From: Alexander Graf <graf@amazon.com>
To: kvm list <kvm@vger.kernel.org>
Cc: Sean Christopherson <sean.j.christopherson@intel.com>,
Aaron Lewis <aaronlewis@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Jonathan Corbet <corbet@lwn.net>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
KarimAllah Raslan <karahmed@amazon.de>,
Dan Carpenter <dan.carpenter@oracle.com>,
<linux-doc@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: [PATCH v7 2/7] KVM: x86: Add infrastructure for MSR filtering
Date: Wed, 16 Sep 2020 22:29:46 +0200 [thread overview]
Message-ID: <20200916202951.23760-3-graf@amazon.com> (raw)
In-Reply-To: <20200916202951.23760-1-graf@amazon.com>
In the following commits we will add pieces of MSR filtering.
To ensure that code compiles even with the feature half-merged, let's add
a few stubs and struct definitions before the real patches start.
Signed-off-by: Alexander Graf <graf@amazon.com>
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/include/uapi/asm/kvm.h | 2 ++
arch/x86/kvm/x86.c | 6 ++++++
arch/x86/kvm/x86.h | 1 +
4 files changed, 10 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 12c3f048f18b..9bc4fa34c90b 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1230,6 +1230,7 @@ struct kvm_x86_ops {
int (*enable_direct_tlbflush)(struct kvm_vcpu *vcpu);
void (*migrate_timers)(struct kvm_vcpu *vcpu);
+ void (*msr_filter_changed)(struct kvm_vcpu *vcpu);
};
struct kvm_x86_nested_ops {
diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
index 0780f97c1850..50650cfd235a 100644
--- a/arch/x86/include/uapi/asm/kvm.h
+++ b/arch/x86/include/uapi/asm/kvm.h
@@ -192,6 +192,8 @@ struct kvm_msr_list {
__u32 indices[0];
};
+#define KVM_MSR_ALLOW_READ (1 << 0)
+#define KVM_MSR_ALLOW_WRITE (1 << 1)
struct kvm_cpuid_entry {
__u32 function;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 3aea25fa9f00..99234244d97b 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1487,6 +1487,12 @@ void kvm_enable_efer_bits(u64 mask)
}
EXPORT_SYMBOL_GPL(kvm_enable_efer_bits);
+bool kvm_msr_allowed(struct kvm_vcpu *vcpu, u32 index, u32 type)
+{
+ return true;
+}
+EXPORT_SYMBOL_GPL(kvm_msr_allowed);
+
/*
* Write @data into the MSR specified by @index. Select MSR specific fault
* checks are bypassed if @host_initiated is %true.
diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index 941f288c38aa..3900ab0c6004 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -374,6 +374,7 @@ bool kvm_vcpu_exit_request(struct kvm_vcpu *vcpu);
int kvm_handle_memory_failure(struct kvm_vcpu *vcpu, int r,
struct x86_exception *e);
int kvm_handle_invpcid(struct kvm_vcpu *vcpu, unsigned long type, gva_t gva);
+bool kvm_msr_allowed(struct kvm_vcpu *vcpu, u32 index, u32 type);
#define KVM_MSR_RET_INVALID 2
--
2.28.0.394.ge197136389
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
next prev parent reply other threads:[~2020-09-16 20:33 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-16 20:29 [PATCH v7 0/7] Allow user space to restrict and augment MSR emulation Alexander Graf
2020-09-16 20:29 ` [PATCH v7 1/7] KVM: x86: Deflect unknown MSR accesses to user space Alexander Graf
2020-09-16 20:29 ` Alexander Graf [this message]
2020-09-16 20:29 ` [PATCH v7 3/7] KVM: x86: Prepare MSR bitmaps for userspace tracked MSRs Alexander Graf
2020-09-16 20:29 ` [PATCH v7 4/7] KVM: x86: SVM: Prevent MSR passthrough when MSR access is denied Alexander Graf
2020-09-16 20:29 ` [PATCH v7 5/7] KVM: x86: VMX: " Alexander Graf
2020-09-16 20:29 ` [PATCH v7 6/7] KVM: x86: Introduce MSR filtering Alexander Graf
2020-09-17 21:03 ` Aaron Lewis
2020-09-16 20:29 ` [PATCH v7 7/7] KVM: selftests: Add test for user space MSR handling Alexander Graf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200916202951.23760-3-graf@amazon.com \
--to=graf@amazon.com \
--cc=aaronlewis@google.com \
--cc=corbet@lwn.net \
--cc=dan.carpenter@oracle.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=karahmed@amazon.de \
--cc=kvm@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.