Skip to content

Commit b07a5c5

Browse files
bonzinibonzini
committed
KVM: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it
If X86_FEATURE_RTM is disabled, the guest should not be able to access MSR_IA32_TSX_CTRL. We can therefore use it in KVM to force all transactions from the guest to abort. Tested-by: Jim Mattson <[email protected]> Signed-off-by: Paolo Bonzini <[email protected]>
1 parent c11f83e commit b07a5c5

File tree

1 file changed

+30
-14
lines changed

1 file changed

+30
-14
lines changed

arch/x86/kvm/vmx/vmx.c

Lines changed: 30 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -639,6 +639,23 @@ struct shared_msr_entry *find_msr_entry(struct vcpu_vmx *vmx, u32 msr)
639639
return NULL;
640640
}
641641

642+
static int vmx_set_guest_msr(struct vcpu_vmx *vmx, struct shared_msr_entry *msr, u64 data)
643+
{
644+
int ret = 0;
645+
646+
u64 old_msr_data = msr->data;
647+
msr->data = data;
648+
if (msr - vmx->guest_msrs < vmx->save_nmsrs) {
649+
preempt_disable();
650+
ret = kvm_set_shared_msr(msr->index, msr->data,
651+
msr->mask);
652+
preempt_enable();
653+
if (ret)
654+
msr->data = old_msr_data;
655+
}
656+
return ret;
657+
}
658+
642659
void loaded_vmcs_init(struct loaded_vmcs *loaded_vmcs)
643660
{
644661
vmcs_clear(loaded_vmcs->vmcs);
@@ -2174,20 +2191,10 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
21742191
default:
21752192
find_shared_msr:
21762193
msr = find_msr_entry(vmx, msr_index);
2177-
if (msr) {
2178-
u64 old_msr_data = msr->data;
2179-
msr->data = data;
2180-
if (msr - vmx->guest_msrs < vmx->save_nmsrs) {
2181-
preempt_disable();
2182-
ret = kvm_set_shared_msr(msr->index, msr->data,
2183-
msr->mask);
2184-
preempt_enable();
2185-
if (ret)
2186-
msr->data = old_msr_data;
2187-
}
2188-
break;
2189-
}
2190-
ret = kvm_set_msr_common(vcpu, msr_info);
2194+
if (msr)
2195+
ret = vmx_set_guest_msr(vmx, msr, data);
2196+
else
2197+
ret = kvm_set_msr_common(vcpu, msr_info);
21912198
}
21922199

21932200
return ret;
@@ -7142,6 +7149,15 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu)
71427149
if (boot_cpu_has(X86_FEATURE_INTEL_PT) &&
71437150
guest_cpuid_has(vcpu, X86_FEATURE_INTEL_PT))
71447151
update_intel_pt_cfg(vcpu);
7152+
7153+
if (boot_cpu_has(X86_FEATURE_RTM)) {
7154+
struct shared_msr_entry *msr;
7155+
msr = find_msr_entry(vmx, MSR_IA32_TSX_CTRL);
7156+
if (msr) {
7157+
bool enabled = guest_cpuid_has(vcpu, X86_FEATURE_RTM);
7158+
vmx_set_guest_msr(vmx, msr, enabled ? 0 : TSX_CTRL_RTM_DISABLE);
7159+
}
7160+
}
71457161
}
71467162

71477163
static void vmx_set_supported_cpuid(u32 func, struct kvm_cpuid_entry2 *entry)

0 commit comments

Comments
 (0)