Re: [Xen-devel] [PATCH] x86: ignore guest microcode loading attempts

["Jan Beulich" <JBeulich@xxxxxxxx>]

>>> On 15.03.18 at 10:59, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 13/03/18 10:13, Jan Beulich wrote:
>> --- a/xen/arch/x86/msr.c
>> +++ b/xen/arch/x86/msr.c
>> @@ -147,6 +147,8 @@ int guest_rdmsr(const struct vcpu *v, ui
>>  
>>      switch ( msr )
>>      {
>> +    case MSR_AMD_PATCHLOADER:
>> +    case MSR_IA32_UCODE_WRITE:
>>      case MSR_PRED_CMD:
> 
> I've been keeping the labels in numeric order (grouped by
> read/write-only status where applicable) on the expectation that you'd
> insist on them being in numeric order.

Oh, that's sort of unexpected - when the numbers aren't visible,
and when it's not likely that readers would easily be able to associate
them, it looked more reasonable to me to sort alphabetically.

>> @@ -200,6 +202,16 @@ int guest_wrmsr(struct vcpu *v, uint32_t
>>          /* Read-only */
>>          goto gp_fault;
>>  
>> +    case MSR_AMD_PATCHLOADER:
>> +        if ( d->arch.cpuid->x86_vendor != X86_VENDOR_AMD )
>> +            goto gp_fault;
>> +        break;
>> +
>> +    case MSR_IA32_UCODE_WRITE:
>> +        if ( d->arch.cpuid->x86_vendor != X86_VENDOR_INTEL )
>> +            goto gp_fault;
> 
> Can we leave a note here that Windows at least on some hardware loads
> microcode before setting up an IDT/GDT, and will triple fault if we hand
> it back #GP.

Will do.

>  Ignoring the write means windows will see the same
> microcode version after the load attempt, and conclude that it didn't
> succeed?

That's what I imply. After all things have worked before, where
we also silently dropped these writes.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel