[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.7] x86/vvmx: Fix WRMSR interception of VMX MSRs
commit bc37a36ab1bcd879740523515615f61ba2bde6c0 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Tue Oct 24 16:43:43 2017 +0200 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Tue Oct 24 16:43:43 2017 +0200 x86/vvmx: Fix WRMSR interception of VMX MSRs FEATURE_CONTROL is already read with LOCK bit set (so is unmodifiable), and all VMX MSRs are read-only. Also, fix the MSR_IA32_VMX_TRUE_ENTRY_CTLS bound to be MSR_IA32_VMX_VMFUNC, rather than having the intervening MSRs falling into the default case. Raise #GP faults if the guest tries to modify any of them. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx> master commit: 46c3acb308bf0cd044b114e637aacaf18b957618 master date: 2017-06-30 11:27:50 +0100 --- xen/arch/x86/hvm/vmx/vmx.c | 8 ++++---- xen/arch/x86/hvm/vmx/vvmx.c | 6 ------ xen/include/asm-x86/hvm/vmx/vvmx.h | 2 -- 3 files changed, 4 insertions(+), 12 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 012227f..a924020 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -2918,10 +2918,10 @@ static int vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content) goto gp_fault; break; case IA32_FEATURE_CONTROL_MSR: - case MSR_IA32_VMX_BASIC...MSR_IA32_VMX_TRUE_ENTRY_CTLS: - if ( !nvmx_msr_write_intercept(msr, msr_content) ) - goto gp_fault; - break; + case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC: + /* None of these MSRs are writeable. */ + goto gp_fault; + case MSR_P6_PERFCTR(0)...MSR_P6_PERFCTR(7): case MSR_P6_EVNTSEL(0)...MSR_P6_EVNTSEL(7): case MSR_CORE_PERF_FIXED_CTR0...MSR_CORE_PERF_FIXED_CTR2: diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c index 50788ce..314fec4 100644 --- a/xen/arch/x86/hvm/vmx/vvmx.c +++ b/xen/arch/x86/hvm/vmx/vvmx.c @@ -2028,12 +2028,6 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content) return r; } -int nvmx_msr_write_intercept(unsigned int msr, u64 msr_content) -{ - /* silently ignore for now */ - return 1; -} - /* This function uses L2_gpa to walk the P2M page table in L1. If the * walk is successful, the translated value is returned in * L1_gpa. The result value tells what to do next. diff --git a/xen/include/asm-x86/hvm/vmx/vvmx.h b/xen/include/asm-x86/hvm/vmx/vvmx.h index aca8b4b..e781d96 100644 --- a/xen/include/asm-x86/hvm/vmx/vvmx.h +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h @@ -210,8 +210,6 @@ int nvmx_handle_invept(struct cpu_user_regs *regs); int nvmx_handle_invvpid(struct cpu_user_regs *regs); int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content); -int nvmx_msr_write_intercept(unsigned int msr, - u64 msr_content); void nvmx_update_exec_control(struct vcpu *v, u32 value); void nvmx_update_secondary_exec_control(struct vcpu *v, -- generated by git-patchbot for /home/xen/git/xen.git#stable-4.7 _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx https://lists.xenproject.org/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |