File 5ad4948b-x86-correct-MSR_PRED_CMD-emulation.patch of Package xen.openSUSE_Leap_42.3_Update
# Commit a6aa678fa380e9369cc44701a181142322b3a4b0
# Date 2018-04-16 13:18:19 +0100
# Author Andrew Cooper <andrew.cooper3@citrix.com>
# Committer Andrew Cooper <andrew.cooper3@citrix.com>
x86/msr: Correct the emulation behaviour of MSR_PRED_CMD
Experimentally, the behaviour of reserved bits in MSR_PRED_CMD changed between
beta and production microcode, and now raises a #GP fault for set reserved
bits. The AMD spec for future hardware also specifies this behaviour, and it
is the more sensible behaviour to implement.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3629,12 +3629,10 @@ int hvm_msr_write_intercept(unsigned int
if ( !d->arch.cpuid->feat.ibrsb && !d->arch.cpuid->extd.ibpb )
goto gp_fault; /* MSR available? */
- /*
- * The only defined behaviour is when writing PRED_CMD_IBPB. In
- * practice, real hardware accepts any value without faulting.
- */
- if ( msr_content & PRED_CMD_IBPB )
- wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB);
+ if ( msr_content & ~PRED_CMD_IBPB )
+ goto gp_fault; /* Rsvd bit set? */
+
+ wrmsrl(MSR_PRED_CMD, msr_content);
break;
case MSR_ARCH_CAPABILITIES:
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2881,12 +2881,10 @@ static int priv_op_write_msr(unsigned in
if ( !currd->arch.cpuid->feat.ibrsb && !currd->arch.cpuid->extd.ibpb )
break; /* MSR available? */
- /*
- * The only defined behaviour is when writing PRED_CMD_IBPB. In
- * practice, real hardware accepts any value without faulting.
- */
- if ( val & PRED_CMD_IBPB )
- wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB);
+ if ( val & ~PRED_CMD_IBPB )
+ break; /* Rsvd bit set? */
+
+ wrmsrl(MSR_PRED_CMD, val);
return X86EMUL_OKAY;
case MSR_INTEL_MISC_FEATURES_ENABLES: