Received: by 10.223.185.116 with SMTP id b49csp5808635wrg; Tue, 27 Feb 2018 22:04:39 -0800 (PST) X-Google-Smtp-Source: AH8x225d/s78iVLV7Tl02U8o1f/6p3ASVfpiNWrgHMqAYhSMDsxS1fkajOtPKSUCl+CRta+MBReJ X-Received: by 10.101.87.132 with SMTP id b4mr13098750pgr.282.1519797879160; Tue, 27 Feb 2018 22:04:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519797879; cv=none; d=google.com; s=arc-20160816; b=GPJpXrOmkG7vo9vadNPk+t5H+FPIIA1U6HwHRwVeL47Ab+Iz7Ui57vkE0JmkveuO0Q wN38Jws0PViQXrvUR/et3K2ZzHdyxVlLYw4HJc9PchHxJ794LMwOJXCa2+M1pVH8j/gi HQq5kk6S73dNGtIg6h1ovAbIbM0j7/Bu/Oidfdj7ny4a55jzZ0UOv4QUlhVHShaaaVj6 vRKZEvG4VEm59zqTCYuXd2xPA/Yq1n2gVdQDOy0DZbb1hawMbDeQ69jlowIVIr0W18lE jQHkKJHCX2Gssx+rovwKFiERaNL0GaSGOl+Fj93MfBHESWHiGs7dr3zhMLc0VEGx7YMr OlhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=QqbL1hUbP76Rfo9Y89dE6UeqBPoFyWFG+LapFz+OCVM=; b=ssJQggkkRWZiRBepD9fqI4oA/F+0x9HS9ZYmcR0R7DsR08SG5viuJpVRzAvtRTWp6S YWI3iiG6o2z8tPcmYOHJwpuVgDS/6MofFjtaQmyE8SOcSwz/LSgWBT+1ALRqmmI7xX6J 4ZmlNtWOuxSnWgOxEw0tzaSoJSHINX5LzPJzTk5dOo0KctsfvB+lUU3iYWHnFlRRMcNf FG2D9nsVPTiTlexhmAdyv9v0RUJjt1aLGFuer2upHRMP1A6a5JlkABAtbPzMB9O/Ijtx juWhNrYpz/Ea6H8SSAmOdZ7lgjGVWlbDOHPPFYTHBk+tfnDrjV7vWfJ0QlTvYYOzKc4g Zing== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ojHnFpnn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o184si563228pga.245.2018.02.27.22.04.24; Tue, 27 Feb 2018 22:04:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ojHnFpnn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751903AbeB1GDp (ORCPT + 99 others); Wed, 28 Feb 2018 01:03:45 -0500 Received: from mail-it0-f67.google.com ([209.85.214.67]:35687 "EHLO mail-it0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751836AbeB1GDl (ORCPT ); Wed, 28 Feb 2018 01:03:41 -0500 Received: by mail-it0-f67.google.com with SMTP id v194so2112526itb.0; Tue, 27 Feb 2018 22:03:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=QqbL1hUbP76Rfo9Y89dE6UeqBPoFyWFG+LapFz+OCVM=; b=ojHnFpnnvxHMZ7a+oxL+ZaJfOyGqrhdO1Y1NUg+xabeHbiFCXNp+2CKO6/y7OkkUrR vdrBMpPH/tBSdYNLFa8ePl+j6U+/pFd2Wm7rLGq69L1IslagqTZ13sIbDiHlFWo0l01U FrMPosUDdUtpI0/9/RstCcsLRYEqjyqC06z4KP8ECTgmu2/Qd99UkSS8XD4WIkLy40A9 Fp5KNbf1rITqTI/wWs2v0ZYVNkJQUmibfCvRVfWx7TIxnU7XdA7IxDb7txRRCFQpjdOf ob+DlcOcMBqjxwI2/uDdRa4ajdC2BjnzmRGHELnHNjEvnX0h6y4W6Y6raJX29bmwsjBk d34g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=QqbL1hUbP76Rfo9Y89dE6UeqBPoFyWFG+LapFz+OCVM=; b=gHHyuJeX+RnCxcum4SBmdhGgKOkxiNFJ3YFVP7bhop7si33e8t9mqXFbsUYvpaT5Pg ydiQtSAaNfMKLSeFhxpLahte9nqa1A49zTrwoO6epxVV2QbQez+JlUn2h0vV2j/P/YdQ uSlzpisMcK5/W4ip4PjI7lx77YIG5/Cz2H9GuLzGGH4EB5/YRhsQf47pZy0wIIZZ5stM IjC9/9WtAYuPFGUMJOFY+GFH5p12dzS0vYfEnR2Sgsie3ZZcivpd5LPbN/5BvyLwR9Yw SvWtIf7KX6r5IG7U/xw5pGEEntj97iIgto+9uGuYbvr1oohLN4BufNVeH7sq2zKVpvR+ hWuA== X-Gm-Message-State: APf1xPAuFP7luMktRvc1ZL2vBetcdeq+RYQ3yrC2KASiP3XOKpyj3vag s9yNYgYuYWvXJbeC3wuD5OBa6Q== X-Received: by 10.36.165.75 with SMTP id w11mr12127095iti.136.1519797820030; Tue, 27 Feb 2018 22:03:40 -0800 (PST) Received: from localhost.localdomain ([203.205.141.123]) by smtp.googlemail.com with ESMTPSA id h63sm852096ith.32.2018.02.27.22.03.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 27 Feb 2018 22:03:39 -0800 (PST) From: Wanpeng Li X-Google-Original-From: Wanpeng Li To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Liran Alon , Nadav Amit , Borislav Petkov , Tom Lendacky Subject: [PATCH RESEND v5 2/2] KVM: X86: Allow userspace to define the microcode version Date: Wed, 28 Feb 2018 14:03:31 +0800 Message-Id: <1519797811-4560-2-git-send-email-wanpengli@tencent.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519797811-4560-1-git-send-email-wanpengli@tencent.com> References: <1519797811-4560-1-git-send-email-wanpengli@tencent.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Wanpeng Li Linux (among the others) has checks to make sure that certain features aren't enabled on a certain family/model/stepping if the microcode version isn't greater than or equal to a known good version. By exposing the real microcode version, we're preventing buggy guests that don't check that they are running virtualized (i.e., they should trust the hypervisor) from disabling features that are effectively not buggy. Suggested-by: Filippo Sironi Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Liran Alon Cc: Nadav Amit Cc: Borislav Petkov Cc: Tom Lendacky Signed-off-by: Wanpeng Li --- v4 -> v5: * microcode_version be u64 and initialized suitable, remote hte shifts v3 -> v4: * add the shifts back v2 -> v3: * remove the shifts * add the MSR_IA32_UCODE_REV version to the "feature MSRs" v1 -> v2: * add MSR_IA32_UCODE_REV to emulated_msrs arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/svm.c | 4 +--- arch/x86/kvm/vmx.c | 1 + arch/x86/kvm/x86.c | 11 +++++++++-- 4 files changed, 12 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 938d453..df6720f 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -507,6 +507,7 @@ struct kvm_vcpu_arch { u64 smi_count; bool tpr_access_reporting; u64 ia32_xss; + u64 microcode_version; /* * Paging state of the vcpu diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index f874798..312f33f 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -1907,6 +1907,7 @@ static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) u32 dummy; u32 eax = 1; + vcpu->arch.microcode_version = 0x01000065; svm->spec_ctrl = 0; if (!init_event) { @@ -3962,9 +3963,6 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) msr_info->data = svm->spec_ctrl; break; - case MSR_IA32_UCODE_REV: - msr_info->data = 0x01000065; - break; case MSR_F15H_IC_CFG: { int family, model; diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 9968906..2cdbea7 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -5781,6 +5781,7 @@ static void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) vmx->rmode.vm86_active = 0; vmx->spec_ctrl = 0; + vcpu->arch.microcode_version = 0x100000000ULL; vmx->vcpu.arch.regs[VCPU_REGS_RDX] = get_rdx_init_val(); kvm_set_cr8(vcpu, 0); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index efc8554..5c93cbc 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1058,6 +1058,7 @@ static unsigned num_emulated_msrs; static u32 msr_based_features[] = { MSR_IA32_ARCH_CAPABILITIES, MSR_F10H_DECFG, + MSR_IA32_UCODE_REV, }; static unsigned int num_msr_based_features; @@ -1065,6 +1066,9 @@ static unsigned int num_msr_based_features; static int kvm_get_msr_feature(struct kvm_msr_entry *msr) { switch (msr->index) { + case MSR_IA32_UCODE_REV: + rdmsrl(msr->index, msr->data); + break; default: if (kvm_x86_ops->get_msr_feature(msr)) return 1; @@ -2260,7 +2264,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) switch (msr) { case MSR_AMD64_NB_CFG: - case MSR_IA32_UCODE_REV: case MSR_IA32_UCODE_WRITE: case MSR_VM_HSAVE_PA: case MSR_AMD64_PATCH_LOADER: @@ -2268,6 +2271,10 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) case MSR_AMD64_DC_CFG: break; + case MSR_IA32_UCODE_REV: + if (msr_info->host_initiated) + vcpu->arch.microcode_version = data; + break; case MSR_EFER: return set_efer(vcpu, data); case MSR_K7_HWCR: @@ -2563,7 +2570,7 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) msr_info->data = 0; break; case MSR_IA32_UCODE_REV: - msr_info->data = 0x100000000ULL; + msr_info->data = vcpu->arch.microcode_version; break; case MSR_MTRRcap: case 0x200 ... 0x2ff: -- 2.7.4