[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen stable-4.9] x86/pv: Hide more EFER bits from PV guests



commit cf264ebdeeb94286cd12cef201d305f784a6ae48
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Fri May 18 12:00:15 2018 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Fri May 18 12:00:15 2018 +0200

    x86/pv: Hide more EFER bits from PV guests
    
    We don't advertise SVM in CPUID so a PV guest shouldn't be under the
    impression that it can use SVM functionality, but despite this, it really
    shouldn't see SVME set when reading EFER.
    
    On Intel processors, 32bit PV guests don't see, and can't use SYSCALL.
    
    Introduce EFER_KNOWN_MASK to whitelist the features Xen knows about, and use
    this to clamp the guests view.
    
    Take the opportunity to reuse the mask to simplify svm_vmcb_isvalid(), and
    change "undefined" to "unknown" in the print message, as there is at least
    EFER.TCE (Translation Cache Extension) defined but unknown to Xen.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    master commit: 589263031c04e2ba527783b4e04e8df27d364769
    master date: 2018-05-07 11:52:57 +0100
---
 xen/arch/x86/traps.c            | 11 +++++++++--
 xen/include/asm-x86/msr-index.h |  3 +++
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 6b7d075d9f..b6add03691 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2558,9 +2558,16 @@ static int priv_op_read_msr(unsigned int reg, uint64_t 
*val,
         return X86EMUL_OKAY;
 
     case MSR_EFER:
-        *val = read_efer();
+        /* Hide unknown bits, and unconditionally hide SVME from guests. */
+        *val = read_efer() & EFER_KNOWN_MASK & ~EFER_SVME;
+        /*
+         * Hide the 64-bit features from 32-bit guests.  SCE has
+         * vendor-dependent behaviour.
+         */
         if ( is_pv_32bit_domain(currd) )
-            *val &= ~(EFER_LME | EFER_LMA | EFER_LMSLE);
+            *val &= ~(EFER_LME | EFER_LMA | EFER_LMSLE |
+                      (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL
+                       ? EFER_SCE : 0));
         return X86EMUL_OKAY;
 
     case MSR_K7_FID_VID_CTL:
diff --git a/xen/include/asm-x86/msr-index.h b/xen/include/asm-x86/msr-index.h
index 6aaf3035c5..9b0679e222 100644
--- a/xen/include/asm-x86/msr-index.h
+++ b/xen/include/asm-x86/msr-index.h
@@ -31,6 +31,9 @@
 #define EFER_LMSLE             (1<<_EFER_LMSLE)
 #define EFER_FFXSE             (1<<_EFER_FFXSE)
 
+#define EFER_KNOWN_MASK                (EFER_SCE | EFER_LME | EFER_LMA | 
EFER_NX | \
+                                EFER_SVME | EFER_LMSLE | EFER_FFXSE)
+
 /* Speculation Controls. */
 #define MSR_SPEC_CTRL                  0x00000048
 #define SPEC_CTRL_IBRS                 (_AC(1, ULL) << 0)
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.9

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.