CR4_GUEST_HOST_MASK was incorrect, needed CR4_READ_SHADOW.

- Needed ExitType as well
memN0ps · Feb 25, 2024 · b11fb54 · b11fb54
1 parent a1d0fc7
commit b11fb54
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 2 deletions.
diff --git a/hypervisor/src/intel/vmexit/init.rs b/hypervisor/src/intel/vmexit/init.rs
@@ -6,6 +6,7 @@ use {
             cr0, cr2_write, cr4, dr0_write, dr1_write, dr2_write, dr3_write, dr6_write,
             get_cpuid_feature_info, rdmsr, vmread, vmwrite,
         },
+        vmexit::ExitType,
     },
     x86::{
         bits64::rflags,
@@ -16,7 +17,7 @@ use {
     },
 };
 
-pub fn handle_init_signal(guest_registers: &mut GuestRegisters) {
+pub fn handle_init_signal(guest_registers: &mut GuestRegisters) -> ExitType {
     //
     // Initializes the processor to the state after INIT as described in the Intel SDM.
     //
@@ -29,7 +30,7 @@ pub fn handle_init_signal(guest_registers: &mut GuestRegisters) {
     vmwrite(vmcs::control::CR0_READ_SHADOW, 0u64);
     cr2_write(0);
     vmwrite(vmcs::guest::CR3, 0u64);
-    vmwrite(vmcs::control::CR4_GUEST_HOST_MASK, 0u64);
+    vmwrite(vmcs::control::CR4_READ_SHADOW, 0u64);
 
     //
     // Actual guest CR0 and CR4 must fulfill requirements for VMX. Apply those.
@@ -180,6 +181,9 @@ pub fn handle_init_signal(guest_registers: &mut GuestRegisters) {
     //  - BND0-BND3
     //  - IA32_BNDCFGS
     //
+    //vmwrite(vmcs::control::XSS_EXITING_BITMAP_FULL, 0u64);
+    //vmwrite(vmcs::guest::IA32_BNDCFGS_FULL, 0u64);
+    //vmwrite(vmcs::guest::IA32, 0u64);
 
     //
     // Set Guest EFER, FS_BASE and GS_BASE to 0.
@@ -235,6 +239,8 @@ pub fn handle_init_signal(guest_registers: &mut GuestRegisters) {
     //
     let vmx_wait_for_sipi = 0x3u64;
     vmwrite(vmcs::guest::ACTIVITY_STATE, vmx_wait_for_sipi);
+
+    ExitType::Continue
 }
 
 /// Further adjusts CR0 considering the UnrestrictedGuest feature.

diff --git a/hypervisor/src/intel/vmexit/sipi.rs b/hypervisor/src/intel/vmexit/sipi.rs
@@ -1 +1,8 @@
+use crate::intel::capture::GuestRegisters;
+use crate::intel::vmexit::ExitType;
 
+pub fn handle_sipi_signal(_guest_registers: &mut GuestRegisters) -> ExitType {
+    panic!("SIPI called, panicking!");
+
+    //ExitType::IncrementRIP
+}
diff --git a/hypervisor/src/vmm.rs b/hypervisor/src/vmm.rs
@@ -11,11 +11,14 @@ use {
                 cpuid::handle_cpuid,
                 ept::{handle_ept_misconfiguration, handle_ept_violation},
                 exception::{handle_exception, handle_undefined_opcode_exception},
+                halt::handle_halt,
+                init::handle_init_signal,
                 invd::handle_invd,
                 invept::handle_invept,
                 invvpid::handle_invvpid,
                 msr::{handle_msr_access, MsrAccessType},
                 rdtsc::handle_rdtsc,
+                sipi::handle_sipi_signal,
                 xsetbv::handle_xsetbv,
                 ExitType,
             },
@@ -64,6 +67,9 @@ pub fn start_hypervisor(guest_registers: &GuestRegisters, shared_data: &mut Shar
 
             let exit_type = match basic_exit_reason {
                 VmxBasicExitReason::ExceptionOrNmi => handle_exception(&mut vm),
+                VmxBasicExitReason::InitSignal => handle_init_signal(&mut vm.guest_registers),
+                VmxBasicExitReason::StartupIpi => handle_sipi_signal(&mut vm.guest_registers),
+                VmxBasicExitReason::Hlt => handle_halt(),
                 VmxBasicExitReason::Cpuid => handle_cpuid(&mut vm.guest_registers),
 
                 // Grouping multiple exit reasons that are handled by the same function