From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 25 Jun 2018 12:04:37 +0000 (+0200)
Subject: KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
X-Git-Tag: Ubuntu-4.15.0-32.35~8
X-Git-Url: https://git.proxmox.com/?p=mirror_ubuntu-bionic-kernel.git;a=commitdiff_plain;h=47ae8501efdaaf82ee9f73ebe238b0deee34ecb7

KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR

This lets userspace read the MSR_IA32_ARCH_CAPABILITIES and check that all
requested features are available on the host.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

CVE-2018-3620
CVE-2018-3646

(backported from commit cd28325249a1ca0d771557ce823e0308ad629f98)
[tyhicks: Adjust for the missing MSR_F10H_DECFG and MSR_IA32_UCODE_REV
 feature MSRs which do not exist in 4.15]
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
---

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 1df55fda940a..a8f18e42abed 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1053,6 +1053,7 @@ static unsigned num_emulated_msrs;
  * can be used by a hypervisor to validate requested CPU features.
  */
 static u32 msr_based_features[] = {
+	MSR_IA32_ARCH_CAPABILITIES,
 };
 
 static unsigned int num_msr_based_features;
@@ -1060,6 +1061,9 @@ static unsigned int num_msr_based_features;
 static int kvm_get_msr_feature(struct kvm_msr_entry *msr)
 {
 	switch (msr->index) {
+	case MSR_IA32_ARCH_CAPABILITIES:
+		rdmsrl_safe(msr->index, &msr->data);
+		break;
 	default:
 		if (kvm_x86_ops->get_msr_feature(msr))
 			return 1;