 Home |
Products |
Support |
Community |
News |
xen-devel
[Xen-devel] [PATCH] x86: tighten conditions under which writing certain
| To: | "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | [Xen-devel] [PATCH] x86: tighten conditions under which writing certain MSRs is permitted |
| From: | "Jan Beulich" <JBeulich@xxxxxxxxxx> |
| Date: | Thu, 10 Feb 2011 13:57:30 +0000 |
| Delivery-date: | Thu, 10 Feb 2011 05:58:15 -0800 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
MSRs that control physical CPU aspects generally are pointless (and
possibly dangerous) to be written when the writer isn't sufficiently
aware that it's running virtualized.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2282,7 +2282,7 @@ static int emulate_privileged_op(struct
if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
goto fail;
- if ( !IS_PRIV(v->domain) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( (rdmsr_safe(MSR_AMD64_NB_CFG, val) != 0) ||
(eax != (uint32_t)val) ||
@@ -2295,7 +2295,7 @@ static int emulate_privileged_op(struct
if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
goto fail;
- if ( !IS_PRIV(v->domain) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, val) != 0) )
goto fail;
@@ -2317,6 +2317,8 @@ static int emulate_privileged_op(struct
case MSR_IA32_UCODE_REV:
if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
goto fail;
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
+ break;
if ( rdmsr_safe(regs->ecx, val) )
goto fail;
if ( msr_content )
@@ -2324,7 +2326,7 @@ static int emulate_privileged_op(struct
break;
case MSR_IA32_MISC_ENABLE:
if ( rdmsr_safe(regs->ecx, val) )
- goto invalid;
+ goto fail;
val = guest_misc_enable(val);
if ( msr_content != val )
goto invalid;
@@ -2351,7 +2353,7 @@ static int emulate_privileged_op(struct
case MSR_IA32_ENERGY_PERF_BIAS:
if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
goto fail;
- if ( (v->domain->domain_id != 0) || !is_pinned_vcpu(v) )
+ if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
break;
if ( wrmsr_safe(regs->ecx, msr_content) != 0 )
goto fail;
_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-devel] [PATCH] ix86: re-do permanent disabling of x2apic, Jan Beulich |
|---|---|
| Next by Date: | [Xen-devel] [PATCH] x86: suppress HPET broadcast initialization in the presence of ARAT, Jan Beulich |
| Previous by Thread: | [Xen-devel] [PATCH] ix86: re-do permanent disabling of x2apic, Jan Beulich |
| Next by Thread: | [Xen-devel] [PATCH] x86: suppress HPET broadcast initialization in the presence of ARAT, Jan Beulich |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
