| Message ID | 20210730122625.112848-1-vkuznets@redhat.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | KVM: x86: hyper-v: Check if guest is allowed to use XMM registers for hypercall input | expand |
On 30/07/21 14:26, Vitaly Kuznetsov wrote: > "KVM: x86: hyper-v: Fine-grained access check to Hyper-V hypercalls and > MSRs" and "Add support for XMM fast hypercalls" series were developed > at the same time so the later landed without a proper feature bit check > for 'strict' (KVM_CAP_HYPERV_ENFORCE_CPUID) mode. Add it now. > > TLFS states that "Availability of the XMM fast hypercall interface is > indicated via the “Hypervisor Feature Identification” CPUID Leaf > (0x40000003, see section 2.4.4) ... Any attempt to use this interface > when the hypervisor does not indicate availability will result in a #UD > fault." > > Vitaly Kuznetsov (4): > KVM: x86: hyper-v: Check access to hypercall before reading XMM > registers > KVM: x86: Introduce trace_kvm_hv_hypercall_done() > KVM: x86: hyper-v: Check if guest is allowed to use XMM registers for > hypercall input > KVM: selftests: Test access to XMM fast hypercalls > > arch/x86/kvm/hyperv.c | 18 ++++++-- > arch/x86/kvm/trace.h | 15 +++++++ > .../selftests/kvm/include/x86_64/hyperv.h | 5 ++- > .../selftests/kvm/x86_64/hyperv_features.c | 41 +++++++++++++++++-- > 4 files changed, 71 insertions(+), 8 deletions(-) > Queued, thanks. Paolo
On 30/07/21 14:26, Vitaly Kuznetsov wrote: > "KVM: x86: hyper-v: Fine-grained access check to Hyper-V hypercalls and > MSRs" and "Add support for XMM fast hypercalls" series were developed > at the same time so the later landed without a proper feature bit check > for 'strict' (KVM_CAP_HYPERV_ENFORCE_CPUID) mode. Add it now. > > TLFS states that "Availability of the XMM fast hypercall interface is > indicated via the “Hypervisor Feature Identification” CPUID Leaf > (0x40000003, see section 2.4.4) ... Any attempt to use this interface > when the hypervisor does not indicate availability will result in a #UD > fault." > > Vitaly Kuznetsov (4): > KVM: x86: hyper-v: Check access to hypercall before reading XMM > registers > KVM: x86: Introduce trace_kvm_hv_hypercall_done() > KVM: x86: hyper-v: Check if guest is allowed to use XMM registers for > hypercall input > KVM: selftests: Test access to XMM fast hypercalls > > arch/x86/kvm/hyperv.c | 18 ++++++-- > arch/x86/kvm/trace.h | 15 +++++++ > .../selftests/kvm/include/x86_64/hyperv.h | 5 ++- > .../selftests/kvm/x86_64/hyperv_features.c | 41 +++++++++++++++++-- > 4 files changed, 71 insertions(+), 8 deletions(-) > Queued, thanks. Paolo
"KVM: x86: hyper-v: Fine-grained access check to Hyper-V hypercalls and MSRs" and "Add support for XMM fast hypercalls" series were developed at the same time so the later landed without a proper feature bit check for 'strict' (KVM_CAP_HYPERV_ENFORCE_CPUID) mode. Add it now. TLFS states that "Availability of the XMM fast hypercall interface is indicated via the “Hypervisor Feature Identification” CPUID Leaf (0x40000003, see section 2.4.4) ... Any attempt to use this interface when the hypervisor does not indicate availability will result in a #UD fault." Vitaly Kuznetsov (4): KVM: x86: hyper-v: Check access to hypercall before reading XMM registers KVM: x86: Introduce trace_kvm_hv_hypercall_done() KVM: x86: hyper-v: Check if guest is allowed to use XMM registers for hypercall input KVM: selftests: Test access to XMM fast hypercalls arch/x86/kvm/hyperv.c | 18 ++++++-- arch/x86/kvm/trace.h | 15 +++++++ .../selftests/kvm/include/x86_64/hyperv.h | 5 ++- .../selftests/kvm/x86_64/hyperv_features.c | 41 +++++++++++++++++-- 4 files changed, 71 insertions(+), 8 deletions(-)