From: Sean Christopherson Date: Wed, 5 Apr 2023 00:45:16 +0000 (-0700) Subject: KVM: x86: Filter out XTILE_CFG if XTILE_DATA isn't permitted X-Git-Tag: v6.4-rc1~60^2~2^2~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=55cd57b596e86140503214eafc8fb62c9c544e8f;p=thirdparty%2Fkernel%2Flinux.git KVM: x86: Filter out XTILE_CFG if XTILE_DATA isn't permitted Filter out XTILE_CFG from the supported XCR0 reported to userspace if the current process doesn't have access to XTILE_DATA. Attempting to set XTILE_CFG in XCR0 will #GP if XTILE_DATA is also not set, and so keeping XTILE_CFG as supported results in explosions if userspace feeds KVM_GET_SUPPORTED_CPUID back into KVM and the guest doesn't sanity check CPUID. Fixes: 445ecdf79be0 ("kvm: x86: Exclude unpermitted xfeatures at KVM_GET_SUPPORTED_CPUID") Reported-by: Aaron Lewis Reviewed-by: Aaron Lewis Tested-by: Aaron Lewis Link: https://lore.kernel.org/r/20230405004520.421768-3-seanjc@google.com Signed-off-by: Sean Christopherson --- diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index 9589c86812eb7..bca706406189c 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -3,6 +3,7 @@ #define ARCH_X86_KVM_X86_H #include +#include #include #include #include "kvm_cache_regs.h" @@ -325,7 +326,22 @@ extern bool enable_pmu; */ static inline u64 kvm_get_filtered_xcr0(void) { - return kvm_caps.supported_xcr0 & xstate_get_guest_group_perm(); + u64 permitted_xcr0 = kvm_caps.supported_xcr0; + + BUILD_BUG_ON(XFEATURE_MASK_USER_DYNAMIC != XFEATURE_MASK_XTILE_DATA); + + if (permitted_xcr0 & XFEATURE_MASK_USER_DYNAMIC) { + permitted_xcr0 &= xstate_get_guest_group_perm(); + + /* + * Treat XTILE_CFG as unsupported if the current process isn't + * allowed to use XTILE_DATA, as attempting to set XTILE_CFG in + * XCR0 without setting XTILE_DATA is architecturally illegal. + */ + if (!(permitted_xcr0 & XFEATURE_MASK_XTILE_DATA)) + permitted_xcr0 &= ~XFEATURE_MASK_XTILE_CFG; + } + return permitted_xcr0; } static inline bool kvm_mpx_supported(void)