Received: by 10.223.185.116 with SMTP id b49csp4397357wrg; Mon, 26 Feb 2018 17:19:52 -0800 (PST) X-Google-Smtp-Source: AH8x225GXKNg2ym3HqXKDxl1CeNgs61CBQ8GH1IpB2uqWoWYfVXcyaNPL2FXDROKw9HSBs6LAT0b X-Received: by 2002:a17:902:b101:: with SMTP id q1-v6mr12553952plr.287.1519694392475; Mon, 26 Feb 2018 17:19:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519694392; cv=none; d=google.com; s=arc-20160816; b=HzK0TjZ4a9yf2NCiI+7mgP65q7Eq+4qDv41daevu18lEIrhtmtjLEpn+LaqdzA/M0B XA1HFEjPS6BEBvBh+ZH1FoeD/yGlqnG29a8is+us2WxkAw9JwAY0C68SzD4mXtxhMy59 +XEGml/05eALUQB9Sf8Nu5kL21KPqGSSMvLr7YrvUfKGE3uo96XK9AM9bsYAOYIUWtCZ d80JSv7KvePuBFtMUU3bUFZxHWukOdJn/7qJfzLOk0BHGS7aKIw/BbnsFo7r0pFxIAuR JFH0veIg2NKeFWV7qfcWR9ta5Nu7vhbneALya60YBwVpbHbjl3js8ofXJAuEJ9NDpQ1k LKIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=rOmdEHYLBuJygN79Es2jLFhSugKxnzHlY0q2a8ISQVM=; b=jVV0zPo7Px+0SpIqAeJy+vJiF/FVQFZ77DkHUu3mq/6DyqI9bPcAzM11hsk/W3eKE8 yIHRqgcrZ6g8d42bybHi21ekKtdRyyv1BI8qJOCyTKJXLPlgkhV0NJuAM8YByfMczv4z 9Zkhh24fXeSl8ScBzQne+ASsUTb0GdIgsVK66Z6Llm+Zxo4osf7y0w/dGtH3Sg0z2hMe 941l3PxgWxoX151/AqtGnR5Q0WoEgFfCcmQSKK01s91hQ5t87IvrsfU1lm5Yb5jH/+0S sEJlDoobv6ulXLEnr0xBTF8KDYChmOkB4n099t59rkbudrI8Huj7itVb7Zr4v3cpdqNL G4Zg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=GcPSDJ0a; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f5si6190708pgq.806.2018.02.26.17.19.37; Mon, 26 Feb 2018 17:19:52 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=GcPSDJ0a; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751628AbeB0BS6 (ORCPT + 99 others); Mon, 26 Feb 2018 20:18:58 -0500 Received: from mail-pf0-f196.google.com ([209.85.192.196]:33739 "EHLO mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751445AbeB0BS4 (ORCPT ); Mon, 26 Feb 2018 20:18:56 -0500 Received: by mail-pf0-f196.google.com with SMTP id q13so7289676pff.0; Mon, 26 Feb 2018 17:18:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=rOmdEHYLBuJygN79Es2jLFhSugKxnzHlY0q2a8ISQVM=; b=GcPSDJ0aG83nsDe6xrz31YHQa0oVKzCUpYvw3yrJPJ0O9EzAU86j9WGcIx/H151LwE hjGW9Tmrkpi4+Vbb1CtDBzs02nn+awmeh7S4B/TzCXc5m0DVFZ8lvkrD07I8orc7SgBA AK0+5ZPw51rEqptdUut0S121n9LxD5ZRpaq2UZ3ROJIAjzG1mpbyfvmEjLXUx7G4Esut g13aFauwPP23Fmrfpzbb1fGkVi+FmG2LCdXglHc2ycNkDcJFA9VaKT+K/Jf+kCd8MKxM +tS7gzsSL1dOB2vTF424xbhzEFHThWljS7dKYKyAwQUlks2pY81kdLs5rcJB+TnP3PK3 qknQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=rOmdEHYLBuJygN79Es2jLFhSugKxnzHlY0q2a8ISQVM=; b=nGsDpHBTo7XguqVIiiTLDfE/f416fx3EprgSqtxWYrJzjwq6SOw4K3lyvfiZUhLrdK u6L2hvRrKwlEuBkhzK9F/s6VpySb4yhg4HFG4y+eoQxeFdGk0PwVni5kE5PKKoU7gEwB rRbrJdWHTyhjScC6b1XAmPO/vv1sECPFpIcA1nD78rpSsFBL6I6JrhxFnuQX1ax1OgRP axcM57sp0NO5qYNEEvuzC57bp/tq/AoABjT5fQE2NOhY4DmuGKG+7T8JluX6vN0a12R7 hZzaBU5ajOSVqnoxySe/n5MCExuOA880nAAg51JrCt/F1hj0JmIPZ7z82OEHavYPqvrA 8fDA== X-Gm-Message-State: APf1xPAa9LYluZMcE/jIUykWouddvpxzS87X84zcXehTisPOND7Q20OI qGsc9EvM/ehfjRlDqEBctV/3Rg== X-Received: by 10.98.182.26 with SMTP id j26mr11037889pff.223.1519694336036; Mon, 26 Feb 2018 17:18:56 -0800 (PST) Received: from localhost.localdomain ([203.205.141.123]) by smtp.googlemail.com with ESMTPSA id q76sm21401939pfj.149.2018.02.26.17.18.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 26 Feb 2018 17:18:55 -0800 (PST) From: Wanpeng Li X-Google-Original-From: Wanpeng Li To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Liran Alon Subject: [PATCH v3] KVM: X86: Allow userspace to define the microcode version Date: Tue, 27 Feb 2018 09:18:51 +0800 Message-Id: <1519694331-16368-1-git-send-email-wanpengli@tencent.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Wanpeng Li Linux (among the others) has checks to make sure that certain features aren't enabled on a certain family/model/stepping if the microcode version isn't greater than or equal to a known good version. By exposing the real microcode version, we're preventing buggy guests that don't check that they are running virtualized (i.e., they should trust the hypervisor) from disabling features that are effectively not buggy. Suggested-by: Filippo Sironi Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Liran Alon Signed-off-by: Wanpeng Li --- v2 -> v3: * remove the shifts * add the MSR_IA32_UCODE_REV version to the "feature MSRs" v1 -> v2: * add MSR_IA32_UCODE_REV to emulated_msrs arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/x86.c | 19 +++++++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 938d453..6e13f2f 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -507,6 +507,7 @@ struct kvm_vcpu_arch { u64 smi_count; bool tpr_access_reporting; u64 ia32_xss; + u32 microcode_version; /* * Paging state of the vcpu diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index d4985a9..00af28e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1058,6 +1058,7 @@ static unsigned num_emulated_msrs; static u32 msr_based_features[] = { MSR_IA32_ARCH_CAPABILITIES, MSR_F10H_DECFG, + MSR_IA32_UCODE_REV, }; static unsigned int num_msr_based_features; @@ -1067,8 +1068,14 @@ static int do_get_msr_feature(struct kvm_vcpu *vcpu, unsigned index, u64 *data) struct kvm_msr_entry msr; msr.index = index; - if (kvm_x86_ops->get_msr_feature(&msr)) - return 1; + switch (msr.index) { + case MSR_IA32_UCODE_REV: + rdmsrl(msr.index, msr.data); + break; + default: + if (kvm_x86_ops->get_msr_feature(&msr)) + return 1; + } *data = msr.data; @@ -2248,7 +2255,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) switch (msr) { case MSR_AMD64_NB_CFG: - case MSR_IA32_UCODE_REV: case MSR_IA32_UCODE_WRITE: case MSR_VM_HSAVE_PA: case MSR_AMD64_PATCH_LOADER: @@ -2256,6 +2262,10 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) case MSR_AMD64_DC_CFG: break; + case MSR_IA32_UCODE_REV: + if (msr_info->host_initiated) + vcpu->arch.microcode_version = data; + break; case MSR_EFER: return set_efer(vcpu, data); case MSR_K7_HWCR: @@ -2551,7 +2561,7 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) msr_info->data = 0; break; case MSR_IA32_UCODE_REV: - msr_info->data = 0x100000000ULL; + msr_info->data = (u64)vcpu->arch.microcode_version; break; case MSR_MTRRcap: case 0x200 ... 0x2ff: @@ -8233,6 +8243,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) vcpu->arch.regs_dirty = ~0; vcpu->arch.ia32_xss = 0; + vcpu->arch.microcode_version = 0x1; kvm_x86_ops->vcpu_reset(vcpu, init_event); } -- 2.7.4