Xen project Mailing List

[xen master] x86/hvm: Enable guest access to MSR_PKRS

Date: Sun, 05 Feb 2023 04:18:06 +0000

Delivery-date: Sun, 05 Feb 2023 04:18:07 +0000

List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xenproject.org>

commit 59bbbb823d3d8aeff5615f7c9e2c2bd8a18b4ad5 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Tue Dec 14 16:51:28 2021 +0000 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Fri Jan 20 19:39:33 2023 +0000 x86/hvm: Enable guest access to MSR_PKRS Have guest_{rd,wr}msr(), via hvm_{get,set}_reg(), access either the live register, or stashed state, depending on context. Include MSR_PKRS for migration, and let the guest have full access. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> --- xen/arch/x86/hvm/hvm.c | 2 ++ xen/arch/x86/hvm/vmx/vmx.c | 17 +++++++++++++++++ xen/arch/x86/msr.c | 10 ++++++++++ 3 files changed, 29 insertions(+) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 927a221660..86cab7aa26 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -1333,6 +1333,7 @@ static int cf_check hvm_load_cpu_xsave_states( static const uint32_t msrs_to_send[] = { MSR_SPEC_CTRL, MSR_INTEL_MISC_FEATURES_ENABLES, + MSR_PKRS, MSR_IA32_BNDCFGS, MSR_IA32_XSS, MSR_VIRT_SPEC_CTRL, @@ -1486,6 +1487,7 @@ static int cf_check hvm_load_cpu_msrs(struct domain *d, hvm_domain_context_t *h) case MSR_SPEC_CTRL: case MSR_INTEL_MISC_FEATURES_ENABLES: + case MSR_PKRS: case MSR_IA32_BNDCFGS: case MSR_IA32_XSS: case MSR_VIRT_SPEC_CTRL: diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index d8525d3d3d..ade2a25ce7 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -793,6 +793,11 @@ static void cf_check vmx_cpuid_policy_changed(struct vcpu *v) else vmx_set_msr_intercept(v, MSR_FLUSH_CMD, VMX_MSR_RW); + if ( cp->feat.pks ) + vmx_clear_msr_intercept(v, MSR_PKRS, VMX_MSR_RW); + else + vmx_set_msr_intercept(v, MSR_PKRS, VMX_MSR_RW); + out: vmx_vmcs_exit(v); @@ -2582,6 +2587,7 @@ static uint64_t cf_check vmx_get_reg(struct vcpu *v, unsigned int reg) { const struct vcpu *curr = current; struct domain *d = v->domain; + const struct vcpu_msrs *msrs = v->arch.msrs; uint64_t val = 0; int rc; @@ -2598,6 +2604,9 @@ static uint64_t cf_check vmx_get_reg(struct vcpu *v, unsigned int reg) } return val; + case MSR_PKRS: + return (v == curr) ? rdpkrs() : msrs->pkrs; + case MSR_SHADOW_GS_BASE: if ( v != curr ) return v->arch.hvm.vmx.shadow_gs; @@ -2626,6 +2635,8 @@ static uint64_t cf_check vmx_get_reg(struct vcpu *v, unsigned int reg) static void cf_check vmx_set_reg(struct vcpu *v, unsigned int reg, uint64_t val) { + const struct vcpu *curr = current; + struct vcpu_msrs *msrs = v->arch.msrs; struct domain *d = v->domain; int rc; @@ -2641,6 +2652,12 @@ static void cf_check vmx_set_reg(struct vcpu *v, unsigned int reg, uint64_t val) domain_crash(d); } return; + + case MSR_PKRS: + msrs->pkrs = val; + if ( v == curr ) + wrpkrs(val); + return; } /* Logic which maybe requires remote VMCS acquisition. */ diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index 317b154d24..7ddf0078c3 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -325,6 +325,11 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val) *val = 0; break; + case MSR_PKRS: + if ( !cp->feat.pks ) + goto gp_fault; + goto get_reg; + case MSR_X2APIC_FIRST ... MSR_X2APIC_LAST: if ( !is_hvm_domain(d) || v != curr ) goto gp_fault; @@ -616,6 +621,11 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val) break; goto gp_fault; + case MSR_PKRS: + if ( !cp->feat.pks || val != (uint32_t)val ) + goto gp_fault; + goto set_reg; + case MSR_X2APIC_FIRST ... MSR_X2APIC_LAST: if ( !is_hvm_domain(d) || v != curr ) goto gp_fault; -- generated by git-patchbot for /home/xen/git/xen.git#master

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.