* [PATCH] x86: tighten conditions under which writing certain MSRs is permitted
@ 2011-02-10 13:57 Jan Beulich
0 siblings, 0 replies; only message in thread
From: Jan Beulich @ 2011-02-10 13:57 UTC (permalink / raw)
To: xen-devel
[-- Attachment #1: Type: text/plain, Size: 2412 bytes --]
MSRs that control physical CPU aspects generally are pointless (and
possibly dangerous) to be written when the writer isn't sufficiently
aware that it's running virtualized.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2282,7 +2282,7 @@ static int emulate_privileged_op(struct
if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
goto fail;
- if ( !IS_PRIV(v->domain) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( (rdmsr_safe(MSR_AMD64_NB_CFG, val) != 0) ||
(eax != (uint32_t)val) ||
@@ -2295,7 +2295,7 @@ static int emulate_privileged_op(struct
if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
goto fail;
- if ( !IS_PRIV(v->domain) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, val) != 0) )
goto fail;
@@ -2317,6 +2317,8 @@ static int emulate_privileged_op(struct
case MSR_IA32_UCODE_REV:
if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
goto fail;
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
+ break;
if ( rdmsr_safe(regs->ecx, val) )
goto fail;
if ( msr_content )
@@ -2324,7 +2326,7 @@ static int emulate_privileged_op(struct
break;
case MSR_IA32_MISC_ENABLE:
if ( rdmsr_safe(regs->ecx, val) )
- goto invalid;
+ goto fail;
val = guest_misc_enable(val);
if ( msr_content != val )
goto invalid;
@@ -2351,7 +2353,7 @@ static int emulate_privileged_op(struct
case MSR_IA32_ENERGY_PERF_BIAS:
if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
goto fail;
- if ( (v->domain->domain_id != 0) || !is_pinned_vcpu(v) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( wrmsr_safe(regs->ecx, msr_content) != 0 )
goto fail;
[-- Attachment #2: x86-adjust-guest-wrmsr.patch --]
[-- Type: text/plain, Size: 2406 bytes --]
MSRs that control physical CPU aspects generally are pointless (and
possibly dangerous) to be written when the writer isn't sufficiently
aware that it's running virtualized.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2282,7 +2282,7 @@ static int emulate_privileged_op(struct
if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
goto fail;
- if ( !IS_PRIV(v->domain) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( (rdmsr_safe(MSR_AMD64_NB_CFG, val) != 0) ||
(eax != (uint32_t)val) ||
@@ -2295,7 +2295,7 @@ static int emulate_privileged_op(struct
if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
goto fail;
- if ( !IS_PRIV(v->domain) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, val) != 0) )
goto fail;
@@ -2317,6 +2317,8 @@ static int emulate_privileged_op(struct
case MSR_IA32_UCODE_REV:
if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
goto fail;
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
+ break;
if ( rdmsr_safe(regs->ecx, val) )
goto fail;
if ( msr_content )
@@ -2324,7 +2326,7 @@ static int emulate_privileged_op(struct
break;
case MSR_IA32_MISC_ENABLE:
if ( rdmsr_safe(regs->ecx, val) )
- goto invalid;
+ goto fail;
val = guest_misc_enable(val);
if ( msr_content != val )
goto invalid;
@@ -2351,7 +2353,7 @@ static int emulate_privileged_op(struct
case MSR_IA32_ENERGY_PERF_BIAS:
if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
goto fail;
- if ( (v->domain->domain_id != 0) || !is_pinned_vcpu(v) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( wrmsr_safe(regs->ecx, msr_content) != 0 )
goto fail;
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2011-02-10 13:57 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-02-10 13:57 [PATCH] x86: tighten conditions under which writing certain MSRs is permitted Jan Beulich
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.