From b23805808ec561f9731e66ca9375165c433bc9fa Mon Sep 17 00:00:00 2001 From: Alexander Kudryavtsev Date: Fri, 23 Sep 2011 23:17:56 +0400 Subject: [PATCH 08/32] Configuration entry to deny using VMX unrestricted guest --- Kconfig | 6 ++++++ palacios/src/palacios/vmx.c | 7 ++++++- 2 files changed, 12 insertions(+), 1 deletions(-) diff --git a/Kconfig b/Kconfig index ad9f30c..097a1a1 100644 --- a/Kconfig +++ b/Kconfig @@ -75,6 +75,12 @@ config VMX help Compile with support for Intel VMX +config VMX_NO_UG + bool "Do not use VMX Unrestricted Guest feature" + depends on VMX + default n + help + Force Palacios not to use VMX UG feature config FRAME_POINTER bool "Compile with Frame pointers" diff --git a/palacios/src/palacios/vmx.c b/palacios/src/palacios/vmx.c index 4ce78df..4e0afaa 100644 --- a/palacios/src/palacios/vmx.c +++ b/palacios/src/palacios/vmx.c @@ -975,7 +975,7 @@ int v3_is_vmx_capable() { int v3_reset_vmx_vm_core(struct guest_info * core, addr_t rip) { // init vmcs bios - if ((core->shdw_pg_mode == NESTED_PAGING) && + if ((core->shdw_pg_mode == NESTED_PAGING) && (v3_cpu_types[core->pcpu_id] == V3_VMX_EPT_UG_CPU)) { // easy core->rip = 0; @@ -1029,7 +1029,12 @@ void v3_init_vmx_cpu(int cpu_id) { v3_cpu_types[cpu_id] = V3_VMX_EPT_CPU; } else { V3_Print("VMX EPT (Nested) Paging + Unrestricted guest supported\n"); +#ifdef V3_CONFIG_VMX_NO_UG + v3_cpu_types[cpu_id] = V3_VMX_EPT_CPU; + V3_Print("VMX Unrestricted guest disabled in configuration, using EPT\n"); +#else v3_cpu_types[cpu_id] = V3_VMX_EPT_UG_CPU; +#endif } } } -- 1.7.5.4