From nobody Fri Apr 26 12:11:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1592567947; cv=none; d=zohomail.com; s=zohoarc; b=nlk6+D2tg7q4UjBFk/yiv36N0PDlcGWI7R4wGOLOPIoosT36iYIqqCA56l23EaSNFYfuewU2uymVyOYrN2MAX0qxodAgaxohPSMdmylluSznf8J6EWntoaETYgafTjC2qoTw2IX9kZSZNoVBy/KJLfxtLYmOk08GqAh6axXevWY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592567947; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=EGAKKccNDx5f0JBZi4Y4VpztUMGZ9VUwc8SvazKrrZU=; b=gNQ0u0kvk77p1Dv00cKH+xiAHzT2gAdW7R3yCaGTM1tRKA3NNwIepgHBOoDkbHah/i2dlvhWtyLxNVC2x/kxHI9/ETmc08sy3THQLQYiluQgKCEQKf7awqPn0Mmq0VReija35ephY7BBO6LP0ilcp5inP/0mszjFLN2BzWeD+wA= ARC-Authentication-Results: i=1; mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1592567947585761.571889345709; Fri, 19 Jun 2020 04:59:07 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jmFfR-0000FN-04; Fri, 19 Jun 2020 11:58:45 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1jmFfP-0000FH-Uj for xen-devel@lists.xenproject.org; Fri, 19 Jun 2020 11:58:43 +0000 Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 3832a7ee-b224-11ea-bb6a-12813bfff9fa; Fri, 19 Jun 2020 11:58:42 +0000 (UTC) X-Inumbo-ID: 3832a7ee-b224-11ea-bb6a-12813bfff9fa Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: +7J+OWjJIU6EWdeeKMTmt2zgYYGTKWDh1shP6ZC4kaGrNIXQmNgXkAjujPijnbwymFREVfVaDY 7CJftRgY1wZLte4b5J+iS5NrDqAab6FM37RFRqjCtbJ/ehVfCpFP8GQMZPWjQ8LX9rd/iEU9Gs Pd5kQGRaApOgoBJYud9p4wiWQVFiVzViCu4MBSD9G+tqwJ9OmgSt/Nf+WSxKwQyHbyY3rvK0uC gdfZQui4uSwfnlXXqlouywsZXGmoA5YpMxwWzN5Vg73NTeB9a/0C5ygm4Ydv/wVzyJN0n6hs/B GpY= X-SBRS: 2.7 X-MesageID: 20687932 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.75,255,1589256000"; d="scan'208";a="20687932" From: Andrew Cooper To: Xen-devel Subject: [PATCH for-4.14] x86/msr: Disallow access to Processor Trace MSRs Date: Fri, 19 Jun 2020 12:58:23 +0100 Message-ID: <20200619115823.22243-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Wei Liu , Paul Durrant , Andrew Cooper , =?UTF-8?q?Micha=C5=82=20Leszczy=C5=84ski?= , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" We do not expose the feature to guests, so should disallow access to the respective MSRs. Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monn=C3=A9 CC: Paul Durrant CC: Micha=C5=82 Leszczy=C5=84ski Paul: For 4.14. This needs backporting to older trees as well. Micha=C5=82: CC'ing, just to keep you in the loop. Xen has some dubious de= fault MSR semantics which we're still in the middle of untangling in a backwards compatible way. Patches like this will eventually not be necessary, but th= ey are for now. --- xen/arch/x86/msr.c | 12 ++++++++++++ xen/include/asm-x86/msr-index.h | 8 ++++++++ 2 files changed, 20 insertions(+) diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index 0bfb5839b2..05afe601a8 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -168,6 +168,12 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t= *val) case MSR_TSX_FORCE_ABORT: case MSR_TSX_CTRL: case MSR_MCU_OPT_CTRL: + case MSR_RTIT_OUTPUT_BASE: + case MSR_RTIT_OUTPUT_MASK: + case MSR_RTIT_CTL: + case MSR_RTIT_STATUS: + case MSR_RTIT_CR3_MATCH: + case MSR_RTIT_ADDR_A(0) ... MSR_RTIT_ADDR_B(3): case MSR_U_CET: case MSR_S_CET: case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE: @@ -329,6 +335,12 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t= val) case MSR_TSX_FORCE_ABORT: case MSR_TSX_CTRL: case MSR_MCU_OPT_CTRL: + case MSR_RTIT_OUTPUT_BASE: + case MSR_RTIT_OUTPUT_MASK: + case MSR_RTIT_CTL: + case MSR_RTIT_STATUS: + case MSR_RTIT_CR3_MATCH: + case MSR_RTIT_ADDR_A(0) ... MSR_RTIT_ADDR_B(3): case MSR_U_CET: case MSR_S_CET: case MSR_PL0_SSP ... MSR_INTERRUPT_SSP_TABLE: diff --git a/xen/include/asm-x86/msr-index.h b/xen/include/asm-x86/msr-inde= x.h index b328a47ed8..0fe98af923 100644 --- a/xen/include/asm-x86/msr-index.h +++ b/xen/include/asm-x86/msr-index.h @@ -69,6 +69,14 @@ #define MSR_MCU_OPT_CTRL 0x00000123 #define MCU_OPT_CTRL_RNGDS_MITG_DIS (_AC(1, ULL) << 0) =20 +#define MSR_RTIT_OUTPUT_BASE 0x00000560 +#define MSR_RTIT_OUTPUT_MASK 0x00000561 +#define MSR_RTIT_CTL 0x00000570 +#define MSR_RTIT_STATUS 0x00000571 +#define MSR_RTIT_CR3_MATCH 0x00000572 +#define MSR_RTIT_ADDR_A(n) (0x00000580 + (n) * 2) +#define MSR_RTIT_ADDR_B(n) (0x00000581 + (n) * 2) + #define MSR_U_CET 0x000006a0 #define MSR_S_CET 0x000006a2 #define CET_SHSTK_EN (_AC(1, ULL) << 0) --=20 2.11.0