[xen stable-4.9] x86/msr: Correct the emulation behaviour of MSR_PRED_CMD

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[xen stable-4.9] x86/msr: Correct the emulation behaviour of MSR_PRED_CMD

patchbot
commit 921bff4ea79c5b0d76274c3bb53b08ac4f3cfd55
Author:     Andrew Cooper <[hidden email]>
AuthorDate: Wed Apr 18 16:43:23 2018 +0200
Commit:     Jan Beulich <[hidden email]>
CommitDate: Wed Apr 18 16:43:23 2018 +0200

    x86/msr: Correct the emulation behaviour of MSR_PRED_CMD
   
    Experimentally, the behaviour of reserved bits in MSR_PRED_CMD changed between
    beta and production microcode, and now raises a #GP fault for set reserved
    bits.  The AMD spec for future hardware also specifies this behaviour, and it
    is the more sensible behaviour to implement.
   
    Signed-off-by: Andrew Cooper <[hidden email]>
    Reviewed-by: Jan Beulich <[hidden email]>
   
    x86/msr: further correct the emulation behaviour of MSR_PRED_CMD
   
    Following commit a6aa678fa3 ("x86/msr: Correct the emulation behaviour
    of MSR_PRED_CMD") we may end up writing the low bit with the wrong
    value. While it's unlikely for a guest to want to write zero there, we
    should still permit (this without incurring the overhead of an actual
    barrier). Correcting this right away will also help whenever further
    bits in the MSR might become defined.
   
    Signed-off-by: Jan Beulich <[hidden email]>
    Acked-by: Andrew Cooper <[hidden email]>
    master commit: a6aa678fa380e9369cc44701a181142322b3a4b0
    master date: 2018-04-16 13:18:19 +0100
    master commit: a996273d1fc10d14598985703227bfa35a91f681
    master date: 2018-04-18 11:16:37 +0200
---
 xen/arch/x86/hvm/hvm.c | 10 ++++------
 xen/arch/x86/traps.c   | 10 ++++------
 2 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index df85b7b9c2..1a47ed98b4 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3629,12 +3629,10 @@ int hvm_msr_write_intercept(unsigned int msr, uint64_t msr_content,
         if ( !d->arch.cpuid->feat.ibrsb && !d->arch.cpuid->extd.ibpb )
             goto gp_fault; /* MSR available? */
 
-        /*
-         * The only defined behaviour is when writing PRED_CMD_IBPB.  In
-         * practice, real hardware accepts any value without faulting.
-         */
-        if ( msr_content & PRED_CMD_IBPB )
-            wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB);
+        if ( msr_content & ~PRED_CMD_IBPB )
+            goto gp_fault; /* Rsvd bit set? */
+
+        wrmsrl(MSR_PRED_CMD, msr_content);
         break;
 
     case MSR_ARCH_CAPABILITIES:
diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 3b1e62f9f5..b56a26a1af 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2881,12 +2881,10 @@ static int priv_op_write_msr(unsigned int reg, uint64_t val,
         if ( !currd->arch.cpuid->feat.ibrsb && !currd->arch.cpuid->extd.ibpb )
             break; /* MSR available? */
 
-        /*
-         * The only defined behaviour is when writing PRED_CMD_IBPB.  In
-         * practice, real hardware accepts any value without faulting.
-         */
-        if ( val & PRED_CMD_IBPB )
-            wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB);
+        if ( val & ~PRED_CMD_IBPB )
+            break; /* Rsvd bit set? */
+
+        wrmsrl(MSR_PRED_CMD, val);
         return X86EMUL_OKAY;
 
     case MSR_INTEL_MISC_FEATURES_ENABLES:
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.9

_______________________________________________
Xen-changelog mailing list
[hidden email]
https://lists.xenproject.org/xen-changelog