[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] x86: tighten conditions under which writing certain MSRs is permitted

To: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxxxx>
Date: Thu, 10 Feb 2011 13:57:30 +0000
Delivery-date: Thu, 10 Feb 2011 05:58:15 -0800
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

MSRs that control physical CPU aspects generally are pointless (and
possibly dangerous) to be written when the writer isn't sufficiently
aware that it's running virtualized.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>

--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2282,7 +2282,7 @@ static int emulate_privileged_op(struct 
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
                  boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
                 goto fail;
-            if ( !IS_PRIV(v->domain) )
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
                 break;
             if ( (rdmsr_safe(MSR_AMD64_NB_CFG, val) != 0) ||
                  (eax != (uint32_t)val) ||
@@ -2295,7 +2295,7 @@ static int emulate_privileged_op(struct 
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
                  boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
                 goto fail;
-            if ( !IS_PRIV(v->domain) )
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
                 break;
             if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, val) != 0) )
                 goto fail;
@@ -2317,6 +2317,8 @@ static int emulate_privileged_op(struct 
         case MSR_IA32_UCODE_REV:
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
                 goto fail;
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
+                break;
             if ( rdmsr_safe(regs->ecx, val) )
                 goto fail;
             if ( msr_content )
@@ -2324,7 +2326,7 @@ static int emulate_privileged_op(struct 
             break;
         case MSR_IA32_MISC_ENABLE:
             if ( rdmsr_safe(regs->ecx, val) )
-                goto invalid;
+                goto fail;
             val = guest_misc_enable(val);
             if ( msr_content != val )
                 goto invalid;
@@ -2351,7 +2353,7 @@ static int emulate_privileged_op(struct 
         case MSR_IA32_ENERGY_PERF_BIAS:
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
                 goto fail;
-            if ( (v->domain->domain_id != 0) || !is_pinned_vcpu(v) )
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
                 break;
             if ( wrmsr_safe(regs->ecx, msr_content) != 0 )
                 goto fail;

Attachment: x86-adjust-guest-wrmsr.patch
Description: Text document

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Prev by Date: [Xen-devel] [PATCH] ix86: re-do permanent disabling of x2apic
Next by Date: [Xen-devel] [PATCH] x86: suppress HPET broadcast initialization in the presence of ARAT
Previous by thread: [Xen-devel] [PATCH] ix86: re-do permanent disabling of x2apic
Next by thread: [Xen-devel] [PATCH] x86: suppress HPET broadcast initialization in the presence of ARAT
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.