[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [PATCH v2 for-4.14] x86/msr: Disallow access to Processor Trace MSRs

> -----Original Message-----
> From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Sent: 26 June 2020 12:30
> To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
> Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>; Jan Beulich 
> <JBeulich@xxxxxxxx>; Wei Liu <wl@xxxxxxx>;
> Roger Pau Monné <roger.pau@xxxxxxxxxx>; Paul Durrant <paul@xxxxxxx>; Michał 
> Leszczyński
> <michal.leszczynski@xxxxxxx>
> Subject: [PATCH v2 for-4.14] x86/msr: Disallow access to Processor Trace MSRs
> 
> We do not expose the feature to guests, so should disallow access to the
> respective MSRs.  For simplicity, drop the entire block of MSRs, not just the
> subset which have been specified thus far.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> ---
> CC: Jan Beulich <JBeulich@xxxxxxxx>
> CC: Wei Liu <wl@xxxxxxx>
> CC: Roger Pau Monné <roger.pau@xxxxxxxxxx>
> CC: Paul Durrant <paul@xxxxxxx>
> CC: Michał Leszczyński <michal.leszczynski@xxxxxxx>
> 
> Paul: For 4.14.  This needs backporting to older trees as well.
> 
> v2:
>  * Drop the whole 0x560 => 0x58f block.

Looks ok to me.

Release-acked-by: Paul Durrant <paul@xxxxxxx>

> ---
>  xen/arch/x86/msr.c              | 2 ++
>  xen/include/asm-x86/msr-index.h | 8 ++++++++
>  2 files changed, 10 insertions(+)
> 
> diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
> index 0bfb5839b2..22f921cc71 100644
> --- a/xen/arch/x86/msr.c
> +++ b/xen/arch/x86/msr.c
> @@ -168,6 +168,7 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t 
> *val)
>      case MSR_TSX_FORCE_ABORT:
>      case MSR_TSX_CTRL:
>      case MSR_MCU_OPT_CTRL:
> +    case MSR_RTIT_OUTPUT_BASE ... MSR_RTIT_ADDR_B(7):
>      case MSR_U_CET:
>      case MSR_S_CET:
>      case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE:
> @@ -329,6 +330,7 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t 
> val)
>      case MSR_TSX_FORCE_ABORT:
>      case MSR_TSX_CTRL:
>      case MSR_MCU_OPT_CTRL:
> +    case MSR_RTIT_OUTPUT_BASE ... MSR_RTIT_ADDR_B(7):
>      case MSR_U_CET:
>      case MSR_S_CET:
>      case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE:
> diff --git a/xen/include/asm-x86/msr-index.h b/xen/include/asm-x86/msr-index.h
> index b328a47ed8..0fe98af923 100644
> --- a/xen/include/asm-x86/msr-index.h
> +++ b/xen/include/asm-x86/msr-index.h
> @@ -69,6 +69,14 @@
>  #define MSR_MCU_OPT_CTRL                    0x00000123
>  #define  MCU_OPT_CTRL_RNGDS_MITG_DIS        (_AC(1, ULL) <<  0)
> 
> +#define MSR_RTIT_OUTPUT_BASE                0x00000560
> +#define MSR_RTIT_OUTPUT_MASK                0x00000561
> +#define MSR_RTIT_CTL                        0x00000570
> +#define MSR_RTIT_STATUS                     0x00000571
> +#define MSR_RTIT_CR3_MATCH                  0x00000572
> +#define MSR_RTIT_ADDR_A(n)                 (0x00000580 + (n) * 2)
> +#define MSR_RTIT_ADDR_B(n)                 (0x00000581 + (n) * 2)
> +
>  #define MSR_U_CET                           0x000006a0
>  #define MSR_S_CET                           0x000006a2
>  #define  CET_SHSTK_EN                       (_AC(1, ULL) <<  0)
> --
> 2.11.0

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.