Overview

File 57dfb1c5-x86-Intel-hide-CPUID-faulting-capability-from-guests.patch of Package xen.4218

# Commit b982a5bea4273a4b9fc007d5046bed8d1669c07f
# Date 2016-09-19 11:37:09 +0200
# Author Jan Beulich <jbeulich@suse.com>
# Committer Jan Beulich <jbeulich@suse.com>
x86/Intel: hide CPUID faulting capability from guests

We don't currently emulate it, so guests should not be misguided to
believe they can (try to) use it.

For now, simply return zero to guests for platform MSR reads, and only
accept (by discarding) writes of zero. If ever there will be bits we
can safely expose to guests, let's handle them by white listing.

(As a side note - according to SDM version 059 bit 31 is reserved on
all known families.)

Reported-by: Kyle Huey <me@kylehuey.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Andrew Cooper <andrew.cooper3@citix.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>

--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -2146,6 +2146,13 @@ static int vmx_msr_read_intercept(unsign
         if ( vpmu_do_rdmsr(msr, msr_content) )
             goto done;
         break;
+
+    case MSR_INTEL_PLATFORM_INFO:
+        if ( rdmsr_safe(MSR_INTEL_PLATFORM_INFO, *msr_content) )
+            goto gp_fault;
+        *msr_content = 0;
+        break;
+
     default:
         if ( vpmu_do_rdmsr(msr, msr_content) )
             break;
@@ -2359,6 +2366,13 @@ static int vmx_msr_write_intercept(unsig
         if ( !nvmx_msr_write_intercept(msr, msr_content) )
             goto gp_fault;
         break;
+
+    case MSR_INTEL_PLATFORM_INFO:
+        if ( msr_content ||
+             rdmsr_safe(MSR_INTEL_PLATFORM_INFO, msr_content) )
+            goto gp_fault;
+        break;
+
     default:
         if ( vpmu_do_wrmsr(msr, msr_content, 0) )
             return X86EMUL_OKAY;
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2580,6 +2580,13 @@ static int emulate_privileged_op(struct
                 wrmsrl(regs->_ecx, msr_content);
             break;
 
+        case MSR_INTEL_PLATFORM_INFO:
+            if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ||
+                 msr_content ||
+                 rdmsr_safe(MSR_INTEL_PLATFORM_INFO, msr_content) )
+                goto fail;
+            break;
+
         default:
             if ( wrmsr_hypervisor_regs(regs->ecx, msr_content) == 1 )
                 break;
@@ -2682,6 +2689,13 @@ static int emulate_privileged_op(struct
             regs->edx = 0;
             break;
 
+        case MSR_INTEL_PLATFORM_INFO:
+            if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ||
+                 rdmsr_safe(MSR_INTEL_PLATFORM_INFO, val) )
+                goto fail;
+            regs->eax = regs->edx = 0;
+            break;
+
         default:
             if ( rdmsr_hypervisor_regs(regs->ecx, &val) )
             {
openSUSE Build Service is sponsored by
Places