hv: vmcall: unsupported vmcall from UOS should be handle first.
ACRN HV hide VMX capability from guest. Only vmcall from SOS or some specific vmcall from UOS are allowed. Unsupported vmcall from UOS should be considered a "not in VMX operation" case, and should be handled first according to SDM Vol. 3C 30-9. Tracked-On: #2405 Signed-off-by: Binbin Wu <binbin.wu@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
parent
3b7a010f7f
commit
3e0c0550a4
|
@ -192,15 +192,15 @@ int32_t vmcall_vmexit_handler(struct acrn_vcpu *vcpu)
|
|||
/* hypercall ID from guest*/
|
||||
uint64_t hypcall_id = vcpu_get_gpreg(vcpu, CPU_REG_R8);
|
||||
|
||||
if (!is_hypercall_from_ring0()) {
|
||||
pr_err("hypercall is only allowed from RING-0!\n");
|
||||
ret = -EACCES;
|
||||
} else if (!is_sos_vm(vm) && (hypcall_id != HC_WORLD_SWITCH) &&
|
||||
if (!is_sos_vm(vm) && (hypcall_id != HC_WORLD_SWITCH) &&
|
||||
(hypcall_id != HC_INITIALIZE_TRUSTY) &&
|
||||
(hypcall_id != HC_SAVE_RESTORE_SWORLD_CTX)) {
|
||||
vcpu_inject_ud(vcpu);
|
||||
pr_err("hypercall %d is only allowed from SOS_VM!\n", hypcall_id);
|
||||
ret = -EACCES;
|
||||
} else if (!is_hypercall_from_ring0()) {
|
||||
pr_err("hypercall is only allowed from RING-0!\n");
|
||||
ret = -EACCES;
|
||||
} else {
|
||||
/* Dispatch the hypercall handler */
|
||||
ret = dispatch_hypercall(vcpu);
|
||||
|
|
Loading…
Reference in New Issue