| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20221210160046.2608762-8-chen.zhang@intel.com>
Date: Sun, 11 Dec 2022 00:00:44 +0800
From: Zhang Chen <chen.zhang@...el.com>
To: x86@...nel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Cc: Zhang Chen <chen.zhang@...el.com>, Chao Gao <chao.gao@...el.com>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
"H. Peter Anvin" <hpa@...or.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>
Subject: [RFC PATCH 7/9] kvm/x86: Add MSR_VIRTUAL_MITIGATION_ENUM/CTRL emulation
Introduce Intel virtual MSR_VIRTUAL_MITIGATION_ENUM(0x50000001)
and MSR_VIRTUAL_MITIGATION_CTRL(0x50000002).
The MSR_VIRTUAL_MITIGATION_ENUM to tell guest about supported
mitigations and enable the MSR_VIRTUAL_MITIGATION_CTRL virtual
MSRs for guest, VMM will help to setup virtual spec ctrl mask
for SPEC_CTRL_RRSBA_DIS_S, SPEC_CTRL_BHI_DIS_S as guest's needs.
Signed-off-by: Zhang Chen <chen.zhang@...el.com>
---
arch/x86/kvm/vmx/vmx.h | 16 ++++++++++++++++
arch/x86/kvm/x86.c | 7 +++++++
2 files changed, 23 insertions(+)
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index fc873cf45f70..6abda05cc426 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -29,6 +29,10 @@
#endif
#define MAX_NR_LOADSTORE_MSRS 8
+#define MITI_ENUM_SUPPORTED (MITI_ENUM_BHB_CLEAR_SEQ_S_SUPPORT | \
+ MITI_ENUM_RETPOLINE_S_SUPPORT)
+#define MITI_CTRL_USED (MITI_CTRL_BHB_CLEAR_SEQ_S_USED | \
+ MITI_CTRL_RETPOLINE_S_USED)
struct vmx_msrs {
unsigned int nr;
@@ -301,6 +305,18 @@ struct vcpu_vmx {
u64 msr_virtual_enumeration;
u32 msr_ia32_umwait_control;
+ /*
+ * Guest read only, Only available if MITIGATION_CTRL_SUPPORT
+ * is enumerated.
+ */
+ u64 msr_virtual_mitigation_enum;
+
+ /*
+ * Read/Write, Only available if MITIGATION_CTRL_SUPPORT
+ * is enumerated.
+ */
+ u64 msr_virtual_mitigation_ctrl;
+
/*
* loaded_vmcs points to the VMCS currently used in this vcpu. For a
* non-nested (L1) guest, it always points to vmcs01. For a nested
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 6be0a3f1281f..f6c314def6a8 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1533,6 +1533,8 @@ static const u32 emulated_msrs_all[] = {
MSR_IA32_VMX_VMFUNC,
MSR_VIRTUAL_ENUMERATION,
+ MSR_VIRTUAL_MITIGATION_ENUM,
+ MSR_VIRTUAL_MITIGATION_CTRL,
MSR_K7_HWCR,
MSR_KVM_POLL_CONTROL,
@@ -1570,6 +1572,7 @@ static const u32 msr_based_features_all[] = {
MSR_IA32_ARCH_CAPABILITIES,
MSR_IA32_PERF_CAPABILITIES,
MSR_VIRTUAL_ENUMERATION,
+ MSR_VIRTUAL_MITIGATION_ENUM,
};
static u32 msr_based_features[ARRAY_SIZE(msr_based_features_all)];
@@ -1671,6 +1674,10 @@ static int kvm_get_msr_feature(struct kvm_msr_entry *msr)
case MSR_VIRTUAL_ENUMERATION:
msr->data = VIRT_ENUM_MITIGATION_CTRL_SUPPORT;
break;
+ case MSR_VIRTUAL_MITIGATION_ENUM:
+ msr->data = MITI_ENUM_BHB_CLEAR_SEQ_S_SUPPORT |
+ MITI_ENUM_RETPOLINE_S_SUPPORT;
+ break;
default:
return static_call(kvm_x86_get_msr_feature)(msr);
}
--
2.25.1
Powered by blists - more mailing lists