From: Sean Christopherson <seanjc@google.com>
To: Aaron Lewis <aaronlewis@google.com>
Cc: kvm@vger.kernel.org, pbonzini@redhat.com, jmattson@google.com
Subject: Re: [RFC PATCH v2 1/3] KVM: x86: Protect the unused bits in the MSR filtering / exiting flags
Date: Wed, 20 Jul 2022 23:31:03 +0000 [thread overview]
Message-ID: <YtiQN4LB7a6tE4UD@google.com> (raw)
In-Reply-To: <20220719234950.3612318-2-aaronlewis@google.com>
On Tue, Jul 19, 2022, Aaron Lewis wrote:
> The flags used in KVM_CAP_X86_USER_SPACE_MSR and KVM_X86_SET_MSR_FILTER
> have no protection for their unused bits. Without protection, future
> development for these features will be difficult. Add the protection
> needed to make it possible to extend these features in the future.
>
> Signed-off-by: Aaron Lewis <aaronlewis@google.com>
> ---
> arch/x86/include/uapi/asm/kvm.h | 1 +
> arch/x86/kvm/x86.c | 6 ++++++
> include/uapi/linux/kvm.h | 3 +++
> 3 files changed, 10 insertions(+)
>
> diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
> index ee3896416c68..63691a4c62d0 100644
> --- a/arch/x86/include/uapi/asm/kvm.h
> +++ b/arch/x86/include/uapi/asm/kvm.h
> @@ -224,6 +224,7 @@ struct kvm_msr_filter_range {
> struct kvm_msr_filter {
> #define KVM_MSR_FILTER_DEFAULT_ALLOW (0 << 0)
Well this is silly. Can we wrap this with
#ifdef __KERNEL__
#define KVM_MSR_FILTER_DEFAULT_ALLOW (0 << 0)
#endif
so that we don't try to use it in the kernel? E.g. I can see someone doing
if (filter.flags & KVM_MSR_FILTER_DEFAULT_ALLOW)
<allow the MSR>
and getting really confused when that doesn't work.
Or if we're feeling lucky, just remove it entirely as userspace doing
filter.flags &= KVM_MSR_FILTER_DEFAULT_ALLOW;
is going to make someone sad someday.
> #define KVM_MSR_FILTER_DEFAULT_DENY (1 << 0)
> +#define KVM_MSR_FILTER_VALID_MASK (KVM_MSR_FILTER_DEFAULT_DENY)
> __u32 flags;
> struct kvm_msr_filter_range ranges[KVM_MSR_FILTER_MAX_RANGES];
> };
next prev parent reply other threads:[~2022-07-20 23:31 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-19 23:49 [RFC PATCH v2 0/3] MSR filtering / exiting flag cleanup Aaron Lewis
2022-07-19 23:49 ` [RFC PATCH v2 1/3] KVM: x86: Protect the unused bits in the MSR filtering / exiting flags Aaron Lewis
2022-07-20 23:31 ` Sean Christopherson [this message]
2022-07-22 15:35 ` Aaron Lewis
2022-07-19 23:49 ` [PATCH v2 2/3] KVM: x86: Add a VALID_MASK for the flags in kvm_msr_filter_range Aaron Lewis
2022-07-19 23:49 ` [RFC PATCH v2 3/3] selftests: kvm/x86: Test the flags in MSR filtering / exiting Aaron Lewis
2022-07-20 23:23 ` Sean Christopherson
2022-07-21 2:28 ` Aaron Lewis
2022-07-21 16:21 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YtiQN4LB7a6tE4UD@google.com \
--to=seanjc@google.com \
--cc=aaronlewis@google.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.