Skip to content

Commit 25f3840

Browse files
yang-weijiangsean-jc
yang-weijiang
authored and
sean-jc
committed
KVM: VMX: Set up interception for CET MSRs
Disable interception for CET MSRs that can be accessed via XSAVES/XRSTORS, and exist accordingly to CPUID, as accesses through XSTATE aren't subject to MSR interception checks, i.e. can't be intercepted without intercepting and emulating XSAVES/XRSTORS, and KVM doesn't support emulating XSAVE/XRSTOR instructions. Don't condition interception on the guest actually having XSAVES as there is no benefit to intercepting the accesses (when the MSRs exist). The MSRs in question are either context switched by the CPU on VM-Enter/VM-Exit or by KVM via XSAVES/XRSTORS (KVM requires XSAVES to virtualization SHSTK), i.e. KVM is going to load guest values into hardware irrespective of guest XSAVES support. Suggested-by: Sean Christopherson <seanjc@google.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> Tested-by: Mathias Krause <minipli@grsecurity.net> Tested-by: John Allen <john.allen@amd.com> Tested-by: Rick Edgecombe <rick.p.edgecombe@intel.com> Signed-off-by: Chao Gao <chao.gao@intel.com> Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: Xin Li (Intel) <xin@zytor.com> Link: https://lore.kernel.org/r/20250919223258.1604852-17-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
1 parent 1a61bd0 commit 25f3840

File tree

1 file changed

+19
-0
lines changed

1 file changed

+19
-0
lines changed

arch/x86/kvm/vmx/vmx.c

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4088,6 +4088,8 @@ void pt_update_intercept_for_msr(struct kvm_vcpu *vcpu)
40884088

40894089
static void vmx_recalc_msr_intercepts(struct kvm_vcpu *vcpu)
40904090
{
4091+
bool intercept;
4092+
40914093
if (!cpu_has_vmx_msr_bitmap())
40924094
return;
40934095

@@ -4133,6 +4135,23 @@ static void vmx_recalc_msr_intercepts(struct kvm_vcpu *vcpu)
41334135
vmx_set_intercept_for_msr(vcpu, MSR_IA32_FLUSH_CMD, MSR_TYPE_W,
41344136
!guest_cpu_cap_has(vcpu, X86_FEATURE_FLUSH_L1D));
41354137

4138+
if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) {
4139+
intercept = !guest_cpu_cap_has(vcpu, X86_FEATURE_SHSTK);
4140+
4141+
vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP, MSR_TYPE_RW, intercept);
4142+
vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP, MSR_TYPE_RW, intercept);
4143+
vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP, MSR_TYPE_RW, intercept);
4144+
vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP, MSR_TYPE_RW, intercept);
4145+
}
4146+
4147+
if (kvm_cpu_cap_has(X86_FEATURE_SHSTK) || kvm_cpu_cap_has(X86_FEATURE_IBT)) {
4148+
intercept = !guest_cpu_cap_has(vcpu, X86_FEATURE_IBT) &&
4149+
!guest_cpu_cap_has(vcpu, X86_FEATURE_SHSTK);
4150+
4151+
vmx_set_intercept_for_msr(vcpu, MSR_IA32_U_CET, MSR_TYPE_RW, intercept);
4152+
vmx_set_intercept_for_msr(vcpu, MSR_IA32_S_CET, MSR_TYPE_RW, intercept);
4153+
}
4154+
41364155
/*
41374156
* x2APIC and LBR MSR intercepts are modified on-demand and cannot be
41384157
* filtered by userspace.

0 commit comments

Comments
 (0)