Changeset 10206 in vbox

Timestamp:

Jul 4, 2008 8:36:48 AM (16 years ago)

Author:

vboxsync

Message:

Fixed regression introduced by TPR caching. (never execute code that can jump back to ring 3 in *LoadGuestState)

Location:

trunk/src/VBox/VMM/VMMR0

Files:

• HWSVMR0.cpp (modified) (3 diffs)
• HWVMXR0.cpp (modified) (1 diff)

trunk/src/VBox/VMM/VMMR0/HWSVMR0.cpp

@@ -513 +513 @@
  * Loads the guest state
  *
+ * NOTE: Don't do anything here that can cause a jump back to ring 3!!!!!
+ *
  * @returns VBox status code.
  * @param   pVM         The VM to operate on.
@@ -742 +744 @@
         pVMCB->ctrl.u32InterceptException &= ~RT_BIT(1);
 #endif
-
-    /* TPR caching in CR8 */
-    uint8_t u8TPR;
-    int rc = PDMApicGetTPR(pVM, &u8TPR);
-    AssertRC(rc);
-    pCtx->cr8                    = u8TPR;
-    pVMCB->ctrl.IntCtrl.n.u8VTPR = u8TPR;
 
     /* Done. */
@@ -856 +851 @@
     }
     fGuestStateSynced = true;
+
+    /* TPR caching using CR8 is only available in 64 bits mode */
+    /* Note the 32 bits exception for AMD (X86_CPUID_AMD_FEATURE_ECX_CR8L), but that appears missing in Intel CPUs */
+    /* Note: we can't do this in LoadGuestState as PDMApicGetTPR can jump back to ring 3 (lock). */
+    if (pCtx->msrEFER & MSR_K6_EFER_LMA)
+    {
+        /* TPR caching in CR8 */
+        uint8_t u8TPR;
+        int rc = PDMApicGetTPR(pVM, &u8TPR);
+        AssertRC(rc);
+        pCtx->cr8                    = u8TPR;
+        pVMCB->ctrl.IntCtrl.n.u8VTPR = u8TPR;
+    }
 
     /* All done! Let's start VM execution. */

trunk/src/VBox/VMM/VMMR0/HWVMXR0.cpp

@@ -655 +655 @@
 /**
  * Loads the guest state
+ *
+ * NOTE: Don't do anything here that can cause a jump back to ring 3!!!!!
  *
  * @returns VBox status code.