[PATCH 1/3] kvm: vmx: Do not disable intercepts for BNDCFGS

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Jim Mattson <jmattson@google.com>
To: kvm@vger.kernel.org
Cc: Jim Mattson <jmattson@google.com>
Subject: [PATCH 1/3] kvm: vmx: Do not disable intercepts for BNDCFGS
Date: Tue, 23 May 2017 11:52:52 -0700	[thread overview]
Message-ID: <20170523185254.98780-1-jmattson@google.com> (raw)

The MSR permission bitmaps are shared by all VMs. However, some VMs
may not be configured to support MPX, even when the host does. If the
host supports VMX and the guest does not, we should intercept accesses
to the BNDCFGS MSR, so that we can synthesize a #GP
fault. Furthermore, if the host does not support MPX and the
"ignore_msrs" kvm kernel parameter is set, then we should intercept
accesses to the BNDCFGS MSR, so that we can skip over the rdmsr/wrmsr
without raising a #GP fault.

Fixes: da8999d31818fdc8 ("KVM: x86: Intel MPX vmx and msr handle")
Signed-off-by: Jim Mattson <jmattson@google.com>
---
 arch/x86/kvm/vmx.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index c6f4ad44aa95..763d27ee00fb 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -6547,7 +6547,6 @@ static __init int hardware_setup(void)
 	vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_CS, false);
 	vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_ESP, false);
 	vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_EIP, false);
-	vmx_disable_intercept_for_msr(MSR_IA32_BNDCFGS, true);

 	memcpy(vmx_msr_bitmap_legacy_x2apic_apicv,
 			vmx_msr_bitmap_legacy, PAGE_SIZE);
-- 
2.13.0.219.gdb65acc882-goog

next             reply	other threads:[~2017-05-23 18:53 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-23 18:52 Jim Mattson [this message]
2017-05-23 18:52 ` [PATCH 2/3] kvm: vmx: Guest BNDCFGS requires guest MPX support Jim Mattson
2017-05-24 13:08   ` kbuild test robot
2017-05-24 16:22     ` [PATCH 2/3 v2] kvm: x86: " Jim Mattson
2017-05-24 17:28       ` Radim Krčmář
2017-05-24 17:40         ` Jim Mattson
2017-05-24 17:49           ` [PATCH 2/3 v3] " Jim Mattson
2017-05-24 18:22             ` Radim Krčmář
2017-05-23 18:52 ` [PATCH 3/3] kvm: vmx: Check value written to IA32_BNDCFGS Jim Mattson
2017-05-24 15:09   ` Radim Krčmář
2017-05-24 15:05 ` [PATCH 1/3] kvm: vmx: Do not disable intercepts for BNDCFGS Radim Krčmář
2017-06-07 14:31 ` Radim Krčmář

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:c6f4ad44aa9 dfblob:763d27ee00f )
 OR (
bs:"[PATCH 1/3] kvm: vmx: Do not disable intercepts for BNDCFGS" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170523185254.98780-1-jmattson@google.com \
    --to=jmattson@google.com \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox