Linux-HyperV Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH RFC 00/22] KVM: x86: hyper-v: Fine-grained access check to Hyper-V hypercalls and MSRs
@ 2021-04-13 12:26 Vitaly Kuznetsov
  2021-04-13 12:26 ` [PATCH RFC 01/22] asm-generic/hyperv: add HV_STATUS_ACCESS_DENIED definition Vitaly Kuznetsov
                   ` (21 more replies)
  0 siblings, 22 replies; 26+ messages in thread
From: Vitaly Kuznetsov @ 2021-04-13 12:26 UTC (permalink / raw)
  To: kvm, Paolo Bonzini
  Cc: Sean Christopherson, Wanpeng Li, Jim Mattson,
	Siddharth Chandrasekaran, linux-kernel, linux-hyperv

Currently, all implemented Hyper-V features (MSRs and hypercalls) are
available unconditionally to all Hyper-V enabled guests. This is not
ideal as KVM userspace may decide to provide only a subset of the
currently implemented features to emulate an older Hyper-V version,
to reduce attack surface,... Implement checks against guest visible
CPUIDs for all currently implemented MSRs and hypercalls.

RFC part:
- KVM has KVM_CAP_ENFORCE_PV_FEATURE_CPUID for KVM PV features. Should
 we use it for Hyper-V as well or should we rather add a Hyper-V specific
 CAP (or neither)?

TODO:
- Write a selftest
- Check with various Windows/Hyper-V versions that CPUID feature bits
 are actually respected.

Vitaly Kuznetsov (22):
  asm-generic/hyperv: add HV_STATUS_ACCESS_DENIED definition
  KVM: x86: hyper-v: Cache guest CPUID leaves determining features
    availability
  KVM: x86: hyper-v: Honor HV_MSR_VP_RUNTIME_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_TIME_REF_COUNT_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_HYPERCALL_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_VP_INDEX_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_RESET_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_REFERENCE_TSC_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_SYNIC_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_SYNTIMER_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_MSR_APIC_ACCESS_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_ACCESS_FREQUENCY_MSRS privilege bit
  KVM: x86: hyper-v: Honor HV_ACCESS_REENLIGHTENMENT privilege bit
  KVM: x86: hyper-v: Honor HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE
    privilege bit
  KVM: x86: hyper-v: Honor HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE
    privilege bit
  KVM: x86: hyper-v: Honor HV_STIMER_DIRECT_MODE_AVAILABLE privilege bit
  KVM: x86: hyper-v: Honor HV_POST_MESSAGES privilege bit
  KVM: x86: hyper-v: Honor HV_SIGNAL_EVENTS privilege bit
  KVM: x86: hyper-v: Honor HV_DEBUGGING privilege bit
  KVM: x86: hyper-v: Honor HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED bit
  KVM: x86: hyper-v: Honor HV_X64_CLUSTER_IPI_RECOMMENDED bit
  KVM: x86: hyper-v: Check access to HVCALL_NOTIFY_LONG_SPIN_WAIT
    hypercall

 arch/x86/include/asm/kvm_host.h   |   8 +
 arch/x86/kvm/hyperv.c             | 305 +++++++++++++++++++++++++++---
 include/asm-generic/hyperv-tlfs.h |   1 +
 3 files changed, 291 insertions(+), 23 deletions(-)

-- 
2.30.2


^ permalink raw reply	[flat|nested] 26+ messages in thread

end of thread, back to index

Thread overview: 26+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-13 12:26 [PATCH RFC 00/22] KVM: x86: hyper-v: Fine-grained access check to Hyper-V hypercalls and MSRs Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 01/22] asm-generic/hyperv: add HV_STATUS_ACCESS_DENIED definition Vitaly Kuznetsov
2021-04-15 14:14   ` Wei Liu
2021-04-15 15:33     ` Vitaly Kuznetsov
2021-04-16 10:31       ` Wei Liu
2021-04-13 12:26 ` [PATCH RFC 02/22] KVM: x86: hyper-v: Cache guest CPUID leaves determining features availability Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 03/22] KVM: x86: hyper-v: Honor HV_MSR_VP_RUNTIME_AVAILABLE privilege bit Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 04/22] KVM: x86: hyper-v: Honor HV_MSR_TIME_REF_COUNT_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 05/22] KVM: x86: hyper-v: Honor HV_MSR_HYPERCALL_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 06/22] KVM: x86: hyper-v: Honor HV_MSR_VP_INDEX_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 07/22] KVM: x86: hyper-v: Honor HV_MSR_RESET_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 08/22] KVM: x86: hyper-v: Honor HV_MSR_REFERENCE_TSC_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 09/22] KVM: x86: hyper-v: Honor HV_MSR_SYNIC_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 10/22] KVM: x86: hyper-v: Honor HV_MSR_SYNTIMER_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 11/22] KVM: x86: hyper-v: Honor HV_MSR_APIC_ACCESS_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 12/22] KVM: x86: hyper-v: Honor HV_ACCESS_FREQUENCY_MSRS " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 13/22] KVM: x86: hyper-v: Honor HV_ACCESS_REENLIGHTENMENT " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 14/22] KVM: x86: hyper-v: Honor HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 15/22] " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 16/22] KVM: x86: hyper-v: Honor HV_STIMER_DIRECT_MODE_AVAILABLE " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 17/22] KVM: x86: hyper-v: Honor HV_POST_MESSAGES " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 18/22] KVM: x86: hyper-v: Honor HV_SIGNAL_EVENTS " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 19/22] KVM: x86: hyper-v: Honor HV_DEBUGGING " Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 20/22] KVM: x86: hyper-v: Honor HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED bit Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 21/22] KVM: x86: hyper-v: Honor HV_X64_CLUSTER_IPI_RECOMMENDED bit Vitaly Kuznetsov
2021-04-13 12:26 ` [PATCH RFC 22/22] KVM: x86: hyper-v: Check access to HVCALL_NOTIFY_LONG_SPIN_WAIT hypercall Vitaly Kuznetsov

Linux-HyperV Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-hyperv/0 linux-hyperv/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-hyperv linux-hyperv/ https://lore.kernel.org/linux-hyperv \
		linux-hyperv@vger.kernel.org
	public-inbox-index linux-hyperv

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-hyperv


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git