[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86: ignore guest microcode loading attempts
>>> On 15.03.18 at 12:03, <andrew.cooper3@xxxxxxxxxx> wrote: > On 15/03/18 10:40, Jan Beulich wrote: >> >>>> @@ -200,6 +202,16 @@ int guest_wrmsr(struct vcpu *v, uint32_t >>>> /* Read-only */ >>>> goto gp_fault; >>>> >>>> + case MSR_AMD_PATCHLOADER: >>>> + if ( d->arch.cpuid->x86_vendor != X86_VENDOR_AMD ) >>>> + goto gp_fault; >>>> + break; >>>> + >>>> + case MSR_IA32_UCODE_WRITE: >>>> + if ( d->arch.cpuid->x86_vendor != X86_VENDOR_INTEL ) >>>> + goto gp_fault; >>> Can we leave a note here that Windows at least on some hardware loads >>> microcode before setting up an IDT/GDT, and will triple fault if we hand >>> it back #GP. >> Will do. >> >>> Ignoring the write means windows will see the same >>> microcode version after the load attempt, and conclude that it didn't >>> succeed? >> That's what I imply. After all things have worked before, where >> we also silently dropped these writes. > > Actually, on further investigation, we've always had a read_safe() test > for PV, which means that PV guests have always unilaterally seen #GP. > Can we retain that behaviour please? Well, that's exactly what I wanted to gather opinions on by having written: "What I'm unsure about is whether we want to ignore such writes also for PV guests. If not, at least the WRMSR change would need to move into hvm/hvm.c." I've just sent v2, but I can certainly send v3 with the WRMSR side code moved (to be honest I'm not convinced we want all sorts of is_{hvm,pv}_{domain,vcpu}() checks in guest_{rd,wr}msr(), but if that was your plan, then the code could also stay where it is). Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |