lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 11 Dec 2022 00:00:44 +0800
From:   Zhang Chen <chen.zhang@...el.com>
To:     x86@...nel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Cc:     Zhang Chen <chen.zhang@...el.com>, Chao Gao <chao.gao@...el.com>,
        Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>,
        "H. Peter Anvin" <hpa@...or.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: [RFC PATCH 7/9] kvm/x86: Add MSR_VIRTUAL_MITIGATION_ENUM/CTRL emulation

Introduce Intel virtual MSR_VIRTUAL_MITIGATION_ENUM(0x50000001)
and MSR_VIRTUAL_MITIGATION_CTRL(0x50000002).
The MSR_VIRTUAL_MITIGATION_ENUM to tell guest about supported
mitigations and enable the MSR_VIRTUAL_MITIGATION_CTRL virtual
MSRs for guest, VMM will help to setup virtual spec ctrl mask
for SPEC_CTRL_RRSBA_DIS_S, SPEC_CTRL_BHI_DIS_S as guest's needs.

Signed-off-by: Zhang Chen <chen.zhang@...el.com>
---
 arch/x86/kvm/vmx/vmx.h | 16 ++++++++++++++++
 arch/x86/kvm/x86.c     |  7 +++++++
 2 files changed, 23 insertions(+)

diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index fc873cf45f70..6abda05cc426 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -29,6 +29,10 @@
 #endif
 
 #define MAX_NR_LOADSTORE_MSRS	8
+#define MITI_ENUM_SUPPORTED	(MITI_ENUM_BHB_CLEAR_SEQ_S_SUPPORT |          \
+				MITI_ENUM_RETPOLINE_S_SUPPORT)
+#define MITI_CTRL_USED		(MITI_CTRL_BHB_CLEAR_SEQ_S_USED |                 \
+				MITI_CTRL_RETPOLINE_S_USED)
 
 struct vmx_msrs {
 	unsigned int		nr;
@@ -301,6 +305,18 @@ struct vcpu_vmx {
 	u64		      msr_virtual_enumeration;
 	u32		      msr_ia32_umwait_control;
 
+	/*
+	 * Guest read only, Only available if MITIGATION_CTRL_SUPPORT
+	 * is enumerated.
+	 */
+	u64		      msr_virtual_mitigation_enum;
+
+	/*
+	 * Read/Write, Only available if MITIGATION_CTRL_SUPPORT
+	 * is enumerated.
+	 */
+	u64		      msr_virtual_mitigation_ctrl;
+
 	/*
 	 * loaded_vmcs points to the VMCS currently used in this vcpu. For a
 	 * non-nested (L1) guest, it always points to vmcs01. For a nested
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 6be0a3f1281f..f6c314def6a8 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1533,6 +1533,8 @@ static const u32 emulated_msrs_all[] = {
 	MSR_IA32_VMX_VMFUNC,
 
 	MSR_VIRTUAL_ENUMERATION,
+	MSR_VIRTUAL_MITIGATION_ENUM,
+	MSR_VIRTUAL_MITIGATION_CTRL,
 
 	MSR_K7_HWCR,
 	MSR_KVM_POLL_CONTROL,
@@ -1570,6 +1572,7 @@ static const u32 msr_based_features_all[] = {
 	MSR_IA32_ARCH_CAPABILITIES,
 	MSR_IA32_PERF_CAPABILITIES,
 	MSR_VIRTUAL_ENUMERATION,
+	MSR_VIRTUAL_MITIGATION_ENUM,
 };
 
 static u32 msr_based_features[ARRAY_SIZE(msr_based_features_all)];
@@ -1671,6 +1674,10 @@ static int kvm_get_msr_feature(struct kvm_msr_entry *msr)
 	case MSR_VIRTUAL_ENUMERATION:
 		msr->data = VIRT_ENUM_MITIGATION_CTRL_SUPPORT;
 		break;
+	case MSR_VIRTUAL_MITIGATION_ENUM:
+		msr->data = MITI_ENUM_BHB_CLEAR_SEQ_S_SUPPORT |
+			    MITI_ENUM_RETPOLINE_S_SUPPORT;
+		break;
 	default:
 		return static_call(kvm_x86_get_msr_feature)(msr);
 	}
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ