| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20240709145500.45547-1-dapeng1.mi@linux.intel.com>
Date: Tue, 9 Jul 2024 14:55:00 +0000
From: Dapeng Mi <dapeng1.mi@...ux.intel.com>
To: Sean Christopherson <seanjc@...gle.com>,
Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org,
linux-kernel@...r.kernel.org,
Jim Mattson <jmattson@...gle.com>,
Mingwei Zhang <mizhang@...gle.com>,
Xiong Zhang <xiong.y.zhang@...el.com>,
Zhenyu Wang <zhenyuw@...ux.intel.com>,
Like Xu <like.xu.linux@...il.com>,
Jinrong Liang <cloudliang@...cent.com>,
Yongwei Ma <yongwei.ma@...el.com>,
Dapeng Mi <dapeng1.mi@...el.com>,
Dapeng Mi <dapeng1.mi@...ux.intel.com>,
Gleb Natapov <gleb@...hat.com>
Subject: [PATCH] KVM: x86/pmu: Return KVM_MSR_RET_INVALID for invalid PMU MSR access
Return KVM_MSR_RET_INVALID instead of 0 to inject #GP to guest for all
invalid PMU MSRs access
Currently KVM silently drops the access and doesn't inject #GP for some
invalid PMU MSRs like MSR_P6_PERFCTR0/MSR_P6_PERFCTR1,
MSR_P6_EVNTSEL0/MSR_P6_EVNTSEL1, but KVM still injects #GP for all other
invalid PMU MSRs. This leads to guest see different behavior on invalid
PMU access and may confuse guest.
This behavior is introduced by the
'commit 5753785fa977 ("KVM: do not #GP on perf MSR writes when vPMU is disabled")'
in 2012. This commit seems to want to keep back compatible with weird
behavior of some guests in vPMU disabled case, but strongly suspect if
it's still available nowadays.
Since Perfmon v6 starts, the GP counters could become discontinuous on
HW, It's possible that HW doesn't support GP counters 0 and 1.
Considering this situation KVM should inject #GP for all invalid PMU MSRs
access.
Cc: Gleb Natapov <gleb@...hat.com>
Signed-off-by: Dapeng Mi <dapeng1.mi@...ux.intel.com>
---
arch/x86/kvm/x86.c | 18 ------------------
.../selftests/kvm/x86_64/pmu_counters_test.c | 7 +------
2 files changed, 1 insertion(+), 24 deletions(-)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 994743266480..d92321d37892 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -4051,16 +4051,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
case MSR_IA32_MC0_CTL2 ... MSR_IA32_MCx_CTL2(KVM_MAX_MCE_BANKS) - 1:
return set_msr_mce(vcpu, msr_info);
- case MSR_K7_PERFCTR0 ... MSR_K7_PERFCTR3:
- case MSR_P6_PERFCTR0 ... MSR_P6_PERFCTR1:
- case MSR_K7_EVNTSEL0 ... MSR_K7_EVNTSEL3:
- case MSR_P6_EVNTSEL0 ... MSR_P6_EVNTSEL1:
- if (kvm_pmu_is_valid_msr(vcpu, msr))
- return kvm_pmu_set_msr(vcpu, msr_info);
-
- if (data)
- kvm_pr_unimpl_wrmsr(vcpu, msr, data);
- break;
case MSR_K7_CLK_CTL:
/*
* Ignore all writes to this no longer documented MSR.
@@ -4239,14 +4229,6 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
case MSR_DRAM_ENERGY_STATUS: /* DRAM controller */
msr_info->data = 0;
break;
- case MSR_K7_EVNTSEL0 ... MSR_K7_EVNTSEL3:
- case MSR_K7_PERFCTR0 ... MSR_K7_PERFCTR3:
- case MSR_P6_PERFCTR0 ... MSR_P6_PERFCTR1:
- case MSR_P6_EVNTSEL0 ... MSR_P6_EVNTSEL1:
- if (kvm_pmu_is_valid_msr(vcpu, msr_info->index))
- return kvm_pmu_get_msr(vcpu, msr_info);
- msr_info->data = 0;
- break;
case MSR_IA32_UCODE_REV:
msr_info->data = vcpu->arch.microcode_version;
break;
diff --git a/tools/testing/selftests/kvm/x86_64/pmu_counters_test.c b/tools/testing/selftests/kvm/x86_64/pmu_counters_test.c
index 698cb36989db..62ed765d2aa7 100644
--- a/tools/testing/selftests/kvm/x86_64/pmu_counters_test.c
+++ b/tools/testing/selftests/kvm/x86_64/pmu_counters_test.c
@@ -376,13 +376,8 @@ static void guest_rd_wr_counters(uint32_t base_msr, uint8_t nr_possible_counters
*/
const bool expect_success = i < nr_counters || (or_mask & BIT(i));
- /*
- * KVM drops writes to MSR_P6_PERFCTR[0|1] if the counters are
- * unsupported, i.e. doesn't #GP and reads back '0'.
- */
const uint64_t expected_val = expect_success ? test_val : 0;
- const bool expect_gp = !expect_success && msr != MSR_P6_PERFCTR0 &&
- msr != MSR_P6_PERFCTR1;
+ const bool expect_gp = !expect_success;
uint32_t rdpmc_idx;
uint8_t vector;
uint64_t val;
base-commit: 771df9ffadb8204e61d3e98f36c5067102aab78f
--
2.40.1
Powered by blists - more mailing lists