[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen stable-4.7] x86/Intel: hide CPUID faulting capability from guests



commit dc57c1746b6e3c26f27ab106db662d13de35766f
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Wed Sep 28 16:52:04 2016 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Wed Sep 28 16:52:04 2016 +0200

    x86/Intel: hide CPUID faulting capability from guests
    
    We don't currently emulate it, so guests should not be misguided to
    believe they can (try to) use it.
    
    For now, simply return zero to guests for platform MSR reads, and only
    accept (by discarding) writes of zero. If ever there will be bits we
    can safely expose to guests, let's handle them by white listing.
    
    (As a side note - according to SDM version 059 bit 31 is reserved on
    all known families.)
    
    Reported-by: Kyle Huey <me@xxxxxxxxxxxx>
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxx>
    Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx>
    master commit: b982a5bea4273a4b9fc007d5046bed8d1669c07f
    master date: 2016-09-19 11:37:09 +0200
---
 xen/arch/x86/hvm/vmx/vmx.c | 14 ++++++++++++++
 xen/arch/x86/traps.c       | 16 ++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index 07e4b2b..63e99b6 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -2652,6 +2652,13 @@ static int vmx_msr_read_intercept(unsigned int msr, 
uint64_t *msr_content)
         if ( vpmu_do_rdmsr(msr, msr_content) )
             goto gp_fault;
         break;
+
+    case MSR_INTEL_PLATFORM_INFO:
+        if ( rdmsr_safe(MSR_INTEL_PLATFORM_INFO, *msr_content) )
+            goto gp_fault;
+        *msr_content = 0;
+        break;
+
     default:
         if ( passive_domain_do_rdmsr(msr, msr_content) )
             goto done;
@@ -2878,6 +2885,13 @@ static int vmx_msr_write_intercept(unsigned int msr, 
uint64_t msr_content)
          if ( vpmu_do_wrmsr(msr, msr_content, 0) )
             goto gp_fault;
         break;
+
+    case MSR_INTEL_PLATFORM_INFO:
+        if ( msr_content ||
+             rdmsr_safe(MSR_INTEL_PLATFORM_INFO, msr_content) )
+            goto gp_fault;
+        break;
+
     default:
         if ( passive_domain_do_wrmsr(msr, msr_content) )
             return X86EMUL_OKAY;
diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 91a37e9..872728e 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2856,6 +2856,14 @@ static int emulate_privileged_op(struct cpu_user_regs 
*regs)
             if ( v->arch.debugreg[7] & DR7_ACTIVE_MASK )
                 wrmsrl(regs->_ecx, msr_content);
             break;
+
+        case MSR_INTEL_PLATFORM_INFO:
+            if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ||
+                 msr_content ||
+                 rdmsr_safe(MSR_INTEL_PLATFORM_INFO, msr_content) )
+                goto fail;
+            break;
+
         case MSR_P6_PERFCTR(0)...MSR_P6_PERFCTR(7):
         case MSR_P6_EVNTSEL(0)...MSR_P6_EVNTSEL(3):
         case MSR_CORE_PERF_FIXED_CTR0...MSR_CORE_PERF_FIXED_CTR2:
@@ -2983,6 +2991,14 @@ static int emulate_privileged_op(struct cpu_user_regs 
*regs)
             /* No extra capabilities are supported */
             regs->eax = regs->edx = 0;
             break;
+
+        case MSR_INTEL_PLATFORM_INFO:
+            if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ||
+                 rdmsr_safe(MSR_INTEL_PLATFORM_INFO, val) )
+                goto fail;
+            regs->eax = regs->edx = 0;
+            break;
+
         case MSR_P6_PERFCTR(0)...MSR_P6_PERFCTR(7):
         case MSR_P6_EVNTSEL(0)...MSR_P6_EVNTSEL(3):
         case MSR_CORE_PERF_FIXED_CTR0...MSR_CORE_PERF_FIXED_CTR2:
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.7

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.