diff mbox series

[RFC,15/22] KVM: x86: hyper-v: Honor HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE privilege bit

Message ID 20210413122630.975617-16-vkuznets@redhat.com (mailing list archive)
State New
Headers show
Series KVM: x86: hyper-v: Fine-grained access check to Hyper-V hypercalls and MSRs | expand

Commit Message

Vitaly Kuznetsov April 13, 2021, 12:26 p.m. UTC
Synthetic debugging MSRs (HV_X64_MSR_SYNDBG_CONTROL,
HV_X64_MSR_SYNDBG_STATUS, HV_X64_MSR_SYNDBG_SEND_BUFFER,
HV_X64_MSR_SYNDBG_RECV_BUFFER, HV_X64_MSR_SYNDBG_PENDING_BUFFER,
HV_X64_MSR_SYNDBG_OPTIONS) are only available to guest when
HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE bit is exposed.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
 arch/x86/kvm/hyperv.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
index 0678f1012ed7..1299847c89ba 100644
--- a/arch/x86/kvm/hyperv.c
+++ b/arch/x86/kvm/hyperv.c
@@ -312,7 +312,9 @@  static int syndbg_set_msr(struct kvm_vcpu *vcpu, u32 msr, u64 data, bool host)
 {
 	struct kvm_hv_syndbg *syndbg = to_hv_syndbg(vcpu);
 
-	if (!kvm_hv_is_syndbg_enabled(vcpu) && !host)
+	if (unlikely(!host && (!kvm_hv_is_syndbg_enabled(vcpu) ||
+			       !(to_hv_vcpu(vcpu)->cpuid_cache.features_edx &
+				 HV_FEATURE_DEBUG_MSRS_AVAILABLE))))
 		return 1;
 
 	trace_kvm_hv_syndbg_set_msr(vcpu->vcpu_id,
@@ -351,7 +353,9 @@  static int syndbg_get_msr(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata, bool host)
 {
 	struct kvm_hv_syndbg *syndbg = to_hv_syndbg(vcpu);
 
-	if (!kvm_hv_is_syndbg_enabled(vcpu) && !host)
+	if (unlikely(!host && (!kvm_hv_is_syndbg_enabled(vcpu) ||
+			       !(to_hv_vcpu(vcpu)->cpuid_cache.features_edx &
+				 HV_FEATURE_DEBUG_MSRS_AVAILABLE))))
 		return 1;
 
 	switch (msr) {