x86: Block write access to IA32_APIC_BASE MSR

author Jan Kiszka <jan.kiszka@siemens.com>

Sun, 3 Aug 2014 17:55:31 +0000 (19:55 +0200)

committer Jan Kiszka <jan.kiszka@siemens.com>

Sun, 3 Aug 2014 17:55:31 +0000 (19:55 +0200)
author Jan Kiszka <jan.kiszka@siemens.com>
Sun, 3 Aug 2014 17:55:31 +0000 (19:55 +0200)
committer Jan Kiszka <jan.kiszka@siemens.com>
Sun, 3 Aug 2014 17:55:31 +0000 (19:55 +0200)
diff --git a/hypervisor/arch/x86/vmx.c b/hypervisor/arch/x86/vmx.c

index 6d3d1000c0371fc2e35eae2fd92c06d2e84722a8..72f416fa9356abae6c92fd8637d85699ffe3e1de 100644 (file)
--- a/hypervisor/arch/x86/vmx.c
+++ b/hypervisor/arch/x86/vmx.c
@@ -49,7 +49,9 @@ static u8 __attribute__((aligned(PAGE_SIZE))) msr_bitmap[][0x2000/8] = {
                 [      0/8 ... 0x1fff/8 ] = 0,
         },
         [ VMX_MSR_BMP_0000_WRITE ] = {
-               [      0/8 ...  0x807/8 ] = 0,
+               [      0/8 ...   0x17/8 ] = 0,
+               [   0x18/8 ...   0x1f/8 ] = 0x08, /* 0x01b */
+               [   0x20/8 ...  0x7ff/8 ] = 0,
                 [  0x808/8 ...  0x80f/8 ] = 0x89, /* 0x808, 0x80b, 0x80f */
                 [  0x810/8 ...  0x827/8 ] = 0,
                 [  0x828/8 ...  0x82f/8 ] = 0x81, /* 0x828, 0x82f */
author	Jan Kiszka <jan.kiszka@siemens.com>
	Sun, 3 Aug 2014 17:55:31 +0000 (19:55 +0200)
committer	Jan Kiszka <jan.kiszka@siemens.com>
	Sun, 3 Aug 2014 17:55:31 +0000 (19:55 +0200)