|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.6] nested vmx: Validate host VMX MSRs before accessing them
commit ec712ba0838b7d7fb11229d1a5ab42978c14a782
Author: Euan Harris <euan.harris@xxxxxxxxxx>
AuthorDate: Fri Aug 5 13:46:29 2016 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Fri Aug 5 13:46:29 2016 +0200
nested vmx: Validate host VMX MSRs before accessing them
Some VMX MSRs may not exist on certain processor models, or may
be disabled because of configuration settings. It is only safe to
access these MSRs if configuration flags in other MSRs are set. These
prerequisites are listed in the Intel 64 and IA-32 Architectures
Software Developerâ??s Manual, Vol 3, Appendix A.
nvmx_msr_read_intercept() does not check the prerequisites before
accessing MSR_IA32_VMX_PROCBASED_CTLS2, MSR_IA32_VMX_EPT_VPID_CAP,
MSR_IA32_VMX_VMFUNC on the host. Accessing these MSRs from a nested
VMX guest running on a host which does not support them will cause
Xen to crash with a GPF.
Signed-off-by: Euan Harris <euan.harris@xxxxxxxxxx>
Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
master commit: 5e02972646132ad98c365ebfcfcb43b40a0dde36
master date: 2016-06-13 12:44:32 +0100
---
xen/arch/x86/hvm/vmx/vvmx.c | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index b0d8054..19f8246 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1869,11 +1869,22 @@ int nvmx_msr_read_intercept(unsigned int msr, u64
*msr_content)
return 0;
/*
- * Those MSRs are available only when bit 55 of
- * MSR_IA32_VMX_BASIC is set.
+ * These MSRs are only available when flags in other MSRs are set.
+ * These prerequisites are listed in the Intel 64 and IA-32
+ * Architectures Software Developerâ??s Manual, Vol 3, Appendix A.
*/
switch ( msr )
{
+ case MSR_IA32_VMX_PROCBASED_CTLS2:
+ if ( !cpu_has_vmx_secondary_exec_control )
+ return 0;
+ break;
+
+ case MSR_IA32_VMX_EPT_VPID_CAP:
+ if ( !(cpu_has_vmx_ept || cpu_has_vmx_vpid) )
+ return 0;
+ break;
+
case MSR_IA32_VMX_TRUE_PINBASED_CTLS:
case MSR_IA32_VMX_TRUE_PROCBASED_CTLS:
case MSR_IA32_VMX_TRUE_EXIT_CTLS:
@@ -1881,6 +1892,11 @@ int nvmx_msr_read_intercept(unsigned int msr, u64
*msr_content)
if ( !(vmx_basic_msr & VMX_BASIC_DEFAULT1_ZERO) )
return 0;
break;
+
+ case MSR_IA32_VMX_VMFUNC:
+ if ( !cpu_has_vmx_vmfunc )
+ return 0;
+ break;
}
rdmsrl(msr, host_data);
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.6
_______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |