When running on AMD hardware in HVM mode the guest linear address (GLA)
will not be provided to hvm_emulate_one_mmio(), and instead is
unconditionally set of ~0. As a consequence mmio_ro_emulated_write() will
always report an error, as the fault GLA generated by the emulation of the
access won't be ~0.
Fix this by only checking for the fault GLA in mmio_ro_emulated_write()
when the guest is PV.
Fixes: 33c19df9a5a0 ('x86/PCI: intercept accesses to RO MMIO from dom0s in HVM
containers')
Signed-off-by: Roger Pau Monné <roger....@citrix.com>
---
xen/arch/x86/mm.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index 4fecd37aeca0..79836705c51e 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -5187,7 +5187,12 @@ int cf_check mmio_ro_emulated_write(
/* Only allow naturally-aligned stores at the original %cr2 address. */
if ( ((bytes | offset) & (bytes - 1)) || !bytes ||
- offset != mmio_ro_ctxt->cr2 )
+ /*
+ * HVM domains might not have a valid fault GLA in the context, as AMD
+ * NPT faults don't report the faulting GLA. It's also possible for
+ * the fault to happen in non-paging modes.
+ */
+ (is_pv_domain(current->domain) && offset != mmio_ro_ctxt->cr2) )
{
gdprintk(XENLOG_WARNING, "bad access (cr2=%lx, addr=%lx, bytes=%u)\n",
mmio_ro_ctxt->cr2, offset, bytes);
--
2.48.1
