From patchwork Mon Aug 17 15:57:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718749 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A6A4E13A4 for ; Mon, 17 Aug 2020 15:59:35 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7E86B20760 for ; Mon, 17 Aug 2020 15:59:35 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="f4rG+COf" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7E86B20760 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hX1-0006wa-5b; Mon, 17 Aug 2020 15:58:43 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hX0-0006wT-00 for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:58:42 +0000 X-Inumbo-ID: a974dbae-8d5b-4c51-9431-158ab1435b63 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id a974dbae-8d5b-4c51-9431-158ab1435b63; Mon, 17 Aug 2020 15:58:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679921; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Q74puLuT0vDNhKrTxd4JxP8KRkMXdKwVK0okEy3W1sI=; b=f4rG+COfA8FoZ/58C92hfv7xyZAdcqMZYmFS76Hp71dbWHS2DHzs0Sgy DXF3k0mPRqu6O4MBYH9079tbvGl2aJkFTRqJWL4FMf2CvyJalIKUElCTM JZl9daqjMKa0AkyCoTTFYEz/Ds0wymeQZnTmfAgaIiAeqc6L9l1WFdJ+1 c=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: n0cCQP+s4fdOY5jDtDWlu45NH6L9O3fooTJpfJ5uGNpbTBsm1EkxTXr2wuV5LKXJjyBKrY9+9E bWn/jYGICclhD9hJ6r9X7vHg5UvKuJcVYZ5sCD4vT0TLvNEf0rsWwy9b1gv2XOpqEzoiBtGFn9 yJ5Gs+x0uuYMZHbglYDZuaknpphFRiH7IbcCq2ugvb1rz3+ZR0xwCEvGYQaneEEN+bj7IE90FK wpbRc2FZi/H86meV6hCmqSxXVC0YCUQ1iaopS+MArhBliO47cKRmP7YZB1adPI8f1kfquOyGbP P54= X-SBRS: 2.7 X-MesageID: 24707108 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="24707108" From: Roger Pau Monne To: CC: Roger Pau Monne , Jun Nakajima , Kevin Tian , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 1/8] x86/vmx: handle writes to MISC_ENABLE MSR Date: Mon, 17 Aug 2020 17:57:50 +0200 Message-ID: <20200817155757.3372-2-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Such handling consist in checking that no bits have been changed from the read value, if that's the case silently drop the write, otherwise inject a fault. At least Windows guests will expect to write to the MISC_ENABLE MSR with the same value that's been read from it. Signed-off-by: Roger Pau Monné Acked-by: Andrew Cooper --- xen/arch/x86/hvm/vmx/vmx.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index eb54aadfba..fbfb31af05 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -3166,7 +3166,7 @@ static int vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content) switch ( msr ) { - uint64_t rsvd; + uint64_t rsvd, tmp; case MSR_IA32_SYSENTER_CS: __vmwrite(GUEST_SYSENTER_CS, msr_content); @@ -3304,6 +3304,13 @@ static int vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content) /* None of these MSRs are writeable. */ goto gp_fault; + case MSR_IA32_MISC_ENABLE: + /* Silently drop writes that don't change the reported value. */ + if ( vmx_msr_read_intercept(msr, &tmp) != X86EMUL_OKAY || + tmp != msr_content ) + goto gp_fault; + break; + case MSR_P6_PERFCTR(0)...MSR_P6_PERFCTR(7): case MSR_P6_EVNTSEL(0)...MSR_P6_EVNTSEL(7): case MSR_CORE_PERF_FIXED_CTR0...MSR_CORE_PERF_FIXED_CTR2: From patchwork Mon Aug 17 15:57:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718755 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 11174109B for ; Mon, 17 Aug 2020 15:59:58 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id DB15720885 for ; Mon, 17 Aug 2020 15:59:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="P4Nu8w0A" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DB15720885 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hX6-0006xt-Eg; Mon, 17 Aug 2020 15:58:48 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hX4-0006wT-Sb for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:58:46 +0000 X-Inumbo-ID: 9303d3ee-70fd-4615-8eae-771c6f86528c Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 9303d3ee-70fd-4615-8eae-771c6f86528c; Mon, 17 Aug 2020 15:58:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679923; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=aGp+WY6YIORDQ/8VeSo1f4tZia0Y1O1MSRPMQUQz7pM=; b=P4Nu8w0AuAbagZlxI2+MN8ybHkj+d28BfbldFBwSIPufwTrUXpWH2/OS hkFtcLwRbVsU/Hdqqij70UNjWcQOZVU2svF6Gl1gE5Dngww3ORqIl71po evgDESzbZIjcxGduB5/sgJIkN2G1LFDEDXsu8ZZhGjjOdzX+VIy5RQIvU A=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: ePUlzo4XrjdvuMpehjn7LJ8mYPnPJabjsDQ4GG5U0MwpzcdbuNzyGZLCIrNOzSVCqMB0RakiB1 j4XdcvZczFOFS8sqFZDv22icGLfrPJD013yacLuz9nJD+8aw6pn2CpGs7l8iY9ZN8Pd7zlcKLh NFBKbjfRtsObRTkDvqSW5KoF/fi5K9GszzF6KqroZvXk0f5Pa323x01cOlHgH9cs4aH6rGLf3X piSMZQ/UiUYIjqed/g14OIphcAZpQLiNJgwaYi70j2aqbizu76w87wctefMEmZA6qSz+E5VyXZ Sk0= X-SBRS: 2.7 X-MesageID: 24707109 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="24707109" From: Roger Pau Monne To: CC: Roger Pau Monne , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 2/8] x86/svm: silently drop writes to SYSCFG and related MSRs Date: Mon, 17 Aug 2020 17:57:51 +0200 Message-ID: <20200817155757.3372-3-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The SYSCFG, TOP_MEM1 and TOP_MEM2 MSRs are currently exposed to guests and writes are silently discarded. Make this explicit in the SVM code now, and just return 0 when attempting to read any of the MSRs, while continuing to silently drop writes. Signed-off-by: Roger Pau Monné --- xen/arch/x86/hvm/svm/svm.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index ca3bbfcbb3..671cdcb724 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -1917,6 +1917,13 @@ static int svm_msr_read_intercept(unsigned int msr, uint64_t *msr_content) goto gpf; break; + case MSR_K8_TOP_MEM1: + case MSR_K8_TOP_MEM2: + case MSR_K8_SYSCFG: + /* Return all 0s. */ + *msr_content = 0; + break; + case MSR_K8_VM_CR: *msr_content = 0; break; @@ -2094,6 +2101,12 @@ static int svm_msr_write_intercept(unsigned int msr, uint64_t msr_content) goto gpf; break; + case MSR_K8_TOP_MEM1: + case MSR_K8_TOP_MEM2: + case MSR_K8_SYSCFG: + /* Drop writes. */ + break; + case MSR_K8_VM_CR: /* ignore write. handle all bits as read-only. */ break; From patchwork Mon Aug 17 15:57:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718757 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id ECDE81392 for ; Mon, 17 Aug 2020 15:59:59 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C5D9520885 for ; Mon, 17 Aug 2020 15:59:59 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="ONUltRMm" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C5D9520885 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXJ-00073u-Gb; Mon, 17 Aug 2020 15:59:01 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXI-00073P-I6 for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:59:00 +0000 X-Inumbo-ID: 9fb2d8e2-3995-469b-9d84-57708e00eb6e Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 9fb2d8e2-3995-469b-9d84-57708e00eb6e; Mon, 17 Aug 2020 15:58:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679939; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ZKzK+c5XyV+OLEz6QG9xmudgjXWSKUFpmUQMfU+3bSg=; b=ONUltRMm0RQNSBw4pXTqbQa58Cdkd38XqtVsFcltvWEfJGZMMS0zQ5kK xM6Hw1Kx+VvUSM18YRkIs/TrYu8A4iXYdzKwznLsVt8dIpWzpIryes3ev 7cuKPv/7FKLfIzewVNfcvt3cFdeWW4PWyCCSsMxH0N3syyeLGHK/p1QCU c=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: vNnOf95SAcM0GK1/8PeZCJTmEGsEhWMOICD6AbiaziiIqB7OFH3eW9QOojO4AiD/kmTT8dYbQL lWn+rCwGlyAb04YtphdWOcto2QHQtipIv29JNtViI/HMfWlBeHPfyYbjOLDElT2sAQXPJhHLJs 1lwZs975dYvQ2yl1QS1+9f4rK9fhTIhzH0UQNrbVIM87wd1ibaz85X9BFActm/o9ny1K4Clgrp OtCCk1zq0Ag+zFdAO+GO+y80bf8vBaEl9jexT5BgAGJH+ZOqeZiFwIe/liEvF4cKL7aYfS88Bq v+U= X-SBRS: 2.7 X-MesageID: 24673328 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="24673328" From: Roger Pau Monne To: CC: Roger Pau Monne , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 3/8] x86/pv: handle writes to the EFER MSR Date: Mon, 17 Aug 2020 17:57:52 +0200 Message-ID: <20200817155757.3372-4-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Silently drop writes to the EFER MSR for PV guests if the value is not changed from what it's being reported. Current PV Linux will attempt to write to the MSR with the same value that's been read, and raising a fault will result in a guest crash. As part of this work introduce a helper to easily get the EFER value reported to guests. Signed-off-by: Roger Pau Monné --- xen/arch/x86/pv/emul-priv-op.c | 35 ++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index efeb2a727e..fd3cbfaebc 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -837,6 +837,23 @@ static inline bool is_cpufreq_controller(const struct domain *d) is_hardware_domain(d)); } +static uint64_t guest_efer(const struct domain *d) +{ + uint64_t val; + + /* Hide unknown bits, and unconditionally hide SVME from guests. */ + val = read_efer() & EFER_KNOWN_MASK & ~EFER_SVME; + /* + * Hide the 64-bit features from 32-bit guests. SCE has + * vendor-dependent behaviour. + */ + if ( is_pv_32bit_domain(d) ) + val &= ~(EFER_LME | EFER_LMA | + (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL + ? EFER_SCE : 0)); + return val; +} + static int read_msr(unsigned int reg, uint64_t *val, struct x86_emulate_ctxt *ctxt) { @@ -880,16 +897,7 @@ static int read_msr(unsigned int reg, uint64_t *val, return X86EMUL_OKAY; case MSR_EFER: - /* Hide unknown bits, and unconditionally hide SVME from guests. */ - *val = read_efer() & EFER_KNOWN_MASK & ~EFER_SVME; - /* - * Hide the 64-bit features from 32-bit guests. SCE has - * vendor-dependent behaviour. - */ - if ( is_pv_32bit_domain(currd) ) - *val &= ~(EFER_LME | EFER_LMA | - (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL - ? EFER_SCE : 0)); + *val = guest_efer(currd); return X86EMUL_OKAY; case MSR_K7_FID_VID_CTL: @@ -1005,6 +1013,13 @@ static int write_msr(unsigned int reg, uint64_t val, curr->arch.pv.gs_base_user = val; return X86EMUL_OKAY; + case MSR_EFER: + /* Silently drop writes that don't change the reported value. */ + temp = guest_efer(currd); + if ( val != temp ) + goto invalid; + return X86EMUL_OKAY; + case MSR_K7_FID_VID_STATUS: case MSR_K7_FID_VID_CTL: case MSR_K8_PSTATE_LIMIT: From patchwork Mon Aug 17 15:57:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718745 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9329A109B for ; Mon, 17 Aug 2020 15:59:12 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6D295206FA for ; Mon, 17 Aug 2020 15:59:12 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="ejFB8Wav" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6D295206FA Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXA-0006zt-U2; Mon, 17 Aug 2020 15:58:52 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hX9-0006wT-Sg for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:58:51 +0000 X-Inumbo-ID: da20fd55-8b8d-4232-8f1d-d55581380bb2 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id da20fd55-8b8d-4232-8f1d-d55581380bb2; Mon, 17 Aug 2020 15:58:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679927; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=rGvkY8TrcGybqag821UNF0p8CCRDXs6sHOguozE9sNs=; b=ejFB8WavEdwckjBEIs/8R9MFUCoOzXLkHk6RC9VQTwdfLQ4/0tepgjOE 1fvCmpo5eOuTMhHPdjhQh2ccwFqcH4+Ak8kubEcYgEgb+4LK1zaTkxLZ3 k4IPHwwm2/qZRdn+WNS622p/87gbrE/9CFvQkeyySiTrSLSTcweU9x2F7 w=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: pabl6xHwqVXCHDOchcvVF3S1xwuLWQmwpaW59MfKncLNlxr2tEsNRP/Ep4lf/44V4IYAyhBnH+ dbZm90/3yRNvMlo0+N5AAbY8JOX3jVAPF6GiU4aur9xKYl+HNn0HTt7TRbM/ygxjOxin3HfpA0 pwFdgxN07dni/47bFDnBZjCwclX6F6iv1g+abIqs7f7+akKoNoJlCWXXeJDGQKSwiPXynQ9Yhd ebn8AZ6ONeQzsoNBqWa1AZnxr4Dqc/XaVdYBuo9F3i06G0aCxW6qJzlaucdgn9hsRs1DrQCG8W eGo= X-SBRS: 2.7 X-MesageID: 24707111 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="24707111" From: Roger Pau Monne To: CC: Roger Pau Monne , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 4/8] x86/pv: handle reads to the PAT MSR Date: Mon, 17 Aug 2020 17:57:53 +0200 Message-ID: <20200817155757.3372-5-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The value in the PAT MSR is part of the ABI between Xen and PV guests, and there's no reason to not allow a PV guest to read it. Signed-off-by: Roger Pau Monné Acked-by: Andrew Cooper --- xen/arch/x86/pv/emul-priv-op.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index fd3cbfaebc..ff87c7d769 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -900,6 +900,10 @@ static int read_msr(unsigned int reg, uint64_t *val, *val = guest_efer(currd); return X86EMUL_OKAY; + case MSR_IA32_CR_PAT: + *val = XEN_MSR_PAT; + return X86EMUL_OKAY; + case MSR_K7_FID_VID_CTL: case MSR_K7_FID_VID_STATUS: case MSR_K8_PSTATE_LIMIT: From patchwork Mon Aug 17 15:57:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718759 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B5A78109B for ; Mon, 17 Aug 2020 16:00:01 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8B9A020885 for ; Mon, 17 Aug 2020 16:00:01 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="Ju688uKM" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8B9A020885 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXO-00077g-7h; Mon, 17 Aug 2020 15:59:06 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXN-00073P-3N for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:59:05 +0000 X-Inumbo-ID: 51b78f9d-fad0-4c41-a9e0-5c7261eb96e8 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 51b78f9d-fad0-4c41-a9e0-5c7261eb96e8; Mon, 17 Aug 2020 15:59:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679940; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=F/Ls1vXs3JLCaDO3OMKs0GkvZz4YTpGo+BI7GjCWN+A=; b=Ju688uKMZP8oM6iW5pYVm6sT6VpHCOb6d/+jNCy0E6tygRBsYUDnhM3V LPhBCCtaeLzXd4EUmT1V9S1FMDk6nCx8huqfmqNFr9VXg/GcBC3XcK9qL qxqtcdPX3Ni2uluM9JzWeVx3aiFGI47EefBthoO30jhrvo5ylkVpsFWuE s=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: OqmOhAaQ34hFtLweGTvGmfWDIiPIs06YVkYMJRpw6AFmKK0+l1Txm31nZnCnpQM9eVpSLo7Skb 0aXOrZAPGA411m/oYh8YdsWjiQPIIW/ZJZsFHZxcHpSed2tDJMb4Jh712xdb4yTzGvi9k/Q5X6 Ue9f8wyRs56iaQdwhT2M6ZsUXH2Wf4tv1CEWRq9PSQoCFbFkT303lbN/N8qheDf6RR+4w6ifAm hhenlmGVldRPNfPkMQphPMZwq1fGTwlJ21WQbQ6m+nke3V44SQOa6LChrQ/7vEq2IO4RgFtej5 XjI= X-SBRS: 2.7 X-MesageID: 24673333 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="24673333" From: Roger Pau Monne To: CC: Roger Pau Monne , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 5/8] x86/pv: allow reading APIC_BASE MSR Date: Mon, 17 Aug 2020 17:57:54 +0200 Message-ID: <20200817155757.3372-6-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Linux PV guests will attempt to read the APIC_BASE MSR, so just report a default value to make Linux happy. Signed-off-by: Roger Pau Monné Acked-by: Andrew Cooper --- xen/arch/x86/pv/emul-priv-op.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index ff87c7d769..554a95ae8d 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -872,6 +872,13 @@ static int read_msr(unsigned int reg, uint64_t *val, switch ( reg ) { + case MSR_APIC_BASE: + /* Linux PV guests will attempt to read APIC_BASE. */ + *val = APIC_BASE_ENABLE | APIC_DEFAULT_PHYS_BASE; + if ( !curr->vcpu_id ) + *val |= APIC_BASE_BSP; + return X86EMUL_OKAY; + case MSR_FS_BASE: if ( is_pv_32bit_domain(currd) ) break; From patchwork Mon Aug 17 15:57:55 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718761 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A4882109B for ; Mon, 17 Aug 2020 16:00:14 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 77443208C7 for ; Mon, 17 Aug 2020 16:00:14 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="EiBM2gPT" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 77443208C7 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXT-0007BA-HK; Mon, 17 Aug 2020 15:59:11 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXS-00073P-3E for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:59:10 +0000 X-Inumbo-ID: e1577a73-ae74-48a7-a05f-d3f78b78f32b Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id e1577a73-ae74-48a7-a05f-d3f78b78f32b; Mon, 17 Aug 2020 15:59:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679941; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=sbwFCsE82OUswnTxoAvsofX0HYNKQlQfPtMyufjDfMw=; b=EiBM2gPT6KqWktbIVJgMS4sq5kIUMblTJ31oamfln44n/sFEiJjinE3+ D0+tSDEEfJ4GJxIYCCZ8DbISGCB0AG2BcSZ2nm5D4olCjuKEgC0/lkBp6 m6dXrHsup1CKspN33GDD5LIuxXGTfcQpz3ooCHUiyxKWOcp7Q1Q+BQiiU 8=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: psHUZNUJszeD/YOQ4RAWn8l6IncFDipvG6HgL9CoWlpKyjX9kvhPX8S0vD9KDw9vmZaFLQQvwo FGYbJBdCxEznULhhTYbxYkgIgxQD2jBkxgFDbn0cX3GcMygeeRd4I8HyzDR5iAUpHOSMvOWYn8 WVx9Xd4bKXOjUsTUQhOuxNdioay/fbjCk9caK9YlyopaIBiP/cLwrHDLGekvb/vflGLEJ5NFEX cQJwoqgZ9Vyil3SivC35Mvk37SgVuDHtC3/TNYLykpo0W0EwOq3WMgOTDY0vcypH5JWKEni+5g R/c= X-SBRS: 2.7 X-MesageID: 24673337 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="24673337" From: Roger Pau Monne To: CC: Roger Pau Monne , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 6/8] x86/pv: allow reading FEATURE_CONTROL MSR Date: Mon, 17 Aug 2020 17:57:55 +0200 Message-ID: <20200817155757.3372-7-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Linux PV guests will attempt to read the FEATURE_CONTROL MSR, report no features enabled or available, and that the MSR is already locked. Signed-off-by: Roger Pau Monné --- xen/arch/x86/pv/emul-priv-op.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index 554a95ae8d..76c878b677 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -879,6 +879,10 @@ static int read_msr(unsigned int reg, uint64_t *val, *val |= APIC_BASE_BSP; return X86EMUL_OKAY; + case MSR_IA32_FEATURE_CONTROL: + *val = IA32_FEATURE_CONTROL_LOCK; + return X86EMUL_OKAY; + case MSR_FS_BASE: if ( is_pv_32bit_domain(currd) ) break; From patchwork Mon Aug 17 15:57:56 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718747 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0A7C6109B for ; Mon, 17 Aug 2020 15:59:34 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D923D2072E for ; Mon, 17 Aug 2020 15:59:33 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="Y1btFBef" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D923D2072E Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXG-00072L-70; Mon, 17 Aug 2020 15:58:58 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXE-0006wT-Sr for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:58:56 +0000 X-Inumbo-ID: 2ce9f53b-fa70-4091-9fe2-e08bcbb8e0ef Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 2ce9f53b-fa70-4091-9fe2-e08bcbb8e0ef; Mon, 17 Aug 2020 15:58:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679933; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=QNFt2MaUZcrOOAd88SQa0Ik2DvsRYhMp9yfE1IOX5hU=; b=Y1btFBefmPM8R1xh6XGy7YzgfqnRLNmoJQlhrDnXSvUjwcVMkqPPdCQd QpM2V4A8c+jhcxHoXIW96HI7vkK8z4VTq+YliykSk7lvrkk/sx4wd0WJO Ly5f1kwKo6iaW9IgankPKr7P+l4CWPJlokSBvvY8qxxiUnxlVQpjom2aq w=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: NU9qgm32sbZAg/M6wZCR814YO56u5+nQkqPxfQY6imYPhVmCJ0901RS9QRLzbmQCFQR3U8r538 zzhZ+JcpAxA5TCUddnOmWSAVeq36BYI5POJWt4HU+DoCXsyEWfcM0JXqOVbP64+ffpvJ9qDCTn PnF+c10//W6bOXIUtKENaPf+SJQJWfCS6R0JDFa7FMGLygthS+gewHlkkDssWmCpQxFg+gfnrq oN95CG2eSDgr4UXyXRvoe1pu4T3oBUEIa+tAYcfoMLZNVXraa1pcnEbOh+YhxA+dK7WaWmXnbB WfY= X-SBRS: 2.7 X-MesageID: 25616946 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="25616946" From: Roger Pau Monne To: CC: Roger Pau Monne , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH 7/8] x86/pv: disallow access to unknown MSRs Date: Mon, 17 Aug 2020 17:57:56 +0200 Message-ID: <20200817155757.3372-8-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Change the catch-all behavior for MSR not explicitly handled. Instead of allow full read-access to the MSR space and silently dropping writes return an exception when the MSR is not explicitly handled. Signed-off-by: Roger Pau Monné Acked-by: Andrew Cooper --- xen/arch/x86/pv/emul-priv-op.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index 76c878b677..fcbcf5a6c2 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -976,9 +976,10 @@ static int read_msr(unsigned int reg, uint64_t *val, } /* fall through */ default: + gdprintk(XENLOG_WARNING, "RDMSR 0x%08x unimplemented\n", reg); + break; + normal: - /* Everyone can read the MSR space. */ - /* gdprintk(XENLOG_WARNING, "Domain attempted RDMSR %08x\n", reg); */ if ( rdmsr_safe(reg, *val) ) break; return X86EMUL_OKAY; @@ -1143,14 +1144,15 @@ static int write_msr(unsigned int reg, uint64_t val, } /* fall through */ default: - if ( rdmsr_safe(reg, temp) ) - break; + gdprintk(XENLOG_WARNING, + "WRMSR 0x%08x val 0x%016"PRIx64" unimplemented\n", + reg, val); + break; - if ( val != temp ) invalid: - gdprintk(XENLOG_WARNING, - "Domain attempted WRMSR %08x from 0x%016"PRIx64" to 0x%016"PRIx64"\n", - reg, temp, val); + gdprintk(XENLOG_WARNING, + "Domain attempted WRMSR %08x from 0x%016"PRIx64" to 0x%016"PRIx64"\n", + reg, temp, val); return X86EMUL_OKAY; } From patchwork Mon Aug 17 15:57:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11718753 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9E7331392 for ; Mon, 17 Aug 2020 15:59:57 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 767BC20888 for ; Mon, 17 Aug 2020 15:59:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="E3oNFcGv" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 767BC20888 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXK-00074o-SU; Mon, 17 Aug 2020 15:59:02 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k7hXJ-0006wT-Sw for xen-devel@lists.xenproject.org; Mon, 17 Aug 2020 15:59:01 +0000 X-Inumbo-ID: 551aade9-e5df-4280-bab1-3b1202ef45fb Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 551aade9-e5df-4280-bab1-3b1202ef45fb; Mon, 17 Aug 2020 15:58:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597679935; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=zm6CDp60sdpOC6MU+Y+DF2KHVDov78uXMXqCCpLuKMs=; b=E3oNFcGvuMpNqM8mati3jDOuaPfWMRgGwMGpLWvxO8bT88bs/A5XvOo0 kp2Bo2S8UtU76iq1ZufDi5cuMARO7KvkILX1mOoHI40XUwDOjsSuKYczZ Cm07DwOhDSWVW6720AfKumhMunS2Z/A9/hDNEC32no3JyI8qpMu916Eov 8=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: xRY3ODaR/rhILx0O16Ymd5cRTkcJdHgHNk2/O8X99L80H2uGHJaNIY5Er1Kp9nHBgIAxlbpyGE 1xcLS49aAruDzvKS6YYaWRDyopZekLW2Q9Tymuhy5bTiiHvhObwnUTYGcuLNg6HKFvaofM/jYa HHDWf4mefgck8v0iTCOAbx4qGvylS5zbzZDPOAaD/JvizTp/XI2BAXx6EZav6CsBiNBx2rRtTW 92+BG6LrQBkJwxW1EGaqiOEA0FJD6mdUEe22ta+jut0ZyzI9w03Airrri/bCkJ2Kv9WxEXxbLR R48= X-SBRS: 2.7 X-MesageID: 24850037 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,324,1592884800"; d="scan'208";a="24850037" From: Roger Pau Monne To: CC: Andrew Cooper , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= , Jun Nakajima , Kevin Tian Subject: [PATCH 8/8] x86/hvm: Disallow access to unknown MSRs Date: Mon, 17 Aug 2020 17:57:57 +0200 Message-ID: <20200817155757.3372-9-roger.pau@citrix.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" From: Andrew Cooper Change the catch-all behavior for MSR not explicitly handled. Instead of allow full read-access to the MSR space and silently dropping writes return an exception when the MSR is not explicitly handled. Signed-off-by: Andrew Cooper --- xen/arch/x86/hvm/svm/svm.c | 8 ++++---- xen/arch/x86/hvm/vmx/vmx.c | 11 ++++------- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 671cdcb724..076fa67138 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -1959,6 +1959,7 @@ static int svm_msr_read_intercept(unsigned int msr, uint64_t *msr_content) break; } + gdprintk(XENLOG_WARNING, "RDMSR 0x%08x unimplemented\n", msr); goto gpf; } @@ -2140,10 +2141,9 @@ static int svm_msr_write_intercept(unsigned int msr, uint64_t msr_content) break; default: - /* Match up with the RDMSR side; ultimately this should go away. */ - if ( rdmsr_safe(msr, msr_content) == 0 ) - break; - + gdprintk(XENLOG_WARNING, + "WRMSR 0x%08x val 0x%016"PRIx64" unimplemented\n", + msr, msr_content); goto gpf; } diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index fbfb31af05..800066da7d 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -3024,9 +3024,7 @@ static int vmx_msr_read_intercept(unsigned int msr, uint64_t *msr_content) break; } - if ( rdmsr_safe(msr, *msr_content) == 0 ) - break; - + gdprintk(XENLOG_WARNING, "RDMSR 0x%08x unimplemented\n", msr); goto gp_fault; } @@ -3329,10 +3327,9 @@ static int vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content) is_last_branch_msr(msr) ) break; - /* Match up with the RDMSR side; ultimately this should go away. */ - if ( rdmsr_safe(msr, msr_content) == 0 ) - break; - + gdprintk(XENLOG_WARNING, + "WRMSR 0x%08x val 0x%016"PRIx64" unimplemented\n", + msr, msr_content); goto gp_fault; } From patchwork Tue Aug 18 13:58:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11720931 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BA6B81575 for ; Tue, 18 Aug 2020 14:00:31 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8E5092054F for ; Tue, 18 Aug 2020 14:00:31 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="IGbFqqMF" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8E5092054F Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k828J-000182-1p; Tue, 18 Aug 2020 13:58:35 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1k828I-00017v-3j for xen-devel@lists.xenproject.org; Tue, 18 Aug 2020 13:58:34 +0000 X-Inumbo-ID: de53b5a7-4677-4c2a-a2a7-d878cebc38df Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id de53b5a7-4677-4c2a-a2a7-d878cebc38df; Tue, 18 Aug 2020 13:58:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1597759112; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=K7j5MgZD0Ar4B+vyr2acjpW6kqvR/sR8VIbMWkF+Zjc=; b=IGbFqqMF4j6EYZ2Pn8pTonqc3iV4n5ZlxCozNK2Pz5nOZcxddjgJMczc UnYq/kayaewKo/yV/1UOqvnKJOkfPbhQw8nwjNi7Vy9Spi+LWnsNcXhVK OAKuoxzXCwhtJV/MtFtGAniHSjwnkdPYE/S091fXiCcNE9QwRvTmVRPsb M=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: 9x79DGqCrnevw4LGMfWDUI2iBaTQ+pkXPFoyVz5q2tZhuRQ/BTrzHxAM+yHqNE8Ja1YeQfx9+4 y70ZWzHQSqntqIeXbi6jg4yJ6YvNC+PFfKFOV9cJo0L9yvwiFzN02pKC84vaHJOSSO5Voodh2e YdJP10fWxgy3WBr7wu+8dYTk2HSvBtxEcACNVX7ETiW4DLNzTRJYnJ4cz1VS8NEpNeAW9mDw8K Sz23O8BWlnbAtlLg2PUeAD13gxIEDQLAsP4D1ehJ3q1hJOBM2E6TIYdLL9Ka6A+i5CHaKLmW9u PbQ= X-SBRS: 2.7 X-MesageID: 25696712 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.76,327,1592884800"; d="scan'208";a="25696712" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= Subject: [PATCH 9/8] x86/msr: Drop compatibility #GP handling in guest_{rd, wr}msr() Date: Tue, 18 Aug 2020 14:58:12 +0100 Message-ID: <20200818135812.22420-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20200817155757.3372-1-roger.pau@citrix.com> References: <20200817155757.3372-1-roger.pau@citrix.com> MIME-Version: 1.0 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Now that the main PV/HVM MSR handlers raise #GP for all unknown MSRs, there is no need to special case these MSRs any more. Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monné --- xen/arch/x86/msr.c | 46 ---------------------------------------------- 1 file changed, 46 deletions(-) diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index ca4307e19f..a79c6ae718 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -158,29 +158,6 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val) switch ( msr ) { - case MSR_AMD_PATCHLOADER: - case MSR_IA32_UCODE_WRITE: - case MSR_PRED_CMD: - case MSR_FLUSH_CMD: - /* Write-only */ - case MSR_TEST_CTRL: - case MSR_CORE_CAPABILITIES: - case MSR_TSX_FORCE_ABORT: - case MSR_TSX_CTRL: - case MSR_MCU_OPT_CTRL: - case MSR_RTIT_OUTPUT_BASE ... MSR_RTIT_ADDR_B(7): - case MSR_U_CET: - case MSR_S_CET: - case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE: - case MSR_AMD64_LWP_CFG: - case MSR_AMD64_LWP_CBADDR: - case MSR_PPIN_CTL: - case MSR_PPIN: - case MSR_AMD_PPIN_CTL: - case MSR_AMD_PPIN: - /* Not offered to guests. */ - goto gp_fault; - case MSR_IA32_PLATFORM_ID: if ( !(cp->x86_vendor & X86_VENDOR_INTEL) || !(boot_cpu_data.x86_vendor & X86_VENDOR_INTEL) ) @@ -328,29 +305,6 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val) { uint64_t rsvd; - case MSR_IA32_PLATFORM_ID: - case MSR_CORE_CAPABILITIES: - case MSR_INTEL_CORE_THREAD_COUNT: - case MSR_INTEL_PLATFORM_INFO: - case MSR_ARCH_CAPABILITIES: - /* Read-only */ - case MSR_TEST_CTRL: - case MSR_TSX_FORCE_ABORT: - case MSR_TSX_CTRL: - case MSR_MCU_OPT_CTRL: - case MSR_RTIT_OUTPUT_BASE ... MSR_RTIT_ADDR_B(7): - case MSR_U_CET: - case MSR_S_CET: - case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE: - case MSR_AMD64_LWP_CFG: - case MSR_AMD64_LWP_CBADDR: - case MSR_PPIN_CTL: - case MSR_PPIN: - case MSR_AMD_PPIN_CTL: - case MSR_AMD_PPIN: - /* Not offered to guests. */ - goto gp_fault; - case MSR_AMD_PATCHLEVEL: BUILD_BUG_ON(MSR_IA32_UCODE_REV != MSR_AMD_PATCHLEVEL); /*