/*
   * Kernel-based Virtual Machine driver for Linux
   *
   * derived from drivers/kvm/kvm_main.c
   *
   * Copyright (C) 2006 Qumranet, Inc.

   * Copyright (C) 2008 Qumranet, Inc.
   * Copyright IBM Corporation, 2008

   * Copyright 2010 Red Hat, Inc. and/or its affiliates.

   *
   * Authors:
   *   Avi Kivity   <avi@qumranet.com>
   *   Yaniv Kamay  <yaniv@qumranet.com>

   *   Amit Shah    <amit.shah@qumranet.com>
   *   Ben-Ami Yassour <benami@il.ibm.com>

   *
   * This work is licensed under the terms of the GNU GPL, version 2.  See
   * the COPYING file in the top-level directory.
   *
   */

  #include <linux/kvm_host.h>

  #include "irq.h"

  #include "mmu.h"

  #include "i8254.h"

  #include "tss.h"

  #include "kvm_cache_regs.h"

  #include "x86.h"

  #include "cpuid.h"

  #include <linux/clocksource.h>

  #include <linux/interrupt.h>

  #include <linux/kvm.h>
  #include <linux/fs.h>
  #include <linux/vmalloc.h>

  #include <linux/module.h>

  #include <linux/mman.h>

  #include <linux/highmem.h>

  #include <linux/iommu.h>

  #include <linux/intel-iommu.h>

  #include <linux/cpufreq.h>

  #include <linux/user-return-notifier.h>

  #include <linux/srcu.h>

  #include <linux/slab.h>

  #include <linux/perf_event.h>

  #include <linux/uaccess.h>

  #include <linux/hash.h>

  #include <linux/pci.h>

  #include <trace/events/kvm.h>

  #define CREATE_TRACE_POINTS
  #include "trace.h"

  #include <asm/debugreg.h>

  #include <asm/msr.h>

  #include <asm/desc.h>

  #include <asm/mtrr.h>

  #include <asm/mce.h>

  #include <asm/i387.h>

  #include <asm/xcr.h>

  #include <asm/pvclock.h>

  #include <asm/div64.h>

  #define MAX_IO_MSRS 256

  #define KVM_MAX_MCE_BANKS 32

  #define KVM_MCE_CAP_SUPPORTED (MCG_CTL_P | MCG_SER_P)

  #define emul_to_vcpu(ctxt) \
  	container_of(ctxt, struct kvm_vcpu, arch.emulate_ctxt)

  /* EFER defaults:
   * - enable syscall per default because its emulated by KVM
   * - enable LME and LMA per default on 64 bit KVM
   */
  #ifdef CONFIG_X86_64

  static
  u64 __read_mostly efer_reserved_bits = ~((u64)(EFER_SCE | EFER_LME | EFER_LMA));

  #else

  static u64 __read_mostly efer_reserved_bits = ~((u64)EFER_SCE);

  #endif

  #define VM_STAT(x) offsetof(struct kvm, stat.x), KVM_STAT_VM
  #define VCPU_STAT(x) offsetof(struct kvm_vcpu, stat.x), KVM_STAT_VCPU

  static void update_cr8_intercept(struct kvm_vcpu *vcpu);

  static void process_nmi(struct kvm_vcpu *vcpu);

  struct kvm_x86_ops *kvm_x86_ops;

  EXPORT_SYMBOL_GPL(kvm_x86_ops);

  static bool ignore_msrs = 0;
  module_param(ignore_msrs, bool, S_IRUGO | S_IWUSR);

  bool kvm_has_tsc_control;
  EXPORT_SYMBOL_GPL(kvm_has_tsc_control);
  u32  kvm_max_guest_tsc_khz;
  EXPORT_SYMBOL_GPL(kvm_max_guest_tsc_khz);

  #define KVM_NR_SHARED_MSRS 16
  
  struct kvm_shared_msrs_global {
  	int nr;

  	u32 msrs[KVM_NR_SHARED_MSRS];

  };
  
  struct kvm_shared_msrs {
  	struct user_return_notifier urn;
  	bool registered;

  	struct kvm_shared_msr_values {
  		u64 host;
  		u64 curr;
  	} values[KVM_NR_SHARED_MSRS];

  };
  
  static struct kvm_shared_msrs_global __read_mostly shared_msrs_global;
  static DEFINE_PER_CPU(struct kvm_shared_msrs, shared_msrs);

  struct kvm_stats_debugfs_item debugfs_entries[] = {

  	{ "pf_fixed", VCPU_STAT(pf_fixed) },
  	{ "pf_guest", VCPU_STAT(pf_guest) },
  	{ "tlb_flush", VCPU_STAT(tlb_flush) },
  	{ "invlpg", VCPU_STAT(invlpg) },
  	{ "exits", VCPU_STAT(exits) },
  	{ "io_exits", VCPU_STAT(io_exits) },
  	{ "mmio_exits", VCPU_STAT(mmio_exits) },
  	{ "signal_exits", VCPU_STAT(signal_exits) },
  	{ "irq_window", VCPU_STAT(irq_window_exits) },

  	{ "nmi_window", VCPU_STAT(nmi_window_exits) },

  	{ "halt_exits", VCPU_STAT(halt_exits) },
  	{ "halt_wakeup", VCPU_STAT(halt_wakeup) },

  	{ "hypercalls", VCPU_STAT(hypercalls) },

  	{ "request_irq", VCPU_STAT(request_irq_exits) },
  	{ "irq_exits", VCPU_STAT(irq_exits) },
  	{ "host_state_reload", VCPU_STAT(host_state_reload) },
  	{ "efer_reload", VCPU_STAT(efer_reload) },
  	{ "fpu_reload", VCPU_STAT(fpu_reload) },
  	{ "insn_emulation", VCPU_STAT(insn_emulation) },
  	{ "insn_emulation_fail", VCPU_STAT(insn_emulation_fail) },

  	{ "irq_injections", VCPU_STAT(irq_injections) },

  	{ "nmi_injections", VCPU_STAT(nmi_injections) },

  	{ "mmu_shadow_zapped", VM_STAT(mmu_shadow_zapped) },
  	{ "mmu_pte_write", VM_STAT(mmu_pte_write) },
  	{ "mmu_pte_updated", VM_STAT(mmu_pte_updated) },
  	{ "mmu_pde_zapped", VM_STAT(mmu_pde_zapped) },
  	{ "mmu_flooded", VM_STAT(mmu_flooded) },
  	{ "mmu_recycled", VM_STAT(mmu_recycled) },

  	{ "mmu_cache_miss", VM_STAT(mmu_cache_miss) },

  	{ "mmu_unsync", VM_STAT(mmu_unsync) },

  	{ "remote_tlb_flush", VM_STAT(remote_tlb_flush) },

  	{ "largepages", VM_STAT(lpages) },

  	{ NULL }
  };

  u64 __read_mostly host_xcr0;

  int emulator_fix_hypercall(struct x86_emulate_ctxt *ctxt);

  static inline void kvm_async_pf_hash_reset(struct kvm_vcpu *vcpu)
  {
  	int i;
  	for (i = 0; i < roundup_pow_of_two(ASYNC_PF_PER_VCPU); i++)
  		vcpu->arch.apf.gfns[i] = ~0;
  }

  static void kvm_on_user_return(struct user_return_notifier *urn)
  {
  	unsigned slot;

  	struct kvm_shared_msrs *locals
  		= container_of(urn, struct kvm_shared_msrs, urn);

  	struct kvm_shared_msr_values *values;

  
  	for (slot = 0; slot < shared_msrs_global.nr; ++slot) {

  		values = &locals->values[slot];
  		if (values->host != values->curr) {
  			wrmsrl(shared_msrs_global.msrs[slot], values->host);
  			values->curr = values->host;

  		}
  	}
  	locals->registered = false;
  	user_return_notifier_unregister(urn);
  }

  static void shared_msr_update(unsigned slot, u32 msr)

  {

  	struct kvm_shared_msrs *smsr;

  	u64 value;

  	smsr = &__get_cpu_var(shared_msrs);
  	/* only read, and nobody should modify it at this time,
  	 * so don't need lock */
  	if (slot >= shared_msrs_global.nr) {
  		printk(KERN_ERR "kvm: invalid MSR slot!");
  		return;
  	}
  	rdmsrl_safe(msr, &value);
  	smsr->values[slot].host = value;
  	smsr->values[slot].curr = value;
  }
  
  void kvm_define_shared_msr(unsigned slot, u32 msr)
  {

  	if (slot >= shared_msrs_global.nr)
  		shared_msrs_global.nr = slot + 1;

  	shared_msrs_global.msrs[slot] = msr;
  	/* we need ensured the shared_msr_global have been updated */
  	smp_wmb();

  }
  EXPORT_SYMBOL_GPL(kvm_define_shared_msr);
  
  static void kvm_shared_msr_cpu_online(void)
  {
  	unsigned i;

  
  	for (i = 0; i < shared_msrs_global.nr; ++i)

  		shared_msr_update(i, shared_msrs_global.msrs[i]);

  }

  void kvm_set_shared_msr(unsigned slot, u64 value, u64 mask)

  {
  	struct kvm_shared_msrs *smsr = &__get_cpu_var(shared_msrs);

  	if (((value ^ smsr->values[slot].curr) & mask) == 0)

  		return;

  	smsr->values[slot].curr = value;
  	wrmsrl(shared_msrs_global.msrs[slot], value);

  	if (!smsr->registered) {
  		smsr->urn.on_user_return = kvm_on_user_return;
  		user_return_notifier_register(&smsr->urn);
  		smsr->registered = true;
  	}
  }
  EXPORT_SYMBOL_GPL(kvm_set_shared_msr);

  static void drop_user_return_notifiers(void *ignore)
  {
  	struct kvm_shared_msrs *smsr = &__get_cpu_var(shared_msrs);
  
  	if (smsr->registered)
  		kvm_on_user_return(&smsr->urn);
  }

  u64 kvm_get_apic_base(struct kvm_vcpu *vcpu)
  {
  	if (irqchip_in_kernel(vcpu->kvm))

  		return vcpu->arch.apic_base;

  	else

  		return vcpu->arch.apic_base;

  }
  EXPORT_SYMBOL_GPL(kvm_get_apic_base);
  
  void kvm_set_apic_base(struct kvm_vcpu *vcpu, u64 data)
  {
  	/* TODO: reserve bits check */
  	if (irqchip_in_kernel(vcpu->kvm))
  		kvm_lapic_set_base(vcpu, data);
  	else

  		vcpu->arch.apic_base = data;

  }
  EXPORT_SYMBOL_GPL(kvm_set_apic_base);

  #define EXCPT_BENIGN		0
  #define EXCPT_CONTRIBUTORY	1
  #define EXCPT_PF		2
  
  static int exception_class(int vector)
  {
  	switch (vector) {
  	case PF_VECTOR:
  		return EXCPT_PF;
  	case DE_VECTOR:
  	case TS_VECTOR:
  	case NP_VECTOR:
  	case SS_VECTOR:
  	case GP_VECTOR:
  		return EXCPT_CONTRIBUTORY;
  	default:
  		break;
  	}
  	return EXCPT_BENIGN;
  }
  
  static void kvm_multiple_exception(struct kvm_vcpu *vcpu,

  		unsigned nr, bool has_error, u32 error_code,
  		bool reinject)

  {
  	u32 prev_nr;
  	int class1, class2;

  	kvm_make_request(KVM_REQ_EVENT, vcpu);

  	if (!vcpu->arch.exception.pending) {
  	queue:
  		vcpu->arch.exception.pending = true;
  		vcpu->arch.exception.has_error_code = has_error;
  		vcpu->arch.exception.nr = nr;
  		vcpu->arch.exception.error_code = error_code;

  		vcpu->arch.exception.reinject = reinject;

  		return;
  	}
  
  	/* to check exception */
  	prev_nr = vcpu->arch.exception.nr;
  	if (prev_nr == DF_VECTOR) {
  		/* triple fault -> shutdown */

  		kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);

  		return;
  	}
  	class1 = exception_class(prev_nr);
  	class2 = exception_class(nr);
  	if ((class1 == EXCPT_CONTRIBUTORY && class2 == EXCPT_CONTRIBUTORY)
  		|| (class1 == EXCPT_PF && class2 != EXCPT_BENIGN)) {
  		/* generate double fault per SDM Table 5-5 */
  		vcpu->arch.exception.pending = true;
  		vcpu->arch.exception.has_error_code = true;
  		vcpu->arch.exception.nr = DF_VECTOR;
  		vcpu->arch.exception.error_code = 0;
  	} else
  		/* replace previous exception with a new one in a hope
  		   that instruction re-execution will regenerate lost
  		   exception */
  		goto queue;
  }

  void kvm_queue_exception(struct kvm_vcpu *vcpu, unsigned nr)
  {

  	kvm_multiple_exception(vcpu, nr, false, 0, false);

  }
  EXPORT_SYMBOL_GPL(kvm_queue_exception);

  void kvm_requeue_exception(struct kvm_vcpu *vcpu, unsigned nr)
  {
  	kvm_multiple_exception(vcpu, nr, false, 0, true);
  }
  EXPORT_SYMBOL_GPL(kvm_requeue_exception);

  void kvm_complete_insn_gp(struct kvm_vcpu *vcpu, int err)

  {

  	if (err)
  		kvm_inject_gp(vcpu, 0);
  	else
  		kvm_x86_ops->skip_emulated_instruction(vcpu);
  }
  EXPORT_SYMBOL_GPL(kvm_complete_insn_gp);

  void kvm_inject_page_fault(struct kvm_vcpu *vcpu, struct x86_exception *fault)

  {
  	++vcpu->stat.pf_guest;

  	vcpu->arch.cr2 = fault->address;
  	kvm_queue_exception_e(vcpu, PF_VECTOR, fault->error_code);

  }

  EXPORT_SYMBOL_GPL(kvm_inject_page_fault);

  void kvm_propagate_fault(struct kvm_vcpu *vcpu, struct x86_exception *fault)

  {

  	if (mmu_is_nested(vcpu) && !fault->nested_page_fault)
  		vcpu->arch.nested_mmu.inject_page_fault(vcpu, fault);

  	else

  		vcpu->arch.mmu.inject_page_fault(vcpu, fault);

  }

  void kvm_inject_nmi(struct kvm_vcpu *vcpu)
  {

  	atomic_inc(&vcpu->arch.nmi_queued);
  	kvm_make_request(KVM_REQ_NMI, vcpu);

  }
  EXPORT_SYMBOL_GPL(kvm_inject_nmi);

  void kvm_queue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code)
  {

  	kvm_multiple_exception(vcpu, nr, true, error_code, false);

  }
  EXPORT_SYMBOL_GPL(kvm_queue_exception_e);

  void kvm_requeue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code)
  {
  	kvm_multiple_exception(vcpu, nr, true, error_code, true);
  }
  EXPORT_SYMBOL_GPL(kvm_requeue_exception_e);

  /*

   * Checks if cpl <= required_cpl; if true, return true.  Otherwise queue
   * a #GP and return false.
   */
  bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl)

  {

  	if (kvm_x86_ops->get_cpl(vcpu) <= required_cpl)
  		return true;
  	kvm_queue_exception_e(vcpu, GP_VECTOR, 0);
  	return false;

  }

  EXPORT_SYMBOL_GPL(kvm_require_cpl);

  /*

   * This function will be used to read from the physical memory of the currently
   * running guest. The difference to kvm_read_guest_page is that this function
   * can read from guest physical or from the guest's guest physical memory.
   */
  int kvm_read_guest_page_mmu(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu,
  			    gfn_t ngfn, void *data, int offset, int len,
  			    u32 access)
  {
  	gfn_t real_gfn;
  	gpa_t ngpa;
  
  	ngpa     = gfn_to_gpa(ngfn);
  	real_gfn = mmu->translate_gpa(vcpu, ngpa, access);
  	if (real_gfn == UNMAPPED_GVA)
  		return -EFAULT;
  
  	real_gfn = gpa_to_gfn(real_gfn);
  
  	return kvm_read_guest_page(vcpu->kvm, real_gfn, data, offset, len);
  }
  EXPORT_SYMBOL_GPL(kvm_read_guest_page_mmu);

  int kvm_read_nested_guest_page(struct kvm_vcpu *vcpu, gfn_t gfn,
  			       void *data, int offset, int len, u32 access)
  {
  	return kvm_read_guest_page_mmu(vcpu, vcpu->arch.walk_mmu, gfn,
  				       data, offset, len, access);
  }

  /*

   * Load the pae pdptrs.  Return true is they are all valid.
   */

  int load_pdptrs(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, unsigned long cr3)

  {
  	gfn_t pdpt_gfn = cr3 >> PAGE_SHIFT;
  	unsigned offset = ((cr3 & (PAGE_SIZE-1)) >> 5) << 2;
  	int i;
  	int ret;

  	u64 pdpte[ARRAY_SIZE(mmu->pdptrs)];

  	ret = kvm_read_guest_page_mmu(vcpu, mmu, pdpt_gfn, pdpte,
  				      offset * sizeof(u64), sizeof(pdpte),
  				      PFERR_USER_MASK|PFERR_WRITE_MASK);

  	if (ret < 0) {
  		ret = 0;
  		goto out;
  	}
  	for (i = 0; i < ARRAY_SIZE(pdpte); ++i) {

  		if (is_present_gpte(pdpte[i]) &&

  		    (pdpte[i] & vcpu->arch.mmu.rsvd_bits_mask[0][2])) {

  			ret = 0;
  			goto out;
  		}
  	}
  	ret = 1;

  	memcpy(mmu->pdptrs, pdpte, sizeof(mmu->pdptrs));

  	__set_bit(VCPU_EXREG_PDPTR,
  		  (unsigned long *)&vcpu->arch.regs_avail);
  	__set_bit(VCPU_EXREG_PDPTR,
  		  (unsigned long *)&vcpu->arch.regs_dirty);

  out:

  
  	return ret;
  }

  EXPORT_SYMBOL_GPL(load_pdptrs);

  static bool pdptrs_changed(struct kvm_vcpu *vcpu)
  {

  	u64 pdpte[ARRAY_SIZE(vcpu->arch.walk_mmu->pdptrs)];

  	bool changed = true;

  	int offset;
  	gfn_t gfn;

  	int r;
  
  	if (is_long_mode(vcpu) || !is_pae(vcpu))
  		return false;

  	if (!test_bit(VCPU_EXREG_PDPTR,
  		      (unsigned long *)&vcpu->arch.regs_avail))
  		return true;

  	gfn = (kvm_read_cr3(vcpu) & ~31u) >> PAGE_SHIFT;
  	offset = (kvm_read_cr3(vcpu) & ~31u) & (PAGE_SIZE - 1);

  	r = kvm_read_nested_guest_page(vcpu, gfn, pdpte, offset, sizeof(pdpte),
  				       PFERR_USER_MASK | PFERR_WRITE_MASK);

  	if (r < 0)
  		goto out;

  	changed = memcmp(pdpte, vcpu->arch.walk_mmu->pdptrs, sizeof(pdpte)) != 0;

  out:

  
  	return changed;
  }

  int kvm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)

  {

  	unsigned long old_cr0 = kvm_read_cr0(vcpu);
  	unsigned long update_bits = X86_CR0_PG | X86_CR0_WP |
  				    X86_CR0_CD | X86_CR0_NW;

  	cr0 |= X86_CR0_ET;

  #ifdef CONFIG_X86_64

  	if (cr0 & 0xffffffff00000000UL)
  		return 1;

  #endif
  
  	cr0 &= ~CR0_RESERVED_BITS;

  	if ((cr0 & X86_CR0_NW) && !(cr0 & X86_CR0_CD))
  		return 1;

  	if ((cr0 & X86_CR0_PG) && !(cr0 & X86_CR0_PE))
  		return 1;

  
  	if (!is_paging(vcpu) && (cr0 & X86_CR0_PG)) {
  #ifdef CONFIG_X86_64

  		if ((vcpu->arch.efer & EFER_LME)) {

  			int cs_db, cs_l;

  			if (!is_pae(vcpu))
  				return 1;

  			kvm_x86_ops->get_cs_db_l_bits(vcpu, &cs_db, &cs_l);

  			if (cs_l)
  				return 1;

  		} else
  #endif

  		if (is_pae(vcpu) && !load_pdptrs(vcpu, vcpu->arch.walk_mmu,

  						 kvm_read_cr3(vcpu)))

  			return 1;

  	}
  
  	kvm_x86_ops->set_cr0(vcpu, cr0);

  	if ((cr0 ^ old_cr0) & X86_CR0_PG) {

  		kvm_clear_async_pf_completion_queue(vcpu);

  		kvm_async_pf_hash_reset(vcpu);
  	}

  	if ((cr0 ^ old_cr0) & update_bits)
  		kvm_mmu_reset_context(vcpu);

  	return 0;
  }

  EXPORT_SYMBOL_GPL(kvm_set_cr0);

  void kvm_lmsw(struct kvm_vcpu *vcpu, unsigned long msw)

  {

  	(void)kvm_set_cr0(vcpu, kvm_read_cr0_bits(vcpu, ~0x0eul) | (msw & 0x0f));

  }

  EXPORT_SYMBOL_GPL(kvm_lmsw);

  int __kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr)
  {
  	u64 xcr0;
  
  	/* Only support XCR_XFEATURE_ENABLED_MASK(xcr0) now  */
  	if (index != XCR_XFEATURE_ENABLED_MASK)
  		return 1;
  	xcr0 = xcr;
  	if (kvm_x86_ops->get_cpl(vcpu) != 0)
  		return 1;
  	if (!(xcr0 & XSTATE_FP))
  		return 1;
  	if ((xcr0 & XSTATE_YMM) && !(xcr0 & XSTATE_SSE))
  		return 1;
  	if (xcr0 & ~host_xcr0)
  		return 1;
  	vcpu->arch.xcr0 = xcr0;
  	vcpu->guest_xcr0_loaded = 0;
  	return 0;
  }
  
  int kvm_set_xcr(struct kvm_vcpu *vcpu, u32 index, u64 xcr)
  {
  	if (__kvm_set_xcr(vcpu, index, xcr)) {
  		kvm_inject_gp(vcpu, 0);
  		return 1;
  	}
  	return 0;
  }
  EXPORT_SYMBOL_GPL(kvm_set_xcr);

  int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)

  {

  	unsigned long old_cr4 = kvm_read_cr4(vcpu);

  	unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE |
  				   X86_CR4_PAE | X86_CR4_SMEP;

  	if (cr4 & CR4_RESERVED_BITS)
  		return 1;

  	if (!guest_cpuid_has_xsave(vcpu) && (cr4 & X86_CR4_OSXSAVE))
  		return 1;

  	if (!guest_cpuid_has_smep(vcpu) && (cr4 & X86_CR4_SMEP))
  		return 1;

  	if (!guest_cpuid_has_fsgsbase(vcpu) && (cr4 & X86_CR4_RDWRGSFS))
  		return 1;

  	if (is_long_mode(vcpu)) {

  		if (!(cr4 & X86_CR4_PAE))
  			return 1;

  	} else if (is_paging(vcpu) && (cr4 & X86_CR4_PAE)
  		   && ((cr4 ^ old_cr4) & pdptr_bits)

  		   && !load_pdptrs(vcpu, vcpu->arch.walk_mmu,
  				   kvm_read_cr3(vcpu)))

  		return 1;

  	if (kvm_x86_ops->set_cr4(vcpu, cr4))

  		return 1;

  	if ((cr4 ^ old_cr4) & pdptr_bits)
  		kvm_mmu_reset_context(vcpu);

  	if ((cr4 ^ old_cr4) & X86_CR4_OSXSAVE)

  		kvm_update_cpuid(vcpu);

  	return 0;
  }

  EXPORT_SYMBOL_GPL(kvm_set_cr4);

  int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)

  {

  	if (cr3 == kvm_read_cr3(vcpu) && !pdptrs_changed(vcpu)) {

  		kvm_mmu_sync_roots(vcpu);

  		kvm_mmu_flush_tlb(vcpu);

  		return 0;

  	}

  	if (is_long_mode(vcpu)) {

  		if (cr3 & CR3_L_MODE_RESERVED_BITS)
  			return 1;

  	} else {
  		if (is_pae(vcpu)) {

  			if (cr3 & CR3_PAE_RESERVED_BITS)
  				return 1;

  			if (is_paging(vcpu) &&
  			    !load_pdptrs(vcpu, vcpu->arch.walk_mmu, cr3))

  				return 1;

  		}
  		/*
  		 * We don't check reserved bits in nonpae mode, because
  		 * this isn't enforced, and VMware depends on this.
  		 */
  	}

  	/*
  	 * Does the new cr3 value map to physical memory? (Note, we
  	 * catch an invalid cr3 even in real-mode, because it would
  	 * cause trouble later on when we turn on paging anyway.)
  	 *
  	 * A real CPU would silently accept an invalid cr3 and would
  	 * attempt to use it - with largely undefined (and often hard
  	 * to debug) behavior on the guest side.
  	 */
  	if (unlikely(!gfn_to_memslot(vcpu->kvm, cr3 >> PAGE_SHIFT)))

  		return 1;
  	vcpu->arch.cr3 = cr3;

  	__set_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail);

  	vcpu->arch.mmu.new_cr3(vcpu);
  	return 0;
  }

  EXPORT_SYMBOL_GPL(kvm_set_cr3);

  int kvm_set_cr8(struct kvm_vcpu *vcpu, unsigned long cr8)

  {

  	if (cr8 & CR8_RESERVED_BITS)
  		return 1;

  	if (irqchip_in_kernel(vcpu->kvm))
  		kvm_lapic_set_tpr(vcpu, cr8);
  	else

  		vcpu->arch.cr8 = cr8;

  	return 0;
  }

  EXPORT_SYMBOL_GPL(kvm_set_cr8);

  unsigned long kvm_get_cr8(struct kvm_vcpu *vcpu)

  {
  	if (irqchip_in_kernel(vcpu->kvm))
  		return kvm_lapic_get_cr8(vcpu);
  	else

  		return vcpu->arch.cr8;

  }

  EXPORT_SYMBOL_GPL(kvm_get_cr8);

  static int __kvm_set_dr(struct kvm_vcpu *vcpu, int dr, unsigned long val)

  {
  	switch (dr) {
  	case 0 ... 3:
  		vcpu->arch.db[dr] = val;
  		if (!(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP))
  			vcpu->arch.eff_db[dr] = val;
  		break;
  	case 4:

  		if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
  			return 1; /* #UD */

  		/* fall through */
  	case 6:

  		if (val & 0xffffffff00000000ULL)
  			return -1; /* #GP */

  		vcpu->arch.dr6 = (val & DR6_VOLATILE) | DR6_FIXED_1;
  		break;
  	case 5:

  		if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
  			return 1; /* #UD */

  		/* fall through */
  	default: /* 7 */

  		if (val & 0xffffffff00000000ULL)
  			return -1; /* #GP */

  		vcpu->arch.dr7 = (val & DR7_VOLATILE) | DR7_FIXED_1;
  		if (!(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP)) {
  			kvm_x86_ops->set_dr7(vcpu, vcpu->arch.dr7);
  			vcpu->arch.switch_db_regs = (val & DR7_BP_EN_MASK);
  		}
  		break;
  	}
  
  	return 0;
  }

  
  int kvm_set_dr(struct kvm_vcpu *vcpu, int dr, unsigned long val)
  {
  	int res;
  
  	res = __kvm_set_dr(vcpu, dr, val);
  	if (res > 0)
  		kvm_queue_exception(vcpu, UD_VECTOR);
  	else if (res < 0)
  		kvm_inject_gp(vcpu, 0);
  
  	return res;
  }

  EXPORT_SYMBOL_GPL(kvm_set_dr);

  static int _kvm_get_dr(struct kvm_vcpu *vcpu, int dr, unsigned long *val)

  {
  	switch (dr) {
  	case 0 ... 3:
  		*val = vcpu->arch.db[dr];
  		break;
  	case 4:

  		if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))

  			return 1;

  		/* fall through */
  	case 6:
  		*val = vcpu->arch.dr6;
  		break;
  	case 5:

  		if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))

  			return 1;

  		/* fall through */
  	default: /* 7 */
  		*val = vcpu->arch.dr7;
  		break;
  	}
  
  	return 0;
  }

  
  int kvm_get_dr(struct kvm_vcpu *vcpu, int dr, unsigned long *val)
  {
  	if (_kvm_get_dr(vcpu, dr, val)) {
  		kvm_queue_exception(vcpu, UD_VECTOR);
  		return 1;
  	}
  	return 0;
  }

  EXPORT_SYMBOL_GPL(kvm_get_dr);

  bool kvm_rdpmc(struct kvm_vcpu *vcpu)
  {
  	u32 ecx = kvm_register_read(vcpu, VCPU_REGS_RCX);
  	u64 data;
  	int err;
  
  	err = kvm_pmu_read_pmc(vcpu, ecx, &data);
  	if (err)
  		return err;
  	kvm_register_write(vcpu, VCPU_REGS_RAX, (u32)data);
  	kvm_register_write(vcpu, VCPU_REGS_RDX, data >> 32);
  	return err;
  }
  EXPORT_SYMBOL_GPL(kvm_rdpmc);

  /*
   * List of msr numbers which we expose to userspace through KVM_GET_MSRS
   * and KVM_SET_MSRS, and KVM_GET_MSR_INDEX_LIST.
   *
   * This list is modified at module load time to reflect the

   * capabilities of the host cpu. This capabilities test skips MSRs that are
   * kvm-specific. Those are put in the beginning of the list.

   */

  #define KVM_SAVE_MSRS_BEGIN	9

  static u32 msrs_to_save[] = {

  	MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK,

  	MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW,

  	HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL,

  	HV_X64_MSR_APIC_ASSIST_PAGE, MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME,

  	MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP,

  	MSR_STAR,

  #ifdef CONFIG_X86_64
  	MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR,
  #endif

  	MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA

  };
  
  static unsigned num_msrs_to_save;
  
  static u32 emulated_msrs[] = {

  	MSR_IA32_TSCDEADLINE,

  	MSR_IA32_MISC_ENABLE,

  	MSR_IA32_MCG_STATUS,
  	MSR_IA32_MCG_CTL,

  };

  static int set_efer(struct kvm_vcpu *vcpu, u64 efer)

  {

  	u64 old_efer = vcpu->arch.efer;

  	if (efer & efer_reserved_bits)
  		return 1;

  
  	if (is_paging(vcpu)

  	    && (vcpu->arch.efer & EFER_LME) != (efer & EFER_LME))
  		return 1;

  	if (efer & EFER_FFXSR) {
  		struct kvm_cpuid_entry2 *feat;
  
  		feat = kvm_find_cpuid_entry(vcpu, 0x80000001, 0);

  		if (!feat || !(feat->edx & bit(X86_FEATURE_FXSR_OPT)))
  			return 1;

  	}

  	if (efer & EFER_SVME) {
  		struct kvm_cpuid_entry2 *feat;
  
  		feat = kvm_find_cpuid_entry(vcpu, 0x80000001, 0);

  		if (!feat || !(feat->ecx & bit(X86_FEATURE_SVM)))
  			return 1;

  	}

  	efer &= ~EFER_LMA;

  	efer |= vcpu->arch.efer & EFER_LMA;

  	kvm_x86_ops->set_efer(vcpu, efer);

  	vcpu->arch.mmu.base_role.nxe = (efer & EFER_NX) && !tdp_enabled;

  	/* Update reserved bits */
  	if ((efer ^ old_efer) & EFER_NX)
  		kvm_mmu_reset_context(vcpu);

  	return 0;

  }

  void kvm_enable_efer_bits(u64 mask)
  {
         efer_reserved_bits &= ~mask;
  }
  EXPORT_SYMBOL_GPL(kvm_enable_efer_bits);

  /*
   * Writes msr value into into the appropriate "register".
   * Returns 0 on success, non-0 otherwise.
   * Assumes vcpu_load() was already called.
   */
  int kvm_set_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 data)
  {
  	return kvm_x86_ops->set_msr(vcpu, msr_index, data);
  }

  /*
   * Adapt set_msr() to msr_io()'s calling convention
   */
  static int do_set_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *data)
  {
  	return kvm_set_msr(vcpu, index, *data);
  }

  static void kvm_write_wall_clock(struct kvm *kvm, gpa_t wall_clock)
  {

  	int version;
  	int r;

  	struct pvclock_wall_clock wc;

  	struct timespec boot;

  
  	if (!wall_clock)
  		return;

  	r = kvm_read_guest(kvm, wall_clock, &version, sizeof(version));
  	if (r)
  		return;
  
  	if (version & 1)
  		++version;  /* first time write, random junk */
  
  	++version;

  	kvm_write_guest(kvm, wall_clock, &version, sizeof(version));

  	/*
  	 * The guest calculates current wall clock time by adding

  	 * system time (updated by kvm_guest_time_update below) to the

  	 * wall clock specified here.  guest system time equals host
  	 * system time for us, thus we must fill in host boot time here.
  	 */

  	getboottime(&boot);

  
  	wc.sec = boot.tv_sec;
  	wc.nsec = boot.tv_nsec;
  	wc.version = version;

  
  	kvm_write_guest(kvm, wall_clock, &wc, sizeof(wc));
  
  	version++;
  	kvm_write_guest(kvm, wall_clock, &version, sizeof(version));

  }

  static uint32_t div_frac(uint32_t dividend, uint32_t divisor)
  {
  	uint32_t quotient, remainder;
  
  	/* Don't try to replace with do_div(), this one calculates
  	 * "(dividend << 32) / divisor" */
  	__asm__ ( "divl %4"
  		  : "=a" (quotient), "=d" (remainder)
  		  : "0" (0), "1" (dividend), "r" (divisor) );
  	return quotient;
  }

  static void kvm_get_time_scale(uint32_t scaled_khz, uint32_t base_khz,
  			       s8 *pshift, u32 *pmultiplier)

  {

  	uint64_t scaled64;

  	int32_t  shift = 0;
  	uint64_t tps64;
  	uint32_t tps32;

  	tps64 = base_khz * 1000LL;
  	scaled64 = scaled_khz * 1000LL;

  	while (tps64 > scaled64*2 || tps64 & 0xffffffff00000000ULL) {

  		tps64 >>= 1;
  		shift--;
  	}
  
  	tps32 = (uint32_t)tps64;

  	while (tps32 <= scaled64 || scaled64 & 0xffffffff00000000ULL) {
  		if (scaled64 & 0xffffffff00000000ULL || tps32 & 0x80000000)

  			scaled64 >>= 1;
  		else
  			tps32 <<= 1;

  		shift++;
  	}

  	*pshift = shift;
  	*pmultiplier = div_frac(scaled64, tps32);

  	pr_debug("%s: base_khz %u => %u, shift %d, mul %u
  ",
  		 __func__, base_khz, scaled_khz, shift, *pmultiplier);

  }

  static inline u64 get_kernel_ns(void)
  {
  	struct timespec ts;
  
  	WARN_ON(preemptible());
  	ktime_get_ts(&ts);
  	monotonic_to_bootbased(&ts);
  	return timespec_to_ns(&ts);

  }

  static DEFINE_PER_CPU(unsigned long, cpu_tsc_khz);

  unsigned long max_tsc_khz;

  static inline int kvm_tsc_changes_freq(void)
  {
  	int cpu = get_cpu();
  	int ret = !boot_cpu_has(X86_FEATURE_CONSTANT_TSC) &&
  		  cpufreq_quick_get(cpu) != 0;
  	put_cpu();
  	return ret;
  }

  u64 vcpu_tsc_khz(struct kvm_vcpu *vcpu)

  {
  	if (vcpu->arch.virtual_tsc_khz)
  		return vcpu->arch.virtual_tsc_khz;
  	else
  		return __this_cpu_read(cpu_tsc_khz);
  }

  static inline u64 nsec_to_cycles(struct kvm_vcpu *vcpu, u64 nsec)

  {

  	u64 ret;

  	WARN_ON(preemptible());
  	if (kvm_tsc_changes_freq())
  		printk_once(KERN_WARNING
  		 "kvm: unreliable cycle conversion on adjustable rate TSC
  ");

  	ret = nsec * vcpu_tsc_khz(vcpu);

  	do_div(ret, USEC_PER_SEC);
  	return ret;

  }

  static void kvm_init_tsc_catchup(struct kvm_vcpu *vcpu, u32 this_tsc_khz)

  {
  	/* Compute a scale to convert nanoseconds in TSC cycles */
  	kvm_get_time_scale(this_tsc_khz, NSEC_PER_SEC / 1000,

  			   &vcpu->arch.tsc_catchup_shift,
  			   &vcpu->arch.tsc_catchup_mult);

  }
  
  static u64 compute_guest_tsc(struct kvm_vcpu *vcpu, s64 kernel_ns)
  {
  	u64 tsc = pvclock_scale_delta(kernel_ns-vcpu->arch.last_tsc_nsec,

  				      vcpu->arch.tsc_catchup_mult,
  				      vcpu->arch.tsc_catchup_shift);

  	tsc += vcpu->arch.last_tsc_write;
  	return tsc;
  }

  void kvm_write_tsc(struct kvm_vcpu *vcpu, u64 data)
  {
  	struct kvm *kvm = vcpu->kvm;

  	u64 offset, ns, elapsed;

  	unsigned long flags;

  	s64 sdiff;

  	raw_spin_lock_irqsave(&kvm->arch.tsc_write_lock, flags);

  	offset = kvm_x86_ops->compute_tsc_offset(vcpu, data);

  	ns = get_kernel_ns();

  	elapsed = ns - kvm->arch.last_tsc_nsec;

  	sdiff = data - kvm->arch.last_tsc_write;
  	if (sdiff < 0)
  		sdiff = -sdiff;

  
  	/*

  	 * Special case: close write to TSC within 5 seconds of

  	 * another CPU is interpreted as an attempt to synchronize

  	 * The 5 seconds is to accommodate host load / swapping as

  	 * well as any reset of TSC during the boot process.

  	 *
  	 * In that case, for a reliable TSC, we can match TSC offsets,

  	 * or make a best guest using elapsed value.

  	 */

  	if (sdiff < nsec_to_cycles(vcpu, 5ULL * NSEC_PER_SEC) &&

  	    elapsed < 5ULL * NSEC_PER_SEC) {

  		if (!check_tsc_unstable()) {
  			offset = kvm->arch.last_tsc_offset;
  			pr_debug("kvm: matched tsc offset for %llu
  ", data);
  		} else {

  			u64 delta = nsec_to_cycles(vcpu, elapsed);

  			offset += delta;
  			pr_debug("kvm: adjusted tsc offset by %llu
  ", delta);

  		}
  		ns = kvm->arch.last_tsc_nsec;
  	}
  	kvm->arch.last_tsc_nsec = ns;
  	kvm->arch.last_tsc_write = data;
  	kvm->arch.last_tsc_offset = offset;

  	kvm_x86_ops->write_tsc_offset(vcpu, offset);

  	raw_spin_unlock_irqrestore(&kvm->arch.tsc_write_lock, flags);

  
  	/* Reset of TSC must disable overshoot protection below */
  	vcpu->arch.hv_clock.tsc_timestamp = 0;

  	vcpu->arch.last_tsc_write = data;
  	vcpu->arch.last_tsc_nsec = ns;

  }
  EXPORT_SYMBOL_GPL(kvm_write_tsc);

  static int kvm_guest_time_update(struct kvm_vcpu *v)

  {

  	unsigned long flags;
  	struct kvm_vcpu_arch *vcpu = &v->arch;
  	void *shared_kaddr;

  	unsigned long this_tsc_khz;

  	s64 kernel_ns, max_kernel_ns;
  	u64 tsc_timestamp;

  	/* Keep irq disabled to prevent changes to the clock */
  	local_irq_save(flags);

  	tsc_timestamp = kvm_x86_ops->read_l1_tsc(v);

  	kernel_ns = get_kernel_ns();

  	this_tsc_khz = vcpu_tsc_khz(v);

  	if (unlikely(this_tsc_khz == 0)) {

  		local_irq_restore(flags);

  		kvm_make_request(KVM_REQ_CLOCK_UPDATE, v);

  		return 1;
  	}

  	/*

  	 * We may have to catch up the TSC to match elapsed wall clock
  	 * time for two reasons, even if kvmclock is used.
  	 *   1) CPU could have been running below the maximum TSC rate
  	 *   2) Broken TSC compensation resets the base at each VCPU
  	 *      entry to avoid unknown leaps of TSC even when running
  	 *      again on the same CPU.  This may cause apparent elapsed
  	 *      time to disappear, and the guest to stand still or run
  	 *	very slowly.
  	 */
  	if (vcpu->tsc_catchup) {
  		u64 tsc = compute_guest_tsc(v, kernel_ns);
  		if (tsc > tsc_timestamp) {
  			kvm_x86_ops->adjust_tsc_offset(v, tsc - tsc_timestamp);
  			tsc_timestamp = tsc;
  		}

  	}

  	local_irq_restore(flags);

  	if (!vcpu->time_page)
  		return 0;

  	/*

  	 * Time as measured by the TSC may go backwards when resetting the base
  	 * tsc_timestamp.  The reason for this is that the TSC resolution is
  	 * higher than the resolution of the other clock scales.  Thus, many
  	 * possible measurments of the TSC correspond to one measurement of any
  	 * other clock, and so a spread of values is possible.  This is not a
  	 * problem for the computation of the nanosecond clock; with TSC rates
  	 * around 1GHZ, there can only be a few cycles which correspond to one
  	 * nanosecond value, and any path through this code will inevitably
  	 * take longer than that.  However, with the kernel_ns value itself,
  	 * the precision may be much lower, down to HZ granularity.  If the
  	 * first sampling of TSC against kernel_ns ends in the low part of the
  	 * range, and the second in the high end of the range, we can get:
  	 *
  	 * (TSC - offset_low) * S + kns_old > (TSC - offset_high) * S + kns_new
  	 *
  	 * As the sampling errors potentially range in the thousands of cycles,
  	 * it is possible such a time value has already been observed by the
  	 * guest.  To protect against this, we must compute the system time as
  	 * observed by the guest and ensure the new system time is greater.
  	 */
  	max_kernel_ns = 0;
  	if (vcpu->hv_clock.tsc_timestamp && vcpu->last_guest_tsc) {
  		max_kernel_ns = vcpu->last_guest_tsc -
  				vcpu->hv_clock.tsc_timestamp;
  		max_kernel_ns = pvclock_scale_delta(max_kernel_ns,
  				    vcpu->hv_clock.tsc_to_system_mul,
  				    vcpu->hv_clock.tsc_shift);
  		max_kernel_ns += vcpu->last_kernel_ns;
  	}

  	if (unlikely(vcpu->hw_tsc_khz != this_tsc_khz)) {

  		kvm_get_time_scale(NSEC_PER_SEC / 1000, this_tsc_khz,
  				   &vcpu->hv_clock.tsc_shift,
  				   &vcpu->hv_clock.tsc_to_system_mul);

  		vcpu->hw_tsc_khz = this_tsc_khz;

  	}

  	if (max_kernel_ns > kernel_ns)
  		kernel_ns = max_kernel_ns;

  	/* With all the info we got, fill in the values */

  	vcpu->hv_clock.tsc_timestamp = tsc_timestamp;

  	vcpu->hv_clock.system_time = kernel_ns + v->kvm->arch.kvmclock_offset;

  	vcpu->last_kernel_ns = kernel_ns;

  	vcpu->last_guest_tsc = tsc_timestamp;

  	vcpu->hv_clock.flags = 0;

  	/*
  	 * The interface expects us to write an even number signaling that the
  	 * update is finished. Since the guest won't see the intermediate

  	 * state, we just increase by 2 at the end.

  	 */

  	vcpu->hv_clock.version += 2;

  
  	shared_kaddr = kmap_atomic(vcpu->time_page, KM_USER0);
  
  	memcpy(shared_kaddr + vcpu->time_offset, &vcpu->hv_clock,

  	       sizeof(vcpu->hv_clock));

  
  	kunmap_atomic(shared_kaddr, KM_USER0);
  
  	mark_page_dirty(v->kvm, vcpu->time >> PAGE_SHIFT);

  	return 0;

  }

  static bool msr_mtrr_valid(unsigned msr)
  {
  	switch (msr) {
  	case 0x200 ... 0x200 + 2 * KVM_NR_VAR_MTRR - 1:
  	case MSR_MTRRfix64K_00000:
  	case MSR_MTRRfix16K_80000:
  	case MSR_MTRRfix16K_A0000:
  	case MSR_MTRRfix4K_C0000:
  	case MSR_MTRRfix4K_C8000:
  	case MSR_MTRRfix4K_D0000:
  	case MSR_MTRRfix4K_D8000:
  	case MSR_MTRRfix4K_E0000:
  	case MSR_MTRRfix4K_E8000:
  	case MSR_MTRRfix4K_F0000:
  	case MSR_MTRRfix4K_F8000:
  	case MSR_MTRRdefType:
  	case MSR_IA32_CR_PAT:
  		return true;
  	case 0x2f8:
  		return true;
  	}
  	return false;
  }

  static bool valid_pat_type(unsigned t)
  {
  	return t < 8 && (1 << t) & 0xf3; /* 0, 1, 4, 5, 6, 7 */
  }
  
  static bool valid_mtrr_type(unsigned t)
  {
  	return t < 8 && (1 << t) & 0x73; /* 0, 1, 4, 5, 6 */
  }
  
  static bool mtrr_valid(struct kvm_vcpu *vcpu, u32 msr, u64 data)
  {
  	int i;
  
  	if (!msr_mtrr_valid(msr))
  		return false;
  
  	if (msr == MSR_IA32_CR_PAT) {
  		for (i = 0; i < 8; i++)
  			if (!valid_pat_type((data >> (i * 8)) & 0xff))
  				return false;
  		return true;
  	} else if (msr == MSR_MTRRdefType) {
  		if (data & ~0xcff)
  			return false;
  		return valid_mtrr_type(data & 0xff);
  	} else if (msr >= MSR_MTRRfix64K_00000 && msr <= MSR_MTRRfix4K_F8000) {
  		for (i = 0; i < 8 ; i++)
  			if (!valid_mtrr_type((data >> (i * 8)) & 0xff))
  				return false;
  		return true;
  	}
  
  	/* variable MTRRs */
  	return valid_mtrr_type(data & 0xff);
  }

  static int set_msr_mtrr(struct kvm_vcpu *vcpu, u32 msr, u64 data)
  {

  	u64 *p = (u64 *)&vcpu->arch.mtrr_state.fixed_ranges;

  	if (!mtrr_valid(vcpu, msr, data))

  		return 1;

  	if (msr == MSR_MTRRdefType) {
  		vcpu->arch.mtrr_state.def_type = data;
  		vcpu->arch.mtrr_state.enabled = (data & 0xc00) >> 10;
  	} else if (msr == MSR_MTRRfix64K_00000)
  		p[0] = data;
  	else if (msr == MSR_MTRRfix16K_80000 || msr == MSR_MTRRfix16K_A0000)
  		p[1 + msr - MSR_MTRRfix16K_80000] = data;
  	else if (msr >= MSR_MTRRfix4K_C0000 && msr <= MSR_MTRRfix4K_F8000)
  		p[3 + msr - MSR_MTRRfix4K_C0000] = data;
  	else if (msr == MSR_IA32_CR_PAT)
  		vcpu->arch.pat = data;
  	else {	/* Variable MTRRs */
  		int idx, is_mtrr_mask;
  		u64 *pt;
  
  		idx = (msr - 0x200) / 2;
  		is_mtrr_mask = msr - 0x200 - 2 * idx;
  		if (!is_mtrr_mask)
  			pt =
  			  (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].base_lo;
  		else
  			pt =
  			  (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].mask_lo;
  		*pt = data;
  	}
  
  	kvm_mmu_reset_context(vcpu);

  	return 0;
  }

  static int set_msr_mce(struct kvm_vcpu *vcpu, u32 msr, u64 data)

  {

  	u64 mcg_cap = vcpu->arch.mcg_cap;
  	unsigned bank_num = mcg_cap & 0xff;

  	switch (msr) {

  	case MSR_IA32_MCG_STATUS:

  		vcpu->arch.mcg_status = data;

  		break;

  	case MSR_IA32_MCG_CTL:

  		if (!(mcg_cap & MCG_CTL_P))
  			return 1;
  		if (data != 0 && data != ~(u64)0)
  			return -1;
  		vcpu->arch.mcg_ctl = data;
  		break;
  	default:
  		if (msr >= MSR_IA32_MC0_CTL &&
  		    msr < MSR_IA32_MC0_CTL + 4 * bank_num) {
  			u32 offset = msr - MSR_IA32_MC0_CTL;

  			/* only 0 or all 1s can be written to IA32_MCi_CTL
  			 * some Linux kernels though clear bit 10 in bank 4 to
  			 * workaround a BIOS/GART TBL issue on AMD K8s, ignore
  			 * this to avoid an uncatched #GP in the guest
  			 */

  			if ((offset & 0x3) == 0 &&

  			    data != 0 && (data | (1 << 10)) != ~(u64)0)

  				return -1;
  			vcpu->arch.mce_banks[offset] = data;
  			break;
  		}
  		return 1;
  	}
  	return 0;
  }

  static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data)
  {
  	struct kvm *kvm = vcpu->kvm;
  	int lm = is_long_mode(vcpu);
  	u8 *blob_addr = lm ? (u8 *)(long)kvm->arch.xen_hvm_config.blob_addr_64
  		: (u8 *)(long)kvm->arch.xen_hvm_config.blob_addr_32;
  	u8 blob_size = lm ? kvm->arch.xen_hvm_config.blob_size_64
  		: kvm->arch.xen_hvm_config.blob_size_32;
  	u32 page_num = data & ~PAGE_MASK;
  	u64 page_addr = data & PAGE_MASK;
  	u8 *page;
  	int r;
  
  	r = -E2BIG;
  	if (page_num >= blob_size)
  		goto out;
  	r = -ENOMEM;

  	page = memdup_user(blob_addr + (page_num * PAGE_SIZE), PAGE_SIZE);
  	if (IS_ERR(page)) {
  		r = PTR_ERR(page);

  		goto out;

  	}

  	if (kvm_write_guest(kvm, page_addr, page, PAGE_SIZE))
  		goto out_free;
  	r = 0;
  out_free:
  	kfree(page);
  out:
  	return r;
  }

  static bool kvm_hv_hypercall_enabled(struct kvm *kvm)
  {
  	return kvm->arch.hv_hypercall & HV_X64_MSR_HYPERCALL_ENABLE;
  }
  
  static bool kvm_hv_msr_partition_wide(u32 msr)
  {
  	bool r = false;
  	switch (msr) {
  	case HV_X64_MSR_GUEST_OS_ID:
  	case HV_X64_MSR_HYPERCALL:
  		r = true;
  		break;
  	}
  
  	return r;
  }
  
  static int set_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 data)
  {
  	struct kvm *kvm = vcpu->kvm;
  
  	switch (msr) {
  	case HV_X64_MSR_GUEST_OS_ID:
  		kvm->arch.hv_guest_os_id = data;
  		/* setting guest os id to zero disables hypercall page */
  		if (!kvm->arch.hv_guest_os_id)
  			kvm->arch.hv_hypercall &= ~HV_X64_MSR_HYPERCALL_ENABLE;
  		break;
  	case HV_X64_MSR_HYPERCALL: {
  		u64 gfn;
  		unsigned long addr;
  		u8 instructions[4];
  
  		/* if guest os id is not set hypercall should remain disabled */
  		if (!kvm->arch.hv_guest_os_id)
  			break;
  		if (!(data & HV_X64_MSR_HYPERCALL_ENABLE)) {
  			kvm->arch.hv_hypercall = data;
  			break;
  		}
  		gfn = data >> HV_X64_MSR_HYPERCALL_PAGE_ADDRESS_SHIFT;
  		addr = gfn_to_hva(kvm, gfn);
  		if (kvm_is_error_hva(addr))
  			return 1;
  		kvm_x86_ops->patch_hypercall(vcpu, instructions);
  		((unsigned char *)instructions)[3] = 0xc3; /* ret */

  		if (__copy_to_user((void __user *)addr, instructions, 4))

  			return 1;
  		kvm->arch.hv_hypercall = data;
  		break;
  	}
  	default:
  		pr_unimpl(vcpu, "HYPER-V unimplemented wrmsr: 0x%x "
  			  "data 0x%llx
  ", msr, data);
  		return 1;
  	}
  	return 0;
  }
  
  static int set_msr_hyperv(struct kvm_vcpu *vcpu, u32 msr, u64 data)
  {

  	switch (msr) {
  	case HV_X64_MSR_APIC_ASSIST_PAGE: {
  		unsigned long addr;

  		if (!(data & HV_X64_MSR_APIC_ASSIST_PAGE_ENABLE)) {
  			vcpu->arch.hv_vapic = data;
  			break;
  		}
  		addr = gfn_to_hva(vcpu->kvm, data >>
  				  HV_X64_MSR_APIC_ASSIST_PAGE_ADDRESS_SHIFT);
  		if (kvm_is_error_hva(addr))
  			return 1;

  		if (__clear_user((void __user *)addr, PAGE_SIZE))

  			return 1;
  		vcpu->arch.hv_vapic = data;
  		break;
  	}
  	case HV_X64_MSR_EOI:
  		return kvm_hv_vapic_msr_write(vcpu, APIC_EOI, data);
  	case HV_X64_MSR_ICR:
  		return kvm_hv_vapic_msr_write(vcpu, APIC_ICR, data);
  	case HV_X64_MSR_TPR:
  		return kvm_hv_vapic_msr_write(vcpu, APIC_TASKPRI, data);
  	default:
  		pr_unimpl(vcpu, "HYPER-V unimplemented wrmsr: 0x%x "
  			  "data 0x%llx
  ", msr, data);
  		return 1;
  	}
  
  	return 0;

  }

  static int kvm_pv_enable_async_pf(struct kvm_vcpu *vcpu, u64 data)
  {
  	gpa_t gpa = data & ~0x3f;

  	/* Bits 2:5 are resrved, Should be zero */
  	if (data & 0x3c)

  		return 1;
  
  	vcpu->arch.apf.msr_val = data;
  
  	if (!(data & KVM_ASYNC_PF_ENABLED)) {
  		kvm_clear_async_pf_completion_queue(vcpu);
  		kvm_async_pf_hash_reset(vcpu);
  		return 0;
  	}
  
  	if (kvm_gfn_to_hva_cache_init(vcpu->kvm, &vcpu->arch.apf.data, gpa))
  		return 1;

  	vcpu->arch.apf.send_user_only = !(data & KVM_ASYNC_PF_SEND_ALWAYS);

  	kvm_async_pf_wakeup_all(vcpu);
  	return 0;
  }

  static void kvmclock_reset(struct kvm_vcpu *vcpu)
  {
  	if (vcpu->arch.time_page) {
  		kvm_release_page_dirty(vcpu->arch.time_page);
  		vcpu->arch.time_page = NULL;
  	}
  }

  static void accumulate_steal_time(struct kvm_vcpu *vcpu)
  {
  	u64 delta;
  
  	if (!(vcpu->arch.st.msr_val & KVM_MSR_ENABLED))
  		return;
  
  	delta = current->sched_info.run_delay - vcpu->arch.st.last_steal;
  	vcpu->arch.st.last_steal = current->sched_info.run_delay;
  	vcpu->arch.st.accum_steal = delta;
  }
  
  static void record_steal_time(struct kvm_vcpu *vcpu)
  {
  	if (!(vcpu->arch.st.msr_val & KVM_MSR_ENABLED))
  		return;
  
  	if (unlikely(kvm_read_guest_cached(vcpu->kvm, &vcpu->arch.st.stime,
  		&vcpu->arch.st.steal, sizeof(struct kvm_steal_time))))
  		return;
  
  	vcpu->arch.st.steal.steal += vcpu->arch.st.accum_steal;
  	vcpu->arch.st.steal.version += 2;
  	vcpu->arch.st.accum_steal = 0;
  
  	kvm_write_guest_cached(vcpu->kvm, &vcpu->arch.st.stime,
  		&vcpu->arch.st.steal, sizeof(struct kvm_steal_time));
  }

  int kvm_set_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 data)
  {
  	switch (msr) {

  	case MSR_EFER:

  		return set_efer(vcpu, data);

  	case MSR_K7_HWCR:
  		data &= ~(u64)0x40;	/* ignore flush filter disable */

  		data &= ~(u64)0x100;	/* ignore ignne emulation enable */

  		if (data != 0) {
  			pr_unimpl(vcpu, "unimplemented HWCR wrmsr: 0x%llx
  ",
  				data);
  			return 1;
  		}

  		break;

  	case MSR_FAM10H_MMIO_CONF_BASE:
  		if (data != 0) {
  			pr_unimpl(vcpu, "unimplemented MMIO_CONF_BASE wrmsr: "
  				"0x%llx
  ", data);
  			return 1;
  		}

  		break;

  	case MSR_AMD64_NB_CFG:

  		break;

  	case MSR_IA32_DEBUGCTLMSR:
  		if (!data) {
  			/* We support the non-activated case already */
  			break;
  		} else if (data & ~(DEBUGCTLMSR_LBR | DEBUGCTLMSR_BTF)) {
  			/* Values other than LBR and BTF are vendor-specific,
  			   thus reserved and should throw a #GP */
  			return 1;
  		}
  		pr_unimpl(vcpu, "%s: MSR_IA32_DEBUGCTLMSR 0x%llx, nop
  ",
  			__func__, data);
  		break;

  	case MSR_IA32_UCODE_REV:
  	case MSR_IA32_UCODE_WRITE:

  	case MSR_VM_HSAVE_PA:

  	case MSR_AMD64_PATCH_LOADER:

  		break;

  	case 0x200 ... 0x2ff:
  		return set_msr_mtrr(vcpu, msr, data);

  	case MSR_IA32_APICBASE:
  		kvm_set_apic_base(vcpu, data);
  		break;

  	case APIC_BASE_MSR ... APIC_BASE_MSR + 0x3ff:
  		return kvm_x2apic_msr_write(vcpu, msr, data);

  	case MSR_IA32_TSCDEADLINE:
  		kvm_set_lapic_tscdeadline_msr(vcpu, data);
  		break;

  	case MSR_IA32_MISC_ENABLE:

  		vcpu->arch.ia32_misc_enable_msr = data;

  		break;

  	case MSR_KVM_WALL_CLOCK_NEW:

  	case MSR_KVM_WALL_CLOCK:
  		vcpu->kvm->arch.wall_clock = data;
  		kvm_write_wall_clock(vcpu->kvm, data);
  		break;

  	case MSR_KVM_SYSTEM_TIME_NEW:

  	case MSR_KVM_SYSTEM_TIME: {

  		kvmclock_reset(vcpu);

  
  		vcpu->arch.time = data;

  		kvm_make_request(KVM_REQ_CLOCK_UPDATE, vcpu);

  
  		/* we verify if the enable bit is set... */
  		if (!(data & 1))
  			break;
  
  		/* ...but clean it before doing the actual write */
  		vcpu->arch.time_offset = data & ~(PAGE_MASK | 1);

  		vcpu->arch.time_page =
  				gfn_to_page(vcpu->kvm, data >> PAGE_SHIFT);

  
  		if (is_error_page(vcpu->arch.time_page)) {
  			kvm_release_page_clean(vcpu->arch.time_page);
  			vcpu->arch.time_page = NULL;
  		}

  		break;
  	}

  	case MSR_KVM_ASYNC_PF_EN:
  		if (kvm_pv_enable_async_pf(vcpu, data))
  			return 1;
  		break;

  	case MSR_KVM_STEAL_TIME:
  
  		if (unlikely(!sched_info_on()))
  			return 1;
  
  		if (data & KVM_STEAL_RESERVED_MASK)
  			return 1;
  
  		if (kvm_gfn_to_hva_cache_init(vcpu->kvm, &vcpu->arch.st.stime,
  							data & KVM_STEAL_VALID_BITS))
  			return 1;
  
  		vcpu->arch.st.msr_val = data;
  
  		if (!(data & KVM_MSR_ENABLED))
  			break;
  
  		vcpu->arch.st.last_steal = current->sched_info.run_delay;
  
  		preempt_disable();
  		accumulate_steal_time(vcpu);
  		preempt_enable();
  
  		kvm_make_request(KVM_REQ_STEAL_UPDATE, vcpu);
  
  		break;

  	case MSR_IA32_MCG_CTL:
  	case MSR_IA32_MCG_STATUS:
  	case MSR_IA32_MC0_CTL ... MSR_IA32_MC0_CTL + 4 * KVM_MAX_MCE_BANKS - 1:
  		return set_msr_mce(vcpu, msr, data);

  
  	/* Performance counters are not protected by a CPUID bit,
  	 * so we should check all of them in the generic path for the sake of
  	 * cross vendor migration.
  	 * Writing a zero into the event select MSRs disables them,
  	 * which we perfectly emulate ;-). Any other value should be at least
  	 * reported, some guests depend on them.
  	 */

  	case MSR_K7_EVNTSEL0:
  	case MSR_K7_EVNTSEL1:
  	case MSR_K7_EVNTSEL2:
  	case MSR_K7_EVNTSEL3:
  		if (data != 0)
  			pr_unimpl(vcpu, "unimplemented perfctr wrmsr: "
  				"0x%x data 0x%llx
  ", msr, data);
  		break;
  	/* at least RHEL 4 unconditionally writes to the perfctr registers,
  	 * so we ignore writes to make it happy.
  	 */

  	case MSR_K7_PERFCTR0:
  	case MSR_K7_PERFCTR1:
  	case MSR_K7_PERFCTR2:
  	case MSR_K7_PERFCTR3:
  		pr_unimpl(vcpu, "unimplemented perfctr wrmsr: "
  			"0x%x data 0x%llx
  ", msr, data);
  		break;

  	case MSR_K7_CLK_CTL:
  		/*
  		 * Ignore all writes to this no longer documented MSR.
  		 * Writes are only relevant for old K7 processors,
  		 * all pre-dating SVM, but a recommended workaround from
  		 * AMD for these chips. It is possible to speicify the
  		 * affected processor models on the command line, hence
  		 * the need to ignore the workaround.
  		 */
  		break;

  	case HV_X64_MSR_GUEST_OS_ID ... HV_X64_MSR_SINT15:
  		if (kvm_hv_msr_partition_wide(msr)) {
  			int r;
  			mutex_lock(&vcpu->kvm->lock);
  			r = set_msr_hyperv_pw(vcpu, msr, data);
  			mutex_unlock(&vcpu->kvm->lock);
  			return r;
  		} else
  			return set_msr_hyperv(vcpu, msr, data);
  		break;

  	case MSR_IA32_BBL_CR_CTL3:
  		/* Drop writes to this legacy MSR -- see rdmsr
  		 * counterpart for further detail.
  		 */
  		pr_unimpl(vcpu, "ignored wrmsr: 0x%x data %llx
  ", msr, data);
  		break;

  	default:

  		if (msr && (msr == vcpu->kvm->arch.xen_hvm_config.msr))
  			return xen_hvm_config(vcpu, data);

  		if (kvm_pmu_msr(vcpu, msr))
  			return kvm_pmu_set_msr(vcpu, msr, data);

  		if (!ignore_msrs) {
  			pr_unimpl(vcpu, "unhandled wrmsr: 0x%x data %llx
  ",
  				msr, data);
  			return 1;
  		} else {
  			pr_unimpl(vcpu, "ignored wrmsr: 0x%x data %llx
  ",
  				msr, data);
  			break;
  		}

  	}
  	return 0;
  }
  EXPORT_SYMBOL_GPL(kvm_set_msr_common);
  
  
  /*
   * Reads an msr value (of 'msr_index') into 'pdata'.
   * Returns 0 on success, non-0 otherwise.
   * Assumes vcpu_load() was already called.
   */
  int kvm_get_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
  {
  	return kvm_x86_ops->get_msr(vcpu, msr_index, pdata);
  }

  static int get_msr_mtrr(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
  {

  	u64 *p = (u64 *)&vcpu->arch.mtrr_state.fixed_ranges;

  	if (!msr_mtrr_valid(msr))
  		return 1;

  	if (msr == MSR_MTRRdefType)
  		*pdata = vcpu->arch.mtrr_state.def_type +
  			 (vcpu->arch.mtrr_state.enabled << 10);
  	else if (msr == MSR_MTRRfix64K_00000)
  		*pdata = p[0];
  	else if (msr == MSR_MTRRfix16K_80000 || msr == MSR_MTRRfix16K_A0000)
  		*pdata = p[1 + msr - MSR_MTRRfix16K_80000];
  	else if (msr >= MSR_MTRRfix4K_C0000 && msr <= MSR_MTRRfix4K_F8000)
  		*pdata = p[3 + msr - MSR_MTRRfix4K_C0000];
  	else if (msr == MSR_IA32_CR_PAT)
  		*pdata = vcpu->arch.pat;
  	else {	/* Variable MTRRs */
  		int idx, is_mtrr_mask;
  		u64 *pt;
  
  		idx = (msr - 0x200) / 2;
  		is_mtrr_mask = msr - 0x200 - 2 * idx;
  		if (!is_mtrr_mask)
  			pt =
  			  (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].base_lo;
  		else
  			pt =
  			  (u64 *)&vcpu->arch.mtrr_state.var_ranges[idx].mask_lo;
  		*pdata = *pt;
  	}

  	return 0;
  }

  static int get_msr_mce(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)

  {
  	u64 data;

  	u64 mcg_cap = vcpu->arch.mcg_cap;
  	unsigned bank_num = mcg_cap & 0xff;

  
  	switch (msr) {

  	case MSR_IA32_P5_MC_ADDR:
  	case MSR_IA32_P5_MC_TYPE:

  		data = 0;
  		break;

  	case MSR_IA32_MCG_CAP:

  		data = vcpu->arch.mcg_cap;
  		break;

  	case MSR_IA32_MCG_CTL:

  		if (!(mcg_cap & MCG_CTL_P))
  			return 1;
  		data = vcpu->arch.mcg_ctl;
  		break;
  	case MSR_IA32_MCG_STATUS:
  		data = vcpu->arch.mcg_status;
  		break;
  	default:
  		if (msr >= MSR_IA32_MC0_CTL &&
  		    msr < MSR_IA32_MC0_CTL + 4 * bank_num) {
  			u32 offset = msr - MSR_IA32_MC0_CTL;
  			data = vcpu->arch.mce_banks[offset];
  			break;
  		}
  		return 1;
  	}
  	*pdata = data;
  	return 0;
  }

  static int get_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
  {
  	u64 data = 0;
  	struct kvm *kvm = vcpu->kvm;
  
  	switch (msr) {
  	case HV_X64_MSR_GUEST_OS_ID:
  		data = kvm->arch.hv_guest_os_id;
  		break;
  	case HV_X64_MSR_HYPERCALL:
  		data = kvm->arch.hv_hypercall;
  		break;
  	default:
  		pr_unimpl(vcpu, "Hyper-V unhandled rdmsr: 0x%x
  ", msr);
  		return 1;
  	}
  
  	*pdata = data;
  	return 0;
  }
  
  static int get_msr_hyperv(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
  {
  	u64 data = 0;
  
  	switch (msr) {
  	case HV_X64_MSR_VP_INDEX: {
  		int r;
  		struct kvm_vcpu *v;
  		kvm_for_each_vcpu(r, v, vcpu->kvm)
  			if (v == vcpu)
  				data = r;
  		break;
  	}

  	case HV_X64_MSR_EOI:
  		return kvm_hv_vapic_msr_read(vcpu, APIC_EOI, pdata);
  	case HV_X64_MSR_ICR:
  		return kvm_hv_vapic_msr_read(vcpu, APIC_ICR, pdata);
  	case HV_X64_MSR_TPR:
  		return kvm_hv_vapic_msr_read(vcpu, APIC_TASKPRI, pdata);

  	case HV_X64_MSR_APIC_ASSIST_PAGE:

  		data = vcpu->arch.hv_vapic;
  		break;

  	default:
  		pr_unimpl(vcpu, "Hyper-V unhandled rdmsr: 0x%x
  ", msr);
  		return 1;
  	}
  	*pdata = data;
  	return 0;
  }

  int kvm_get_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
  {
  	u64 data;
  
  	switch (msr) {

  	case MSR_IA32_PLATFORM_ID:

  	case MSR_IA32_EBL_CR_POWERON:

  	case MSR_IA32_DEBUGCTLMSR:
  	case MSR_IA32_LASTBRANCHFROMIP:
  	case MSR_IA32_LASTBRANCHTOIP:
  	case MSR_IA32_LASTINTFROMIP:
  	case MSR_IA32_LASTINTTOIP:

  	case MSR_K8_SYSCFG:
  	case MSR_K7_HWCR:

  	case MSR_VM_HSAVE_PA:

  	case MSR_K7_EVNTSEL0:

  	case MSR_K7_PERFCTR0:

  	case MSR_K8_INT_PENDING_MSG:

  	case MSR_AMD64_NB_CFG:

  	case MSR_FAM10H_MMIO_CONF_BASE:

  		data = 0;
  		break;

  	case MSR_IA32_UCODE_REV:
  		data = 0x100000000ULL;
  		break;

  	case MSR_MTRRcap:
  		data = 0x500 | KVM_NR_VAR_MTRR;
  		break;
  	case 0x200 ... 0x2ff:
  		return get_msr_mtrr(vcpu, msr, pdata);

  	case 0xcd: /* fsb frequency */
  		data = 3;
  		break;

  		/*
  		 * MSR_EBC_FREQUENCY_ID
  		 * Conservative value valid for even the basic CPU models.
  		 * Models 0,1: 000 in bits 23:21 indicating a bus speed of
  		 * 100MHz, model 2 000 in bits 18:16 indicating 100MHz,
  		 * and 266MHz for model 3, or 4. Set Core Clock
  		 * Frequency to System Bus Frequency Ratio to 1 (bits
  		 * 31:24) even though these are only valid for CPU
  		 * models > 2, however guests may end up dividing or
  		 * multiplying by zero otherwise.
  		 */
  	case MSR_EBC_FREQUENCY_ID:
  		data = 1 << 24;
  		break;

  	case MSR_IA32_APICBASE:
  		data = kvm_get_apic_base(vcpu);
  		break;

  	case APIC_BASE_MSR ... APIC_BASE_MSR + 0x3ff:
  		return kvm_x2apic_msr_read(vcpu, msr, pdata);
  		break;

  	case MSR_IA32_TSCDEADLINE:
  		data = kvm_get_lapic_tscdeadline_msr(vcpu);
  		break;

  	case MSR_IA32_MISC_ENABLE:

  		data = vcpu->arch.ia32_misc_enable_msr;

  		break;

  	case MSR_IA32_PERF_STATUS:
  		/* TSC increment by tick */
  		data = 1000ULL;
  		/* CPU multiplier */
  		data |= (((uint64_t)4ULL) << 40);
  		break;

  	case MSR_EFER:

  		data = vcpu->arch.efer;

  		break;

  	case MSR_KVM_WALL_CLOCK:

  	case MSR_KVM_WALL_CLOCK_NEW:

  		data = vcpu->kvm->arch.wall_clock;
  		break;
  	case MSR_KVM_SYSTEM_TIME:

  	case MSR_KVM_SYSTEM_TIME_NEW:

  		data = vcpu->arch.time;
  		break;

  	case MSR_KVM_ASYNC_PF_EN:
  		data = vcpu->arch.apf.msr_val;
  		break;

  	case MSR_KVM_STEAL_TIME:
  		data = vcpu->arch.st.msr_val;
  		break;

  	case MSR_IA32_P5_MC_ADDR:
  	case MSR_IA32_P5_MC_TYPE:
  	case MSR_IA32_MCG_CAP:
  	case MSR_IA32_MCG_CTL:
  	case MSR_IA32_MCG_STATUS:
  	case MSR_IA32_MC0_CTL ... MSR_IA32_MC0_CTL + 4 * KVM_MAX_MCE_BANKS - 1:
  		return get_msr_mce(vcpu, msr, pdata);

  	case MSR_K7_CLK_CTL:
  		/*
  		 * Provide expected ramp-up count for K7. All other
  		 * are set to zero, indicating minimum divisors for
  		 * every field.
  		 *
  		 * This prevents guest kernels on AMD host with CPU
  		 * type 6, model 8 and higher from exploding due to
  		 * the rdmsr failing.
  		 */
  		data = 0x20000000;
  		break;

  	case HV_X64_MSR_GUEST_OS_ID ... HV_X64_MSR_SINT15:
  		if (kvm_hv_msr_partition_wide(msr)) {
  			int r;
  			mutex_lock(&vcpu->kvm->lock);
  			r = get_msr_hyperv_pw(vcpu, msr, pdata);
  			mutex_unlock(&vcpu->kvm->lock);
  			return r;
  		} else
  			return get_msr_hyperv(vcpu, msr, pdata);
  		break;

  	case MSR_IA32_BBL_CR_CTL3:
  		/* This legacy MSR exists but isn't fully documented in current
  		 * silicon.  It is however accessed by winxp in very narrow
  		 * scenarios where it sets bit #19, itself documented as
  		 * a "reserved" bit.  Best effort attempt to source coherent
  		 * read data here should the balance of the register be
  		 * interpreted by the guest:
  		 *
  		 * L2 cache control register 3: 64GB range, 256KB size,
  		 * enabled, latency 0x1, configured
  		 */
  		data = 0xbe702111;
  		break;

  	default:

  		if (kvm_pmu_msr(vcpu, msr))
  			return kvm_pmu_get_msr(vcpu, msr, pdata);

  		if (!ignore_msrs) {
  			pr_unimpl(vcpu, "unhandled rdmsr: 0x%x
  ", msr);
  			return 1;
  		} else {
  			pr_unimpl(vcpu, "ignored rdmsr: 0x%x
  ", msr);
  			data = 0;
  		}
  		break;

  	}
  	*pdata = data;
  	return 0;
  }
  EXPORT_SYMBOL_GPL(kvm_get_msr_common);

  /*
   * Read or write a bunch of msrs. All parameters are kernel addresses.
   *
   * @return number of msrs set successfully.
   */
  static int __msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs *msrs,
  		    struct kvm_msr_entry *entries,
  		    int (*do_msr)(struct kvm_vcpu *vcpu,
  				  unsigned index, u64 *data))
  {

  	int i, idx;

  	idx = srcu_read_lock(&vcpu->kvm->srcu);

  	for (i = 0; i < msrs->nmsrs; ++i)
  		if (do_msr(vcpu, entries[i].index, &entries[i].data))
  			break;

  	srcu_read_unlock(&vcpu->kvm->srcu, idx);

  	return i;
  }
  
  /*
   * Read or write a bunch of msrs. Parameters are user addresses.
   *
   * @return number of msrs set successfully.
   */
  static int msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs __user *user_msrs,
  		  int (*do_msr)(struct kvm_vcpu *vcpu,
  				unsigned index, u64 *data),
  		  int writeback)
  {
  	struct kvm_msrs msrs;
  	struct kvm_msr_entry *entries;
  	int r, n;
  	unsigned size;
  
  	r = -EFAULT;
  	if (copy_from_user(&msrs, user_msrs, sizeof msrs))
  		goto out;
  
  	r = -E2BIG;
  	if (msrs.nmsrs >= MAX_IO_MSRS)
  		goto out;

  	size = sizeof(struct kvm_msr_entry) * msrs.nmsrs;

  	entries = memdup_user(user_msrs->entries, size);
  	if (IS_ERR(entries)) {
  		r = PTR_ERR(entries);

  		goto out;

  	}

  
  	r = n = __msr_io(vcpu, &msrs, entries, do_msr);
  	if (r < 0)
  		goto out_free;
  
  	r = -EFAULT;
  	if (writeback && copy_to_user(user_msrs->entries, entries, size))
  		goto out_free;
  
  	r = n;
  
  out_free:

  	kfree(entries);

  out:
  	return r;
  }

  int kvm_dev_ioctl_check_extension(long ext)
  {
  	int r;
  
  	switch (ext) {
  	case KVM_CAP_IRQCHIP:
  	case KVM_CAP_HLT:
  	case KVM_CAP_MMU_SHADOW_CACHE_CONTROL:

  	case KVM_CAP_SET_TSS_ADDR:

  	case KVM_CAP_EXT_CPUID:

  	case KVM_CAP_CLOCKSOURCE:

  	case KVM_CAP_PIT:

  	case KVM_CAP_NOP_IO_DELAY:

  	case KVM_CAP_MP_STATE:

  	case KVM_CAP_SYNC_MMU:

  	case KVM_CAP_USER_NMI:

  	case KVM_CAP_REINJECT_CONTROL:

  	case KVM_CAP_IRQ_INJECT_STATUS:

  	case KVM_CAP_ASSIGN_DEV_IRQ:

  	case KVM_CAP_IRQFD: