Changeset 70006 in vbox for trunk/src/VBox/VMM

Timestamp:

Dec 8, 2017 10:04:49 AM (7 years ago)

Author:

vboxsync

Message:

VMM/HMSVMR0: Intercept SMIs for nested-guests and don't intercept them for guests.

File:

• trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp (modified) (7 diffs)

trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp

@@ -133 +133 @@
 
 /**
- *  Mandatory/unconditional guest control intercepts.
+ * Mandatory/unconditional guest control intercepts.
  */
 #define HMSVM_MANDATORY_GUEST_CTRL_INTERCEPTS           (  SVM_CTRL_INTERCEPT_INTR        \
@@ -159 +159 @@
                                                          | SVM_CTRL_INTERCEPT_MWAIT       \
                                                          | SVM_CTRL_INTERCEPT_XSETBV)
+
+/**
+ * Mandatory/unconditional nested-guest control intercepts.
+ *
+ * SMIs can and do happen in normal operation. We need to intercept them while
+ * executing the nested-guest and make sure the host handles them.
+ */
+#define HMSVM_MANDATORY_NESTED_GUEST_CTRL_INTERCEPTS    (  HMSVM_MANDATORY_GUEST_CTRL_INTERCEPTS \
+                                                         | SVM_CTRL_INTERCEPT_SMI)
 
 /** @name VMCB Clean Bits.
@@ -1876 +1885 @@
         pVmcbNstGst->ctrl.u32InterceptXcpt  |= pVmcb->ctrl.u32InterceptXcpt;
         pVmcbNstGst->ctrl.u64InterceptCtrl  |= pVmcb->ctrl.u64InterceptCtrl
-                                            |  HMSVM_MANDATORY_GUEST_CTRL_INTERCEPTS;
+                                            |  HMSVM_MANDATORY_NESTED_GUEST_CTRL_INTERCEPTS;
 
         /*
@@ -1886 +1895 @@
          * need to be intercepted (they are included in HMSVM_MANDATORY_GUEST_CTRL_INTERCEPTS).
          */
-        Assert(   (pVmcbNstGst->ctrl.u64InterceptCtrl & HMSVM_MANDATORY_GUEST_CTRL_INTERCEPTS)
-               == HMSVM_MANDATORY_GUEST_CTRL_INTERCEPTS);
+        Assert(   (pVmcbNstGst->ctrl.u64InterceptCtrl & HMSVM_MANDATORY_NESTED_GUEST_CTRL_INTERCEPTS)
+               == HMSVM_MANDATORY_NESTED_GUEST_CTRL_INTERCEPTS);
         pVmcbNstGst->ctrl.u64InterceptCtrl  &= ~SVM_CTRL_INTERCEPT_VMMCALL;
 
@@ -4893 +4902 @@
         case SVM_EXIT_INTR:
         case SVM_EXIT_NMI:
-        {
-            /* We shouldn't direct physical interrupts, NMIs to the nested-guest. */
+        case SVM_EXIT_SMI:
+        {
+            /* We shouldn't direct physical interrupts, NMIs, SMIs to the nested-guest. */
             return hmR0SvmExitIntr(pVCpu, pCtx, pSvmTransient);
         }
@@ -5071 +5081 @@
                 }
 
-                case SVM_EXIT_SMI:
                 case SVM_EXIT_INIT:
                 case SVM_EXIT_NPF: /* We don't yet support nested-paging for nested-guests, so this should never happen. */
@@ -5231 +5240 @@
                 {
                     /*
-                     * INIT signals, SMI shouldn't ever happen here.
+                     * We don't intercept SMIs. As for INIT signals, it really shouldn't ever happen here.
                      * If it ever does, we want to know about it so log the exit code and bail.
                      */