x86/hvm: Permit guests direct access to MSR_{SPEC_CTRL,PRED_CMD}

author Andrew Cooper <andrew.cooper3@citrix.com>

Wed, 14 Feb 2018 12:40:38 +0000 (13:40 +0100)

committer Jan Beulich <jbeulich@suse.com>

Wed, 14 Feb 2018 12:40:38 +0000 (13:40 +0100)
author Andrew Cooper <andrew.cooper3@citrix.com>
Wed, 14 Feb 2018 12:40:38 +0000 (13:40 +0100)
committer Jan Beulich <jbeulich@suse.com>
Wed, 14 Feb 2018 12:40:38 +0000 (13:40 +0100)
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c

index 7b5154228633bd1c7593886fd1b298e314fff078..d84e150324235ce298a8f045698cf61da24d02a4 100644 (file)
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -1043,6 +1043,19 @@ static void noreturn svm_do_resume(struct vcpu *v)
      if ( nestedhvm_enabled(v->domain) && nestedhvm_vcpu_in_guestmode(v) )
          vcpu_guestmode = 1;
  
+    if ( !(v->arch.flags & TF_launched) )
+    {
+        uint32_t ebx, dummy;
+
+        /* Give access to MSR_PRED_CMD if the guest has been told about it. */
+        domain_cpuid(v->domain, 0x80000008, 0, &dummy, &ebx, &dummy, &dummy);
+        svm_intercept_msr(v, MSR_PRED_CMD,
+                          ebx & cpufeat_mask(X86_FEATURE_IBPB)
+                          ? MSR_INTERCEPT_NONE : MSR_INTERCEPT_RW);
+
+        v->arch.flags |= TF_launched;
+    }
+
      if ( !vcpu_guestmode &&
          unlikely(v->arch.hvm_vcpu.debug_state_latch != debug_state) )
      {
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c

index b297a91a8f4a756d7eba4dc46ccb23eba7049e2a..cf15a628985d679272d7309558c3a479de8b10a8 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -1664,6 +1664,36 @@ void vmx_do_resume(struct vcpu *v)
          hvm_asid_flush_vcpu(v);
      }
  
+    if ( !(v->arch.flags & TF_launched) )
+    {
+        uint32_t _7d0, e8b, dummy;
+
+        domain_cpuid(v->domain, 7, 0, &dummy, &dummy, &dummy, &_7d0);
+        domain_cpuid(v->domain, 0x80000008, 0, &dummy, &e8b, &dummy, &dummy);
+
+        /*
+         * We can safely pass MSR_SPEC_CTRL through to the guest, even if STIBP
+         * isn't enumerated in hardware, as SPEC_CTRL_STIBP is ignored.
+         */
+        if ( _7d0 & cpufeat_mask(X86_FEATURE_IBRSB) )
+            vmx_disable_intercept_for_msr(v, MSR_SPEC_CTRL,
+                                          MSR_TYPE_R | MSR_TYPE_W);
+        else
+            vmx_enable_intercept_for_msr(v, MSR_SPEC_CTRL,
+                                         MSR_TYPE_R | MSR_TYPE_W);
+
+        /* MSR_PRED_CMD is safe to pass through if the guest knows about it. */
+        if ( (_7d0 & cpufeat_mask(X86_FEATURE_IBRSB)) ||
+             (e8b & cpufeat_mask(X86_FEATURE_IBPB)) )
+            vmx_disable_intercept_for_msr(v, MSR_PRED_CMD,
+                                          MSR_TYPE_R | MSR_TYPE_W);
+        else
+            vmx_enable_intercept_for_msr(v, MSR_PRED_CMD,
+                                         MSR_TYPE_R | MSR_TYPE_W);
+
+        v->arch.flags |= TF_launched;
+    }
+
      debug_state = v->domain->debugger_attached
                    || v->domain->arch.monitor.software_breakpoint_enabled
                    || v->domain->arch.monitor.singlestep_enabled;
diff --git a/xen/include/asm-x86/processor.h b/xen/include/asm-x86/processor.h

index 246db8f6838bb016e0cd9623564139a7f9420403..cd8ad52949dd1426f940158bc681410edbed2636 100644 (file)
--- a/xen/include/asm-x86/processor.h
+++ b/xen/include/asm-x86/processor.h
@@ -133,6 +133,8 @@
  /* 'arch_vcpu' flags values */
  #define _TF_kernel_mode        0
  #define TF_kernel_mode         (1<<_TF_kernel_mode)
+#define _TF_launched           1
+#define TF_launched            (1u << _TF_launched)
  
  /* #PF error code values. */
  #define PFEC_page_present   (_AC(1,U) << 0)
author	Andrew Cooper <andrew.cooper3@citrix.com>
	Wed, 14 Feb 2018 12:40:38 +0000 (13:40 +0100)
committer	Jan Beulich <jbeulich@suse.com>
	Wed, 14 Feb 2018 12:40:38 +0000 (13:40 +0100)
xen/arch/x86/hvm/svm/svm.c		patch \| blob \| blame \| history
xen/arch/x86/hvm/vmx/vmcs.c		patch \| blob \| blame \| history
xen/include/asm-x86/processor.h		patch \| blob \| blame \| history