tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

KVM: x86: hyper-v: Check if guest is allowed to use XMM registers for hypercall input

TLFS states that "Availability of the XMM fast hypercall interface is
indicated via the “Hypervisor Feature Identification” CPUID Leaf
(0x40000003, see section 2.4.4) ... Any attempt to use this interface
when the hypervisor does not indicate availability will result in a #UD
fault."

Implement the check for 'strict' mode (KVM_CAP_HYPERV_ENFORCE_CPUID).

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Reviewed-by: Siddharth Chandrasekaran <sidcha@amazon.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210730122625.112848-4-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

authored by

Vitaly Kuznetsov and committed by
Paolo Bonzini 4e62aa96 f5714bbb

+11 -2
+11 -2
arch/x86/kvm/hyperv.c
··· 2140 2140 2141 2141 int kvm_hv_hypercall(struct kvm_vcpu *vcpu) 2142 2142 { 2143 + struct kvm_vcpu_hv *hv_vcpu = to_hv_vcpu(vcpu); 2143 2144 struct kvm_hv_hcall hc; 2144 2145 u64 ret = HV_STATUS_SUCCESS; 2145 2146 ··· 2178 2177 trace_kvm_hv_hypercall(hc.code, hc.fast, hc.rep_cnt, hc.rep_idx, 2179 2178 hc.ingpa, hc.outgpa); 2180 2179 2181 - if (unlikely(!hv_check_hypercall_access(to_hv_vcpu(vcpu), hc.code))) { 2180 + if (unlikely(!hv_check_hypercall_access(hv_vcpu, hc.code))) { 2182 2181 ret = HV_STATUS_ACCESS_DENIED; 2183 2182 goto hypercall_complete; 2184 2183 } 2185 2184 2186 - if (hc.fast && is_xmm_fast_hypercall(&hc)) 2185 + if (hc.fast && is_xmm_fast_hypercall(&hc)) { 2186 + if (unlikely(hv_vcpu->enforce_cpuid && 2187 + !(hv_vcpu->cpuid_cache.features_edx & 2188 + HV_X64_HYPERCALL_XMM_INPUT_AVAILABLE))) { 2189 + kvm_queue_exception(vcpu, UD_VECTOR); 2190 + return 1; 2191 + } 2192 + 2187 2193 kvm_hv_hypercall_read_xmm(&hc); 2194 + } 2188 2195 2189 2196 switch (hc.code) { 2190 2197 case HVCALL_NOTIFY_LONG_SPIN_WAIT: