[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] x86/Intel: hide CPUID faulting capability from guests

To: "xen-devel" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Fri, 16 Sep 2016 00:32:28 -0600
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Kyle Huey <me@xxxxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>
Delivery-date: Fri, 16 Sep 2016 06:32:51 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

We don't currently emulate it, so guests should not be misguided to
believe they can (try to) use it.

For now, simply return zero to guests for platform MSR reads, and only
accept (by discarding) writes of zero. If ever there will be bits we
can safely expose to guests, let's handle them by white listing.

(As a side note - according to SDM version 059 bit 31 is reserved on
all known families.)

Reported-by: Kyle Huey <me@xxxxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -2699,6 +2699,13 @@ static int vmx_msr_read_intercept(unsign
         if ( vpmu_do_rdmsr(msr, msr_content) )
             goto gp_fault;
         break;
+
+    case MSR_INTEL_PLATFORM_INFO:
+        if ( rdmsr_safe(MSR_INTEL_PLATFORM_INFO, *msr_content) )
+            goto gp_fault;
+        *msr_content = 0;
+        break;
+
     default:
         if ( passive_domain_do_rdmsr(msr, msr_content) )
             goto done;
@@ -2918,6 +2925,13 @@ static int vmx_msr_write_intercept(unsig
          if ( vpmu_do_wrmsr(msr, msr_content, 0) )
             goto gp_fault;
         break;
+
+    case MSR_INTEL_PLATFORM_INFO:
+        if ( msr_content ||
+             rdmsr_safe(MSR_INTEL_PLATFORM_INFO, msr_content) )
+            goto gp_fault;
+        break;
+
     default:
         if ( passive_domain_do_wrmsr(msr, msr_content) )
             return X86EMUL_OKAY;
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2938,6 +2938,14 @@ static int emulate_privileged_op(struct
             if ( v->arch.debugreg[7] & DR7_ACTIVE_MASK )
                 wrmsrl(regs->_ecx, msr_content);
             break;
+
+        case MSR_INTEL_PLATFORM_INFO:
+            if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ||
+                 msr_content ||
+                 rdmsr_safe(MSR_INTEL_PLATFORM_INFO, msr_content) )
+                goto fail;
+            break;
+
         case MSR_P6_PERFCTR(0)...MSR_P6_PERFCTR(7):
         case MSR_P6_EVNTSEL(0)...MSR_P6_EVNTSEL(3):
         case MSR_CORE_PERF_FIXED_CTR0...MSR_CORE_PERF_FIXED_CTR2:
@@ -3066,6 +3074,14 @@ static int emulate_privileged_op(struct
             /* No extra capabilities are supported */
             regs->eax = regs->edx = 0;
             break;
+
+        case MSR_INTEL_PLATFORM_INFO:
+            if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ||
+                 rdmsr_safe(MSR_INTEL_PLATFORM_INFO, val) )
+                goto fail;
+            regs->eax = regs->edx = 0;
+            break;
+
         case MSR_P6_PERFCTR(0)...MSR_P6_PERFCTR(7):
         case MSR_P6_EVNTSEL(0)...MSR_P6_EVNTSEL(3):
         case MSR_CORE_PERF_FIXED_CTR0...MSR_CORE_PERF_FIXED_CTR2:

Attachment: x86-Intel-hide-CPUID-faulting.patch
Description: Text document

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] x86/Intel: hide CPUID faulting capability from guests
  - From: Tian, Kevin
- Re: [Xen-devel] [PATCH] x86/Intel: hide CPUID faulting capability from guests
  - From: Kyle Huey
- Re: [Xen-devel] [PATCH] x86/Intel: hide CPUID faulting capability from guests
  - From: Andrew Cooper

Prev by Date: [Xen-devel] [xen-unstable test] 100973: tolerable FAIL - PUSHED
Next by Date: Re: [Xen-devel] [PATCH v3 00/19] Make ACPI builder available to components other than hvmloader
Previous by thread: [Xen-devel] [xen-unstable test] 100973: tolerable FAIL - PUSHED
Next by thread: Re: [Xen-devel] [PATCH] x86/Intel: hide CPUID faulting capability from guests
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.