]> git.proxmox.com Git - pve-kernel.git/blob - patches/kernel/0282-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch
projects / pve-kernel.git / blob
? search:


e2854928f03587c0c86dab963d11f23501f1b5c9
[pve-kernel.git] / patches / kernel / 0282-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch
1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2 From: Wei Wang <wei.w.wang@intel.com>
3 Date: Tue, 7 Nov 2017 16:47:53 +0800
4 Subject: [PATCH] x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
5 MIME-Version: 1.0
6 Content-Type: text/plain; charset=UTF-8
7 Content-Transfer-Encoding: 8bit
8
9 CVE-2017-5753
10 CVE-2017-5715
11
12 Add field to access guest MSR_IA332_SPEC_CTRL and MSR_IA32_PRED_CMD state.
13
14 Signed-off-by: Wei Wang <wei.w.wang@intel.com>
15 Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
16 Signed-off-by: Andy Whitcroft <apw@canonical.com>
17 Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
18 (cherry picked from commit 15eb187f47ee2be44d34313bc89cfb719d82cb21)
19 Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
20 ---
21 arch/x86/include/asm/kvm_host.h | 2 ++
22 arch/x86/kvm/vmx.c | 10 ++++++++++
23 arch/x86/kvm/x86.c | 2 +-
24 3 files changed, 13 insertions(+), 1 deletion(-)
25
26 diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
27 index b69af3df978a..1953c0a5b972 100644
28 --- a/arch/x86/include/asm/kvm_host.h
29 +++ b/arch/x86/include/asm/kvm_host.h
30 @@ -628,6 +628,8 @@ struct kvm_vcpu_arch {
31 u64 mcg_ext_ctl;
32 u64 *mce_banks;
33
34 + u64 spec_ctrl;
35 +
36 /* Cache MMIO info */
37 u64 mmio_gva;
38 unsigned access;
39 diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
40 index 9b4256fd589a..daff9962c90a 100644
41 --- a/arch/x86/kvm/vmx.c
42 +++ b/arch/x86/kvm/vmx.c
43 @@ -50,6 +50,7 @@
44 #include <asm/apic.h>
45 #include <asm/irq_remapping.h>
46 #include <asm/mmu_context.h>
47 +#include <asm/microcode.h>
48
49 #include "trace.h"
50 #include "pmu.h"
51 @@ -3247,6 +3248,9 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
52 case MSR_IA32_TSC:
53 msr_info->data = guest_read_tsc(vcpu);
54 break;
55 + case MSR_IA32_SPEC_CTRL:
56 + msr_info->data = vcpu->arch.spec_ctrl;
57 + break;
58 case MSR_IA32_SYSENTER_CS:
59 msr_info->data = vmcs_read32(GUEST_SYSENTER_CS);
60 break;
61 @@ -3351,6 +3355,9 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
62 case MSR_IA32_TSC:
63 kvm_write_tsc(vcpu, msr_info);
64 break;
65 + case MSR_IA32_SPEC_CTRL:
66 + vcpu->arch.spec_ctrl = msr_info->data;
67 + break;
68 case MSR_IA32_CR_PAT:
69 if (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PAT) {
70 if (!kvm_mtrr_valid(vcpu, MSR_IA32_CR_PAT, data))
71 @@ -6146,6 +6153,7 @@ static int handle_rdmsr(struct kvm_vcpu *vcpu)
72
73 msr_info.index = ecx;
74 msr_info.host_initiated = false;
75 +
76 if (vmx_get_msr(vcpu, &msr_info)) {
77 trace_kvm_msr_read_ex(ecx);
78 kvm_inject_gp(vcpu, 0);
79 @@ -6699,6 +6707,8 @@ static __init int hardware_setup(void)
80 vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_CS, false);
81 vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_ESP, false);
82 vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_EIP, false);
83 + vmx_disable_intercept_for_msr(MSR_IA32_SPEC_CTRL, false);
84 + vmx_disable_intercept_for_msr(MSR_IA32_PRED_CMD, false);
85
86 memcpy(vmx_msr_bitmap_legacy_x2apic_apicv,
87 vmx_msr_bitmap_legacy, PAGE_SIZE);
88 diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
89 index 703cd4171921..eae4aecf3cfe 100644
90 --- a/arch/x86/kvm/x86.c
91 +++ b/arch/x86/kvm/x86.c
92 @@ -983,7 +983,7 @@ static u32 msrs_to_save[] = {
93 MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR,
94 #endif
95 MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA,
96 - MSR_IA32_FEATURE_CONTROL, MSR_IA32_BNDCFGS, MSR_TSC_AUX,
97 + MSR_IA32_FEATURE_CONTROL, MSR_IA32_BNDCFGS, MSR_TSC_AUX, MSR_IA32_SPEC_CTRL,
98 };
99
100 static unsigned num_msrs_to_save;
101 --
102 2.14.2
103
Linux Kernel for Proxmox projects