From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jim Mattson Subject: [PATCH 1/3] kvm: vmx: Do not disable intercepts for BNDCFGS Date: Tue, 23 May 2017 11:52:52 -0700 Message-ID: <20170523185254.98780-1-jmattson@google.com> Cc: Jim Mattson To: kvm@vger.kernel.org Return-path: Received: from mail-pf0-f178.google.com ([209.85.192.178]:33409 "EHLO mail-pf0-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1763289AbdEWSxm (ORCPT ); Tue, 23 May 2017 14:53:42 -0400 Received: by mail-pf0-f178.google.com with SMTP id e193so123069836pfh.0 for ; Tue, 23 May 2017 11:53:42 -0700 (PDT) Sender: kvm-owner@vger.kernel.org List-ID: The MSR permission bitmaps are shared by all VMs. However, some VMs may not be configured to support MPX, even when the host does. If the host supports VMX and the guest does not, we should intercept accesses to the BNDCFGS MSR, so that we can synthesize a #GP fault. Furthermore, if the host does not support MPX and the "ignore_msrs" kvm kernel parameter is set, then we should intercept accesses to the BNDCFGS MSR, so that we can skip over the rdmsr/wrmsr without raising a #GP fault. Fixes: da8999d31818fdc8 ("KVM: x86: Intel MPX vmx and msr handle") Signed-off-by: Jim Mattson --- arch/x86/kvm/vmx.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index c6f4ad44aa95..763d27ee00fb 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -6547,7 +6547,6 @@ static __init int hardware_setup(void) vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_CS, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_ESP, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_EIP, false); - vmx_disable_intercept_for_msr(MSR_IA32_BNDCFGS, true); memcpy(vmx_msr_bitmap_legacy_x2apic_apicv, vmx_msr_bitmap_legacy, PAGE_SIZE); -- 2.13.0.219.gdb65acc882-goog