Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp660467pxk; Wed, 16 Sep 2020 13:38:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJztwoETRifFUsxi9BDJv0rNdRPTJhV/a5GFwEAqhWI2qo1tyM8MuYgGH+zuPpDl5md019aZ X-Received: by 2002:a17:906:e08f:: with SMTP id gh15mr26792991ejb.443.1600288735453; Wed, 16 Sep 2020 13:38:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600288735; cv=none; d=google.com; s=arc-20160816; b=jxClft0lKwHHo1xsGj528f1+INEDPU1j+eblB/sThct+Jv/bhKtNrXy3c258Ftnb9U Sj9Msjhi/5qhb/YdIblaPSdzQvIhgJ3lMf4J5ORLvXYU2bNuLg09uq9xqVnnndpe4Wp4 URBnzisC1W5sur3q7goE9L/tbqH+VGE/4kOaczvyWeQZg3RXuviXncxSV6JKT68SU4R/ o1VyUHtbVcpyPGW2cHcvTBZSJlOADbUswyrLMc0h92CYhBna4QwymzwK28Ip0SupHzyC /cEU8igWyJlSTYB89TcyYKRI6icpzYRbnQIpy2bVK7BP1o0+1DcztZxn9yRkM7vuao8x NMYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=dGZqVnUoL1EJHSp3OUeSnhcSg8wLbGG2vxHUgbmqNo4=; b=IXdrdE2PLXg3JSRG13Juayj6uzfK/99X+0MO6DxJwMwMGfbkT6SmRnIZgnZ0B/3h1c BpbbV1ZD08XMNnHxpgNO9Z7xDZ0k8jX96JpVBNJTu0/ksBiywSfdaaP72VPLfuTD1FiF lw1hhW5InQzOCIdAbKDWzoShqOaEX6cgmiqn3pO0qyKOh84FNjCkk15DeuPRS50i0I17 N3+sDj1Izzx5E5DTGG7V8WhpaWYeKZwlOukrV45x8rsJ/QXfXZJesN6I0kwlpCVqPR/C PrK4cYP1SxUSafOSeYCPboLElL2MKZezSZ5y9ZX+mcbLSTz5gcskQs+O7y+EKF99ts0W 5ILA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=BY1r0hvX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id rk18si12074428ejb.599.2020.09.16.13.38.32; Wed, 16 Sep 2020 13:38:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=BY1r0hvX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728426AbgIPUgY (ORCPT + 99 others); Wed, 16 Sep 2020 16:36:24 -0400 Received: from smtp-fw-9101.amazon.com ([207.171.184.25]:13213 "EHLO smtp-fw-9101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728388AbgIPUgU (ORCPT ); Wed, 16 Sep 2020 16:36:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1600288580; x=1631824580; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to:content-transfer-encoding; bh=dGZqVnUoL1EJHSp3OUeSnhcSg8wLbGG2vxHUgbmqNo4=; b=BY1r0hvXKDxFwRfd9tq5GV/+D7P+fyujuuZgrIJ4DIVTMixNrAiC+kRP duqMSg74MW634LBF4yI30NTjqpNtfLP3L3kWgu5HZfkMOvEwPem1zVaia jgK3tP7P5f1gVT5RwBf58hm3GUDETsFLbUJQfYQflRokUaaP61dPyJgB/ Q=; X-IronPort-AV: E=Sophos;i="5.76,434,1592870400"; d="scan'208";a="68664417" Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-2a-53356bf6.us-west-2.amazon.com) ([10.47.23.38]) by smtp-border-fw-out-9101.sea19.amazon.com with ESMTP; 16 Sep 2020 20:36:15 +0000 Received: from EX13MTAUWC001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162]) by email-inbound-relay-2a-53356bf6.us-west-2.amazon.com (Postfix) with ESMTPS id 929BFA1783; Wed, 16 Sep 2020 20:36:14 +0000 (UTC) Received: from EX13D20UWC001.ant.amazon.com (10.43.162.244) by EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 16 Sep 2020 20:36:14 +0000 Received: from freeip.amazon.com (10.43.161.237) by EX13D20UWC001.ant.amazon.com (10.43.162.244) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 16 Sep 2020 20:36:10 +0000 Subject: Re: [PATCH v6 5/7] KVM: x86: VMX: Prevent MSR passthrough when MSR access is denied To: Aaron Lewis CC: Paolo Bonzini , Jonathan Corbet , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , KarimAllah Raslan , Dan Carpenter , kvm list , , References: <20200902125935.20646-1-graf@amazon.com> <20200902125935.20646-6-graf@amazon.com> From: Alexander Graf Message-ID: Date: Wed, 16 Sep 2020 22:36:08 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.2.2 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US X-Originating-IP: [10.43.161.237] X-ClientProxiedBy: EX13D44UWB001.ant.amazon.com (10.43.161.32) To EX13D20UWC001.ant.amazon.com (10.43.162.244) Content-Type: text/plain; charset="utf-8"; format="flowed" Content-Transfer-Encoding: base64 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org CgpPbiAxNi4wOS4yMCAyMjoxMywgQWFyb24gTGV3aXMgd3JvdGU6Cj4gCj4+Pgo+Pj4+ICsKPj4+ PiAgICAvKgo+Pj4+ICAgICAqIFRoZXNlIDIgcGFyYW1ldGVycyBhcmUgdXNlZCB0byBjb25maWcg dGhlIGNvbnRyb2xzIGZvciBQYXVzZS1Mb29wIEV4aXRpbmc6Cj4+Pj4gICAgICogcGxlX2dhcDog ICAgdXBwZXIgYm91bmQgb24gdGhlIGFtb3VudCBvZiB0aW1lIGJldHdlZW4gdHdvIHN1Y2Nlc3Np dmUKPj4+PiBAQCAtNjIyLDYgKzY0Miw0MSBAQCBzdGF0aWMgaW5saW5lIGJvb2wgcmVwb3J0X2Zs ZXhwcmlvcml0eSh2b2lkKQo+Pj4+ICAgICAgICAgICByZXR1cm4gZmxleHByaW9yaXR5X2VuYWJs ZWQ7Cj4+Pj4gICAgfQo+Pj4KPj4+IE9uZSB0aGluZyB0aGF0IHNlZW1zIHRvIGJlIG1pc3Npbmcg aXMgcmVtb3ZpbmcgTVNScyBmcm9tIHRoZQo+Pj4gcGVybWlzc2lvbiBiaXRtYXAgb3IgcmVzZXR0 aW5nIHRoZSBwZXJtaXNzaW9uIGJpdG1hcCB0byBpdHMgb3JpZ2luYWwKPj4+IHN0YXRlIGJlZm9y ZSBhZGRpbmcgY2hhbmdlcyBvbiB0b3Agb2YgaXQuICBUaGlzIHdvdWxkIGJlIG5lZWRlZCBvbgo+ Pj4gc3Vic2VxdWVudCBjYWxscyB0byBrdm1fdm1faW9jdGxfc2V0X21zcl9maWx0ZXIoKS4gIFdo ZW4gdGhhdCBoYXBwZW5zCj4+PiB0aGUgb3JpZ2luYWwgY2hhbmdlcyBtYWRlIGJ5IEtWTV9SRVFf TVNSX0ZJTFRFUl9DSEFOR0VEIG5lZWQgdG8gYmUKPj4+IGJhY2tlZCBvdXQgYmVmb3JlIGFwcGx5 aW5nIHRoZSBuZXcgc2V0Lgo+Pgo+PiBJJ20gbm90IHN1cmUgSSBmb2xsb3cuIFN1YnNlcXVlbnQg Y2FsbHMgdG8gc2V0X21zcl9maWx0ZXIoKSB3aWxsIGludm9rZQo+PiB0aGUgInBsZWFzZSByZXNl dCB0aGUgd2hvbGUgTVNSIHBhc3N0aHJvdWdoIGJpdG1hcCB0byBhIGNvbnNpc3RlbnQKPj4gc3Rh dGUiIHdoaWNoIHdpbGwgdGhlbiByZWFwcGx5IHRoZSBpbi1rdm0gZGVzaXJlZCBzdGF0ZSB0aHJv dWdoIHRoZQo+PiBiaXRtYXAgYW5kIGZpbHRlciBzdGF0ZSBvbiB0b3Agb24gZWFjaCBvZiB0aG9z ZS4KPj4KPiAKPiBZZXMsIHlvdSdyZSBjb3JyZWN0LiAgSSBkaXNjb3ZlcmVkIHRoaXMgYWZ0ZXIg dGhlIGZhY3QgYnkgYWRkaW5nIGEKPiB0ZXN0IHRvIHRoZSBzZWxmdGVzdCBJIHdyb3RlIGZvciB0 aGUgZGVueSBsaXN0IHN5c3RlbSB3aGljaCBJIHJldmFtcGVkCj4gdG8gd29yayBmb3IgeW91ciBm aWx0ZXIgc3lzdGVtLiAgSXQgcHJvdmVkIHRoZSBwZXJtaXNzaW9uIGJpdG1hcHMgYXJlCj4gaW4g ZmFjdCBzZXQgYXMgZXhwZWN0ZWQgb24gc3Vic2VxdWVudCBjYWxscy4gIFlvdSBjYW4gZGlzcmVn YXJkIHRoaXMKPiBjb21tZW50Lgo+IAo+IEFzIGEgc2lkZSBub3RlLCBJJ20gaGFwcHkgdG8gc2hh cmUgdGhlIHRlc3QgaWYgeW91J2QgbGlrZS4gSSBhbHNvIHVzZWQKPiBpdCB0byB1bmNvdmVyIGFu IGlzc3VlIGluIHRoZSBmaXJzdCBjb21taXQgb2YgdGhpcyBzZXJpZXMuCgpJIHJlYWxseSBlbmpv eSB0aGUgdGVzdHMgdGhhdCB5b3Ugc3VibWl0dGVkIGFuZCB3b3VsZCBsb3ZlIHRvIHNlZSB5b3Ug CmFkZCB5b3VyIHRlc3QgY292ZXJhZ2UgdG8gdGhlIGZpbHRlcmluZyBwYXRjaCBzZXQgOikKCgpU aGFua3MhCgpBbGV4CgoKCgpBbWF6b24gRGV2ZWxvcG1lbnQgQ2VudGVyIEdlcm1hbnkgR21iSApL cmF1c2Vuc3RyLiAzOAoxMDExNyBCZXJsaW4KR2VzY2hhZWZ0c2Z1ZWhydW5nOiBDaHJpc3RpYW4g U2NobGFlZ2VyLCBKb25hdGhhbiBXZWlzcwpFaW5nZXRyYWdlbiBhbSBBbXRzZ2VyaWNodCBDaGFy bG90dGVuYnVyZyB1bnRlciBIUkIgMTQ5MTczIEIKU2l0ejogQmVybGluClVzdC1JRDogREUgMjg5 IDIzNyA4NzkKCgo=