[xen staging-4.14] x86/msr: Disallow guest access to the RAPL MSRs

[patchbot@xxxxxxx]

commit d101b417b784a26326fc7800a79cc539ba570b79
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Thu Apr 23 13:05:46 2020 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Nov 10 17:43:29 2020 +0000

    x86/msr: Disallow guest access to the RAPL MSRs
    
    Researchers have demonstrated using the RAPL interface to perform a
    differential power analysis attack to recover AES keys used by other cores 
in
    the system.
    
    Furthermore, even privileged guests cannot use this interface correctly, due
    to MSR scope and vcpu scheduling issues.  The interface would want to be
    paravirtualised to be used sensibly.
    
    Disallow access to the RAPL MSRs completely, as well as other MSRs which
    potentially access fine grain power information.
    
    This is part of XSA-351.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
 xen/arch/x86/msr.c              | 18 ++++++++++++++++++
 xen/include/asm-x86/msr-index.h | 39 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+)

diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index 3db26faf08..aa107823ac 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arch/x86/msr.c
@@ -185,6 +185,13 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t 
*val)
     case MSR_TSX_CTRL:
     case MSR_MCU_OPT_CTRL:
     case MSR_RTIT_OUTPUT_BASE ... MSR_RTIT_ADDR_B(7):
+    case MSR_RAPL_POWER_UNIT:
+    case MSR_PKG_POWER_LIMIT  ... MSR_PKG_POWER_INFO:
+    case MSR_DRAM_POWER_LIMIT ... MSR_DRAM_POWER_INFO:
+    case MSR_PP0_POWER_LIMIT  ... MSR_PP0_POLICY:
+    case MSR_PP1_POWER_LIMIT  ... MSR_PP1_POLICY:
+    case MSR_PLATFORM_ENERGY_COUNTER:
+    case MSR_PLATFORM_POWER_LIMIT:
     case MSR_U_CET:
     case MSR_S_CET:
     case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE:
@@ -192,6 +199,8 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val)
     case MSR_AMD64_LWP_CBADDR:
     case MSR_PPIN_CTL:
     case MSR_PPIN:
+    case MSR_F15H_CU_POWER ... MSR_F15H_CU_MAX_POWER:
+    case MSR_AMD_RAPL_POWER_UNIT ... MSR_AMD_PKG_ENERGY_STATUS:
     case MSR_AMD_PPIN_CTL:
     case MSR_AMD_PPIN:
         /* Not offered to guests. */
@@ -369,6 +378,13 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val)
     case MSR_TSX_CTRL:
     case MSR_MCU_OPT_CTRL:
     case MSR_RTIT_OUTPUT_BASE ... MSR_RTIT_ADDR_B(7):
+    case MSR_RAPL_POWER_UNIT:
+    case MSR_PKG_POWER_LIMIT  ... MSR_PKG_POWER_INFO:
+    case MSR_DRAM_POWER_LIMIT ... MSR_DRAM_POWER_INFO:
+    case MSR_PP0_POWER_LIMIT  ... MSR_PP0_POLICY:
+    case MSR_PP1_POWER_LIMIT  ... MSR_PP1_POLICY:
+    case MSR_PLATFORM_ENERGY_COUNTER:
+    case MSR_PLATFORM_POWER_LIMIT:
     case MSR_U_CET:
     case MSR_S_CET:
     case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE:
@@ -376,6 +392,8 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val)
     case MSR_AMD64_LWP_CBADDR:
     case MSR_PPIN_CTL:
     case MSR_PPIN:
+    case MSR_F15H_CU_POWER ... MSR_F15H_CU_MAX_POWER:
+    case MSR_AMD_RAPL_POWER_UNIT ... MSR_AMD_PKG_ENERGY_STATUS:
     case MSR_AMD_PPIN_CTL:
     case MSR_AMD_PPIN:
         /* Not offered to guests. */
diff --git a/xen/include/asm-x86/msr-index.h b/xen/include/asm-x86/msr-index.h
index 0fe98af923..5e64ecff91 100644
--- a/xen/include/asm-x86/msr-index.h
+++ b/xen/include/asm-x86/msr-index.h
@@ -77,6 +77,38 @@
 #define MSR_RTIT_ADDR_A(n)                 (0x00000580 + (n) * 2)
 #define MSR_RTIT_ADDR_B(n)                 (0x00000581 + (n) * 2)
 
+/*
+ * Intel Runtime Average Power Limiting (RAPL) interface.  Power plane base
+ * addresses (MSR_*_POWER_LIMIT) are model specific, but have so-far been
+ * consistent since their introduction in SandyBridge.
+ *
+ * Offsets of functionality from the power plane base is architectural, but
+ * not all power planes support all functionality.
+ */
+#define MSR_RAPL_POWER_UNIT                 0x00000606
+
+#define MSR_PKG_POWER_LIMIT                 0x00000610
+#define MSR_PKG_ENERGY_STATUS               0x00000611
+#define MSR_PKG_PERF_STATUS                 0x00000613
+#define MSR_PKG_POWER_INFO                  0x00000614
+
+#define MSR_DRAM_POWER_LIMIT                0x00000618
+#define MSR_DRAM_ENERGY_STATUS              0x00000619
+#define MSR_DRAM_PERF_STATUS                0x0000061b
+#define MSR_DRAM_POWER_INFO                 0x0000061c
+
+#define MSR_PP0_POWER_LIMIT                 0x00000638
+#define MSR_PP0_ENERGY_STATUS               0x00000639
+#define MSR_PP0_POLICY                      0x0000063a
+
+#define MSR_PP1_POWER_LIMIT                 0x00000640
+#define MSR_PP1_ENERGY_STATUS               0x00000641
+#define MSR_PP1_POLICY                      0x00000642
+
+/* Intel Platform-wide power interface. */
+#define MSR_PLATFORM_ENERGY_COUNTER         0x0000064d
+#define MSR_PLATFORM_POWER_LIMIT            0x0000065c
+
 #define MSR_U_CET                           0x000006a0
 #define MSR_S_CET                           0x000006a2
 #define  CET_SHSTK_EN                       (_AC(1, ULL) <<  0)
@@ -92,6 +124,13 @@
 #define  PASID_PASID_MASK                   0x000fffff
 #define  PASID_VALID                        (_AC(1, ULL) << 31)
 
+#define MSR_F15H_CU_POWER                   0xc001007a
+#define MSR_F15H_CU_MAX_POWER               0xc001007b
+
+#define MSR_AMD_RAPL_POWER_UNIT             0xc0010299
+#define MSR_AMD_CORE_ENERGY_STATUS          0xc001029a
+#define MSR_AMD_PKG_ENERGY_STATUS           0xc001029b
+
 /*
  * Legacy MSR constants in need of cleanup.  No new MSRs below this comment.
  */
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.14