x86: tighten conditions under which writing certain MSRs is permitted

MSRs that control physical CPU aspects generally are pointless (and possibly dangerous) to be written when the writer isn't sufficiently aware that it's running virtualized. Signed-off-by: Jan Beulich <jbeulich@novell.com>
author: Keir Fraser <keir@xen.org> 2011-02-10 14:19:23 +0000
committer: Keir Fraser <keir@xen.org> 2011-02-10 14:19:23 +0000
commit: 68ef426319e7d3cfe95b980cfb88f2776450df70 (patch)
tree: 349ca01b90f73163b8e520b871578b12f886f289
parent: 8ad67c8e05b9dec349d8cc0a72acdb872f39dd0d (diff)
download: xen-68ef426319e7d3cfe95b980cfb88f2776450df70.tar.gz
xen-68ef426319e7d3cfe95b980cfb88f2776450df70.tar.bz2
xen-68ef426319e7d3cfe95b980cfb88f2776450df70.zip
1 files changed, 6 insertions, 4 deletions
diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 97e3dc4a40..81141fd4f1 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2282,7 +2282,7 @@ static int emulate_privileged_op(struct cpu_user_regs *regs)
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
                  boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
                 goto fail;
-            if ( !IS_PRIV(v->domain) )
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
                 break;
             if ( (rdmsr_safe(MSR_AMD64_NB_CFG, val) != 0) ||
                  (eax != (uint32_t)val) ||
@@ -2295,7 +2295,7 @@ static int emulate_privileged_op(struct cpu_user_regs *regs)
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD ||
                  boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 )
                 goto fail;
-            if ( !IS_PRIV(v->domain) )
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
                 break;
             if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, val) != 0) )
                 goto fail;
@@ -2317,6 +2317,8 @@ static int emulate_privileged_op(struct cpu_user_regs *regs)
         case MSR_IA32_UCODE_REV:
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
                 goto fail;
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
+                break;
             if ( rdmsr_safe(regs->ecx, val) )
                 goto fail;
             if ( msr_content )
@@ -2324,7 +2326,7 @@ static int emulate_privileged_op(struct cpu_user_regs *regs)
             break;
         case MSR_IA32_MISC_ENABLE:
             if ( rdmsr_safe(regs->ecx, val) )
-                goto invalid;
+                goto fail;
             val = guest_misc_enable(val);
             if ( msr_content != val )
                 goto invalid;
@@ -2351,7 +2353,7 @@ static int emulate_privileged_op(struct cpu_user_regs *regs)
         case MSR_IA32_ENERGY_PERF_BIAS:
             if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL )
                 goto fail;
-            if ( (v->domain->domain_id != 0) || !is_pinned_vcpu(v) )
+            if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) )
                 break;
             if ( wrmsr_safe(regs->ecx, msr_content) != 0 )
                 goto fail;
author	Keir Fraser <keir@xen.org>	2011-02-10 14:19:23 +0000
committer	Keir Fraser <keir@xen.org>	2011-02-10 14:19:23 +0000
commit	68ef426319e7d3cfe95b980cfb88f2776450df70 (patch)
tree	349ca01b90f73163b8e520b871578b12f886f289
parent	8ad67c8e05b9dec349d8cc0a72acdb872f39dd0d (diff)
download	xen-68ef426319e7d3cfe95b980cfb88f2776450df70.tar.gz xen-68ef426319e7d3cfe95b980cfb88f2776450df70.tar.bz2 xen-68ef426319e7d3cfe95b980cfb88f2776450df70.zip