commit 916ce2360fadc71d924e02403b31280112a31280
author Joerg Roedel <joerg.roedel@amd.com> Wed Mar 21 19:47:00 2007 +0100
committer Avi Kivity <avi@qumranet.com> Thu May 03 10:52:26 2007 +0300
tree 6cdb3c1e122cb25e18f1848c151aacc356c06fde
parent 0e5bf0d0e449f6597870570e8dd17e78ba4d75ff

KVM: SVM: forbid guest to execute monitor/mwait

This patch forbids the guest to execute monitor/mwait instructions on
SVM. This is necessary because the guest can execute these instructions
if they are available even if the kvm cpuid doesn't report its
existence.

Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Avi Kivity <avi@qumranet.com>

drivers/kvm/svm.c

diff --git a/drivers/kvm/svm.c b/drivers/kvm/svm.c
index ddc0505c..0542d33 100644
--- a/drivers/kvm/svm.c
+++ b/drivers/kvm/svm.c
@@ -511,7 +511,9 @@
 				(1ULL << INTERCEPT_VMSAVE) |
 				(1ULL << INTERCEPT_STGI) |
 				(1ULL << INTERCEPT_CLGI) |
-				(1ULL << INTERCEPT_SKINIT);
+				(1ULL << INTERCEPT_SKINIT) |
+				(1ULL << INTERCEPT_MONITOR) |
+				(1ULL << INTERCEPT_MWAIT);
 
 	control->iopm_base_pa = iopm_base;
 	control->msrpm_base_pa = msrpm_base;
@@ -1292,6 +1294,8 @@
 	[SVM_EXIT_STGI]				= invalid_op_interception,
 	[SVM_EXIT_CLGI]				= invalid_op_interception,
 	[SVM_EXIT_SKINIT]			= invalid_op_interception,
+	[SVM_EXIT_MONITOR]			= invalid_op_interception,
+	[SVM_EXIT_MWAIT]			= invalid_op_interception,
 };