KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR

This lets userspace read the MSR_IA32_ARCH_CAPABILITIES and check that all requested features are available on the host. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> CVE-2018-3620 CVE-2018-3646 (backported from commit cd283252) [tyhicks: Adjust for the missing MSR_F10H_DECFG and MSR_IA32_UCODE_REV feature MSRs which do not exist in 4.15] Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
This lets userspace read the MSR_IA32_ARCH_CAPABILITIES and check that all requested features are available on the host. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> CVE-2018-3620 CVE-2018-3646 (backported from commit cd283252) [tyhicks: Adjust for the missing MSR_F10H_DECFG and MSR_IA32_UCODE_REV feature MSRs which do not exist in 4.15] Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
e5559836 · Paolo Bonzini · Stefan Bader · d59679db · e5559836
Commit e5559836 authored Jun 25, 2018 by Paolo Bonzini Committed by Stefan Bader Aug 08, 2018
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

arch/x86/kvm/x86.c arch/x86/kvm/x86.c +4 -0

No files found.
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -998,6 +998,7 @@ static unsigned num_emulated_msrs;
 * can be used by a hypervisor to validate requested CPU features.
 */
 static u32 msr_based_features[] = {
+	MSR_IA32_ARCH_CAPABILITIES,
 };

 static unsigned int num_msr_based_features;
@@ -1005,6 +1006,9 @@ static unsigned int num_msr_based_features;
 static int kvm_get_msr_feature(struct kvm_msr_entry *msr)
 {
 	switch (msr->index) {
+	case MSR_IA32_ARCH_CAPABILITIES:
+		rdmsrl_safe(msr->index, &msr->data);
+		break;
 	default:
 		if (kvm_x86_ops->get_msr_feature(msr))
 			return 1;