| CPC G06F 9/30145 (2013.01) [G06F 9/30167 (2013.01); G06F 9/45541 (2013.01); G06F 9/45554 (2013.01)] | 25 Claims |
|
1. A computer program product for blocking specific instructions from being executed by a logical processor executing in a virtual machine, the logical processor configured to run on a physical processor, the computer program product comprising:
one or more non-transitory computer readable storage media and program instructions collectively stored on the one or more computer readable storage media to perform a method comprising:
setting an instruction blocking value in the logical processor, the instruction blocking value to block execution of instructions having certain function codes identified by the instruction blocking value, the instruction blocking value blocking execution of an instruction having a not permitted function code;
fetching, by the logical processor, an instruction to be executed by the logical processor, the instruction specifying an opcode and a function code of a plurality of function codes specifiable by the instruction, each function code specifying a function-to-be-performed, the plurality of function codes and the corresponding functions-to-be-performed being supported by the physical processor on which the logical processor is running, the opcode and the function code being separate from the instruction blocking value;
based on the instruction blocking value and the function code of the instruction fetched, determining that the function-to-be-performed is not a permitted function-to-be-performed; and
blocking execution of the instruction fetched based on the determining that the function-to-be-performed is not a permitted function-to-be-performed, the blocking execution comprising causing a program exception event.
|