| Message ID | 05cc35aa-ebb0-1316-bbcc-790533f21b25@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v3] x86: explicitly disallow guest access to PPIN | expand |
On 20/12/2019 14:25, Jan Beulich wrote: > To fulfill the "protected" in its name, don't let the real hardware > values leak. While we could report a control register value expressing > this (which I would have preferred), unconditionally raise #GP for all > accesses (in the interest of getting this done). > > Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
--- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -136,6 +136,10 @@ int guest_rdmsr(struct vcpu *v, uint32_t case MSR_TSX_CTRL: case MSR_AMD64_LWP_CFG: case MSR_AMD64_LWP_CBADDR: + case MSR_PPIN_CTL: + case MSR_PPIN: + case MSR_AMD_PPIN_CTL: + case MSR_AMD_PPIN: /* Not offered to guests. */ goto gp_fault; @@ -279,6 +283,10 @@ int guest_wrmsr(struct vcpu *v, uint32_t case MSR_TSX_CTRL: case MSR_AMD64_LWP_CFG: case MSR_AMD64_LWP_CBADDR: + case MSR_PPIN_CTL: + case MSR_PPIN: + case MSR_AMD_PPIN_CTL: + case MSR_AMD_PPIN: /* Not offered to guests. */ goto gp_fault;
To fulfill the "protected" in its name, don't let the real hardware values leak. While we could report a control register value expressing this (which I would have preferred), unconditionally raise #GP for all accesses (in the interest of getting this done). Signed-off-by: Jan Beulich <jbeulich@suse.com> --- v3: Unconditional #GP in guest_rdmsr(). Adjust case label placement in guest_wrmsr(). v2: Use "cp" consistently. Re-base.