File 5a956747-x86-HVM-dont-give-wrong-impression-of-WRMSR-success.patch of Package xen.8005
References: bsc#1072834
# Commit 1f1d183d49008794b087cf043fc77f724a45af98
# Date 2018-02-27 15:12:23 +0100
# Author Jan Beulich <jbeulich@suse.com>
# Committer Jan Beulich <jbeulich@suse.com>
x86/HVM: don't give the wrong impression of WRMSR succeeding
... for non-existent MSRs: wrmsr_hypervisor_regs()'s comment clearly
says that the function returns 0 for unrecognized MSRs, so
{svm,vmx}_msr_write_intercept() should not convert this into success. We
don't want to unconditionally fail the access though, as we can't be
certain the list of handled MSRs is complete enough for the guest types
we care about, so instead mirror what we do on the read paths and probe
the MSR to decide whether to raise #GP.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -1764,6 +1764,13 @@ static int svm_msr_write_intercept(unsig
result = X86EMUL_RETRY;
break;
case 0:
+ /*
+ * Match up with the RDMSR side for now; ultimately this entire
+ * case block should go away.
+ */
+ if ( rdmsr_safe(msr, msr_content) == 0 )
+ break;
+ goto gpf;
case 1:
break;
default:
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -2349,6 +2349,13 @@ static int vmx_msr_write_intercept(unsig
case -EAGAIN:
return X86EMUL_RETRY;
case 0:
+ /*
+ * Match up with the RDMSR side for now; ultimately this
+ * entire case block should go away.
+ */
+ if ( rdmsr_safe(msr, msr_content) == 0 )
+ break;
+ goto gp_fault;
case 1:
break;
default:
