]> git.ipfire.org Git - thirdparty/kernel/linux.git/commitdiff
projects / thirdparty / kernel / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a103911)
KVM: x86: Reject userspace attempts to access ARCH_CAPABILITIES w/o support
authorSean Christopherson <seanjc@google.com>
Fri, 2 Aug 2024 18:55:08 +0000 (11:55 -0700)
committerSean Christopherson <seanjc@google.com>
Fri, 1 Nov 2024 16:22:34 +0000 (09:22 -0700)
Reject userspace accesses to ARCH_CAPABILITIES if the MSR isn't supposed
to exist, according to guest CPUID.  However, "reject" accesses with
KVM_MSR_RET_UNSUPPORTED, so that reads get '0' and writes of '0' are
ignored if KVM advertised support ARCH_CAPABILITIES.

KVM's ABI is that userspace must set guest CPUID prior to setting MSRs,
and that setting MSRs that aren't supposed exist is disallowed (modulo the
'0' exemption).

Link: https://lore.kernel.org/r/20240802185511.305849-7-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
arch/x86/kvm/x86.c patch | blob | blame | history

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index c2802272871db0e9f1c57c0e6ac5003551d7ce13..7e59d3a0801a2d4dab8f735367fd2dc8abace63f 100644 (file)
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -3795,8 +3795,9 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
                        vcpu->arch.microcode_version = data;
                break;
        case MSR_IA32_ARCH_CAPABILITIES:
-               if (!msr_info->host_initiated)
-                       return 1;
+               if (!msr_info->host_initiated ||
+                   !guest_cpuid_has(vcpu, X86_FEATURE_ARCH_CAPABILITIES))
+                       return KVM_MSR_RET_UNSUPPORTED;
                vcpu->arch.arch_capabilities = data;
                break;
        case MSR_IA32_PERF_CAPABILITIES:
@@ -4256,9 +4257,8 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
                msr_info->data = vcpu->arch.microcode_version;
                break;
        case MSR_IA32_ARCH_CAPABILITIES:
-               if (!msr_info->host_initiated &&
-                   !guest_cpuid_has(vcpu, X86_FEATURE_ARCH_CAPABILITIES))
-                       return 1;
+               if (!guest_cpuid_has(vcpu, X86_FEATURE_ARCH_CAPABILITIES))
+                       return KVM_MSR_RET_UNSUPPORTED;
                msr_info->data = vcpu->arch.arch_capabilities;
                break;
        case MSR_IA32_PERF_CAPABILITIES:
A mirror of Linus' kernel repository