`# Author Yang Zhang <yang.z.zhang@Intel.com>`
			`# Committer Jan Beulich <jbeulich@suse.com>`
			`Nested VMX: Clear bit 31 of IA32_VMX_BASIC MSR`

			`The bit 31 of revision_id will set to 1 if vmcs shadowing enabled. And`
			`according intel SDM, the bit 31 of IA32_VMX_BASIC MSR is always 0. So we`
			`cannot set low 32 bit of IA32_VMX_BASIC to revision_id directly. Must clear`
			`the bit 31 to 0.`

			`Signed-off-by: Yang Zhang <yang.z.zhang@Intel.com>`
			`Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>`

			`--- a/xen/arch/x86/hvm/vmx/vvmx.c`
			`+++ b/xen/arch/x86/hvm/vmx/vvmx.c`
			`@@ -1828,7 +1828,7 @@ int nvmx_msr_read_intercept(unsigned int`
			`switch (msr) {`
			`case MSR_IA32_VMX_BASIC:`
			`data = (host_data & (~0ul << 32)) \|`
			`- ((v->arch.hvm_vmx.vmcs)->vmcs_revision_id);`
			`+ (v->arch.hvm_vmx.vmcs->vmcs_revision_id & 0x7fffffff);`
			`break;`
			`case MSR_IA32_VMX_PINBASED_CTLS:`
			`case MSR_IA32_VMX_TRUE_PINBASED_CTLS:`