From patchwork Sat Jun 3 01:10:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 102729 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:994d:0:b0:3d9:f83d:47d9 with SMTP id k13csp1400705vqr; Fri, 2 Jun 2023 18:12:45 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ42Uhv2kgFR9WajnDTj687r3GHY7bKyjuZeSwSt1Y+Bwk5/GCG3qe5FJ/KBg2o0WM0d4WFV X-Received: by 2002:a05:6a20:7d8c:b0:103:b585:b587 with SMTP id v12-20020a056a207d8c00b00103b585b587mr86736pzj.13.1685754765326; Fri, 02 Jun 2023 18:12:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685754765; cv=none; d=google.com; s=arc-20160816; b=ZYXdIp9ECMuXX1JLBH0rWiRLV0ufCKRTxwEmjhmwTy5sLSN/lXsHMhNjmKH6Gv4A6J tfTUgc7x4MGM8VwJeXw0jBoF0FeFZiDyTgVDAGi8RwOFHc4CH0ai3z8N5/wEthpra7pL P3h+8nnl7mK1RnFHTjv5Eh1h8X6PgE8XP1dtMVOnaiLU6koFlCMS6KQOjqZPPaBrBqjD DRap7YMiD64+pMH6ntd1bW4bwnSr97vn0+3B7JZW+CW0hY1/7ZxEJiKONeFBMWWR8ECd rKOEEly6Kjd+yedw722IFPEuvKG0gmy8D+n5ED+9zozzMvPpbSUtd5sbvhyopUOqCySC +PoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=OHgmCWhsFgWWc85nvi+clBbGRI79fcIkNTIgsGqvymM=; b=fQH6VOBkrMUsUpCaUJpGnlGGI7bzWmK2a275Izzt1aPe0dNC5P1VsFRvJrLTGioUkS fOLCj/Y7/V1QSjwNeV6HfscncI1BueYtnumX02VWcH5c0470BEqjrMWa8Vz91ardBs6w Jyz6qnKe+MfPo3Z4MOVf6B3NCCEmh8CyRVQt3/aIFqKHFOKYgPmHKpoA3RpUazKEZFsT Z0jX9CGBCgRz+bp+yqwyisGPzOfIZ7qp+lf/vbKvzv/cL+w4mDmjf1WkV37ZozDM4ZBG admDuC7TNO00S+sBiigFj6wpt0lLdibd4ZLZzFimHecxiMOVxMXdgEODyy72rw3aUi9S JPgA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=rlxDfPJj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k24-20020a63f018000000b0053f9a37c607si1725742pgh.711.2023.06.02.18.12.33; Fri, 02 Jun 2023 18:12:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=rlxDfPJj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237108AbjFCBLV (ORCPT + 99 others); Fri, 2 Jun 2023 21:11:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42758 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237074AbjFCBLM (ORCPT ); Fri, 2 Jun 2023 21:11:12 -0400 Received: from mail-oi1-x249.google.com (mail-oi1-x249.google.com [IPv6:2607:f8b0:4864:20::249]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 18E53E44 for ; Fri, 2 Jun 2023 18:11:08 -0700 (PDT) Received: by mail-oi1-x249.google.com with SMTP id 5614622812f47-397f122786fso2224970b6e.1 for ; Fri, 02 Jun 2023 18:11:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1685754667; x=1688346667; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=OHgmCWhsFgWWc85nvi+clBbGRI79fcIkNTIgsGqvymM=; b=rlxDfPJjRdF2a+2a8IL9CQM3ryLHp/fQFGIDzVWEwkAjbu3rsh9eN4/R438auoMsLx irdotbBF0L1VqKT7sLdHg3PikykqWcUlNX6wVlhaUAfH5PKTV+UUR+TyBafKzG8MjC4E tp1WnkLmqwfZvQaRXg6jlLso8YEnv2L36GuDh8uar0YoEOeMWHsovwHhs2G9+A+3kHmr V/qpzImsl5mxJI5ns7EKgEttGZ561aBmdHz/ppbAqpuZmX8j8rgPc/m4SgD+T641muzY vWeaDVcIuFit0C86mc8OyyT6Pgkn1zccHXMcLo0+BpC9MFyGHv6tOIf9BOGgQIFhgJGx UvHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685754667; x=1688346667; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OHgmCWhsFgWWc85nvi+clBbGRI79fcIkNTIgsGqvymM=; b=QR9/yZsaN2oWUP1o9Qm/fS60pkKs5meK/PGi9c6JE0Pgcct/fYaeM+9AhfESOWCTwJ AlHR9P4nTkcGfkLfbMxMseR7ErafuJANpM0N2YowJ5jFQHvIYflekENzmVp5iVYTR9vA LvuwJQ5LQZSTk0ecmumTQdTU8dFB4UCPwbq/elJPa+SSsEWjOvI6RLLUbL8RuJdrJFtG 9x6SVGsT/5B3/Vz1kNgAT3eZi9edTTzQ1VA01jY/B8I6kv+4YPIxG4yL3aSrPK49rbY1 qoaDKfAUslsY6D6fdDHFCK4k1OzVLG07Z1DDQsGGqqUBnNCyTv3PmmGMeHvJyz+djSu3 Fcqw== X-Gm-Message-State: AC+VfDzwNcbzgRxYgpf78NCSdUtyohxVCNbX7omzIKmDGYWfZ+VD6CPo ECoXIvIrDjhe0vV2lN6w33n9Pu6p8gI= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:aca:a888:0:b0:399:ee8f:6cdc with SMTP id r130-20020acaa888000000b00399ee8f6cdcmr341691oie.9.1685754667468; Fri, 02 Jun 2023 18:11:07 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Jun 2023 18:10:49 -0700 In-Reply-To: <20230603011058.1038821-1-seanjc@google.com> Mime-Version: 1.0 References: <20230603011058.1038821-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.rc2.161.g9c6817b8e7-goog Message-ID: <20230603011058.1038821-4-seanjc@google.com> Subject: [PATCH v7 03/12] KVM: x86/pmu: Reject userspace attempts to set reserved GLOBAL_STATUS bits From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Like Xu , Like Xu , Jim Mattson , Sandipan Das X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1767641988731201892?= X-GMAIL-MSGID: =?utf-8?q?1767641988731201892?= From: Like Xu Reject userspace writes to MSR_CORE_PERF_GLOBAL_STATUS that attempt to set reserved bits. Allowing userspace to stuff reserved bits doesn't harm KVM itself, but it's architecturally wrong and the guest can't clear the unsupported bits, e.g. makes the guest's PMI handler very confused. Signed-off-by: Like Xu [sean: rewrite changelog to avoid use of #GP, rebase on name change] Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/pmu_intel.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/vmx/pmu_intel.c b/arch/x86/kvm/vmx/pmu_intel.c index edcf8670eb4e..efd113f24c1b 100644 --- a/arch/x86/kvm/vmx/pmu_intel.c +++ b/arch/x86/kvm/vmx/pmu_intel.c @@ -402,6 +402,9 @@ static int intel_pmu_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) if (!msr_info->host_initiated) return 1; /* RO MSR */ + if (data & pmu->global_status_mask) + return 1; + pmu->global_status = data; break; case MSR_CORE_PERF_GLOBAL_CTRL: