Project

General

Profile

Bug #13686

bhyve should emulate mov-to-%cr

Added by Patrick Mooney 21 days ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
bhyve
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

Jonathan Perkin reported a machine with an AMD N36L CPU failing to boot a guest after updating to a platform featuring #13256.

The specific error, reported on SmartOS PI joyent_20210311T001742Z is:

[2021-03-25T10:47:56.023760000Z]  INFO: zoneadmd/79101 on gromit.home.perkin.org.uk: (stream=stderr)
     Failed to emulate instruction sequence [0f, 22, c0, 66, ea, 5c, ff, ff, ff, 10, 00, b8, 40, 06, 00] @ rip = ff51

Dumping that to a file to see what the disassembly is resulted in:

   00000000 <.data>:
      0:   0f 22 c0                mov    %eax,%cr0
      3:   66 ea 5c ff ff ff       ljmpw  $0xffff,$0xff5c
      9:   10 00                   adc    %al,(%eax)
      b:   b8                      .byte 0xb8
      c:   40                      inc    %eax
      d:   06                      push   %es

Since mov-to-%cr0 is normally covered by the SVM instruction decode assist, I inquired about the relevant CPUID reading from that node:

cpi_extd[a].cp_edx = 0xf

Without bit 7 set, it's clear that this CPU lacks the decode assists. With the advent of %cr0 shadowing, bhyve will take exits for guest actions against %cr0 which would have previously been allowed to occur unimpeded. In order to continue supporting those older CPUs, we'll need to add instruction emulation for the mov-to-%cr instructions.


Related issues

Related to illumos gate - Bug #13256: bhyve should shadow %cr0 on AMDClosedPatrick Mooney

Actions
#1

Updated by Patrick Mooney 21 days ago

  • Related to Bug #13256: bhyve should shadow %cr0 on AMD added

Also available in: Atom PDF