hvf: Fetch cr4 before evaluating CPUID(1)

The CPUID function 1 has a bit called OSXSAVE which tells user space the status of the CR4.OSXSAVE bit. Our generic CPUID function injects that bit based on the status of CR4. With Hypervisor.framework, we do not synchronize full CPU state often enough for this function to see the CR4 update before guest user space asks for it. To be on the save side, let's just always synchronize it when we receive a CPUID(1) request. That way we can set the bit with real confidence. Reported-by: Asad Ali <asad@osaro.com> Signed-off-by: Alexander Graf <agraf@csgraf.de> Message-Id: <20210123004129.6364-1-agraf@csgraf.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
qemu · Feb 1, 2021 · 5d27034 · 5d27034
1 parent f059116
commit 5d27034
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/target/i386/hvf/hvf.c b/target/i386/hvf/hvf.c
@@ -734,6 +734,10 @@ int hvf_vcpu_exec(CPUState *cpu)
             uint32_t rcx = (uint32_t)rreg(cpu->hvf_fd, HV_X86_RCX);
             uint32_t rdx = (uint32_t)rreg(cpu->hvf_fd, HV_X86_RDX);
 
+            if (rax == 1) {
+                /* CPUID1.ecx.OSXSAVE needs to know CR4 */
+                env->cr[4] = rvmcs(cpu->hvf->fd, VMCS_GUEST_CR4);
+            }
             cpu_x86_cpuid(env, rax, rcx, &rax, &rbx, &rcx, &rdx);
 
             wreg(cpu->hvf_fd, HV_X86_RAX, rax);