[RFC,v5,13/20] kvm: x86: hook in kvmi_msr_event()

Message ID	20181220182850.4579-14-alazar@bitdefender.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@kernel.org> From: =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com> To: kvm@vger.kernel.org Cc: Paolo Bonzini <pbonzini@redhat.com>, =?utf-8?b?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>, =?utf-8?q?Mihai_Don?= =?utf-8?q?=C8=9Bu?= <mdontu@bitdefender.com>, =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com>, =?utf-8?b?Tmlj?= =?utf-8?b?dciZb3IgQ8OuyJt1?= <ncitu@bitdefender.com> Subject: [RFC PATCH v5 13/20] kvm: x86: hook in kvmi_msr_event() Date: Thu, 20 Dec 2018 20:28:43 +0200 Message-Id: <20181220182850.4579-14-alazar@bitdefender.com> In-Reply-To: <20181220182850.4579-1-alazar@bitdefender.com> References: <20181220182850.4579-1-alazar@bitdefender.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: kvm-owner@vger.kernel.org Precedence: bulk
Series	VM introspection \| expand [RFC,v5,00/20] VM introspection [RFC,v5,01/20] kvm: document the VM introspection API [RFC,v5,02/20] kvm: document the VM introspection ioctl-s and capability [RFC,v5,03/20] kvm: document the VM introspection hypercalls [RFC,v5,04/20] kvm: add the VM introspection API/ABI headers [RFC,v5,05/20] kvm: x86: do not unconditionally patch the hypercall instruction during emulation [RFC,v5,06/20] mm: add support for remote mapping [RFC,v5,07/20] add memory map/unmap support for VM introspection on the guest side [RFC,v5,08/20] kvm: page track: add support for preread, prewrite and preexec [RFC,v5,09/20] kvm: extend to accomodate the VM introspection subsystem [RFC,v5,10/20] kvm: x86: add tracepoints for interrupt and exception injections [RFC,v5,12/20] kvm: x86: hook in the VM introspection subsystem [RFC,v5,13/20] kvm: x86: hook in kvmi_msr_event() [RFC,v5,14/20] kvm: x86: hook in kvmi_breakpoint_event() [RFC,v5,15/20] kvm: x86: intercept accesses to IDTR, GDTR, LDTR and TR [RFC,v5,16/20] kvm: x86: hook the single-step events [RFC,v5,17/20] kvm: x86: hook in kvmi_cr_event() [RFC,v5,18/20] kvm: x86: hook in kvmi_xsetbv_event() [RFC,v5,19/20] kvm: x86: handle the introspection hypercalls [RFC,v5,20/20] kvm: x86: hook in kvmi_trap_event()

Message ID

20181220182850.4579-14-alazar@bitdefender.com (mailing list archive)

State

New, archived

Headers

From: =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com>
To: kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
 =?utf-8?b?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>, =?utf-8?q?Mihai_Don?=
	=?utf-8?q?=C8=9Bu?= <mdontu@bitdefender.com>,
 =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com>, =?utf-8?b?Tmlj?=
	=?utf-8?b?dciZb3IgQ8OuyJt1?= <ncitu@bitdefender.com>
Subject: [RFC PATCH v5 13/20] kvm: x86: hook in kvmi_msr_event()
Date: Thu, 20 Dec 2018 20:28:43 +0200
Message-Id: <20181220182850.4579-14-alazar@bitdefender.com>
In-Reply-To: <20181220182850.4579-1-alazar@bitdefender.com>
References: <20181220182850.4579-1-alazar@bitdefender.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: kvm-owner@vger.kernel.org
Precedence: bulk

Series

VM introspection | expand

Commit Message

Adalbert Lazăr Dec. 20, 2018, 6:28 p.m. UTC

Inform the guest introspection tool that an MSR is going to be changed.

The kvmi_msr_event() function will check a bitmap of MSR-s of interest
(configured via a KVMI_CONTROL_EVENTS(KVMI_MSR_CONTROL) request) and, if
the new value differs from the previous one, it will generate a
notification. The introspection tool can respond by allowing the guest
to continue with normal execution or by discarding the change.

This is meant to prevent malicious changes to MSR-s such as
MSR_IA32_SYSENTER_EIP.

The patch ensures that write access tracking of these MSR-s of interest
is not disabled.

Signed-off-by: Mihai Donțu <mdontu@bitdefender.com>
Signed-off-by: Nicușor Cîțu <ncitu@bitdefender.com>
---
 arch/x86/kvm/svm.c | 5 +++++
 arch/x86/kvm/vmx.c | 5 +++++
 arch/x86/kvm/x86.c | 3 +++
 3 files changed, 13 insertions(+)

diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 766578401d1c..d6c7680e224b 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -1066,6 +1066,11 @@  static void set_msr_interception(struct vcpu_svm *svm,
 	unsigned long tmp;
 	u32 offset;
 
+#ifdef CONFIG_KVM_INTROSPECTION
+	if (!write && kvmi_monitored_msr(&svm->vcpu, msr))
+		return;
+#endif /* CONFIG_KVM_INTROSPECTION */
+
 	/*
 	 * If this warning triggers extend the direct_access_msrs list at the
 	 * beginning of the file
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index e9de89bd7f1c..fd92267a7a65 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -5967,6 +5967,11 @@  static __always_inline void vmx_disable_intercept_for_msr(struct kvm_vcpu *vcpu,
 	if (!cpu_has_vmx_msr_bitmap())
 		return;
 
+#ifdef CONFIG_KVM_INTROSPECTION
+	if ((type & MSR_TYPE_W) && kvmi_monitored_msr(vcpu, msr))
+		return;
+#endif /* CONFIG_KVM_INTROSPECTION */
+
 	if (static_branch_unlikely(&enable_evmcs))
 		evmcs_touch_msr_bitmap();
 
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index f073fe596244..6ab052fdb786 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1301,6 +1301,9 @@  EXPORT_SYMBOL_GPL(kvm_enable_efer_bits);
  */
 int kvm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
 {
+	if (!kvmi_msr_event(vcpu, msr))
+		return 1;
+
 	switch (msr->index) {
 	case MSR_FS_BASE:
 	case MSR_GS_BASE:

[RFC,v5,13/20] kvm: x86: hook in kvmi_msr_event()

Commit Message

Patch