x86/sev: Harden #VC instruction emulation somewhat (e3ef461a) · Commits · git / linux-nf

arch/x86/boot/compressed/sev.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -304,6 +304,10 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code)
		if (result != ES_OK)
		goto finish;

		result = vc_check_opcode_bytes(&ctxt, exit_code);
		if (result != ES_OK)
		goto finish;

		switch (exit_code) {
		case SVM_EXIT_RDTSC:
		case SVM_EXIT_RDTSCP:

arch/x86/kernel/sev-shared.c

+100 −2

Original line number	Diff line number	Diff line
		@@ -12,9 +12,13 @@
		#ifndef __BOOT_COMPRESSED
		#define error(v) pr_err(v)
		#define has_cpuflag(f) boot_cpu_has(f)
		#define sev_printk(fmt, ...) printk(fmt, ##__VA_ARGS__)
		#define sev_printk_rtl(fmt, ...) printk_ratelimited(fmt, ##__VA_ARGS__)
		#else
		#undef WARN
		#define WARN(condition, format...) (!!(condition))
		#define sev_printk(fmt, ...)
		#define sev_printk_rtl(fmt, ...)
		#endif

		/* I/O parameters for CPUID-related helpers */
		@@ -574,6 +578,7 @@ void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code)
		{
		unsigned int subfn = lower_bits(regs->cx, 32);
		unsigned int fn = lower_bits(regs->ax, 32);
		u16 opcode = (unsigned short )regs->ip;
		struct cpuid_leaf leaf;
		int ret;

		@@ -581,6 +586,10 @@ void __init do_vc_no_ghcb(struct pt_regs *regs, unsigned long exit_code)
		if (exit_code != SVM_EXIT_CPUID)
		goto fail;

		/* Is it really a CPUID insn? */
		if (opcode != 0xa20f)
		goto fail;

		leaf.fn = fn;
		leaf.subfn = subfn;

		@@ -1170,3 +1179,92 @@ static int vmgexit_psc(struct ghcb ghcb, struct snp_psc_desc desc)
		out:
		return ret;
		}

		static enum es_result vc_check_opcode_bytes(struct es_em_ctxt *ctxt,
		unsigned long exit_code)
		{
		unsigned int opcode = (unsigned int)ctxt->insn.opcode.value;
		u8 modrm = ctxt->insn.modrm.value;

		switch (exit_code) {

		case SVM_EXIT_IOIO:
		case SVM_EXIT_NPF:
		/* handled separately */
		return ES_OK;

		case SVM_EXIT_CPUID:
		if (opcode == 0xa20f)
		return ES_OK;
		break;

		case SVM_EXIT_INVD:
		if (opcode == 0x080f)
		return ES_OK;
		break;

		case SVM_EXIT_MONITOR:
		if (opcode == 0x010f && modrm == 0xc8)
		return ES_OK;
		break;

		case SVM_EXIT_MWAIT:
		if (opcode == 0x010f && modrm == 0xc9)
		return ES_OK;
		break;

		case SVM_EXIT_MSR:
		/* RDMSR */
		if (opcode == 0x320f \|\|
		/* WRMSR */
		opcode == 0x300f)
		return ES_OK;
		break;

		case SVM_EXIT_RDPMC:
		if (opcode == 0x330f)
		return ES_OK;
		break;

		case SVM_EXIT_RDTSC:
		if (opcode == 0x310f)
		return ES_OK;
		break;

		case SVM_EXIT_RDTSCP:
		if (opcode == 0x010f && modrm == 0xf9)
		return ES_OK;
		break;

		case SVM_EXIT_READ_DR7:
		if (opcode == 0x210f &&
		X86_MODRM_REG(ctxt->insn.modrm.value) == 7)
		return ES_OK;
		break;

		case SVM_EXIT_VMMCALL:
		if (opcode == 0x010f && modrm == 0xd9)
		return ES_OK;

		break;

		case SVM_EXIT_WRITE_DR7:
		if (opcode == 0x230f &&
		X86_MODRM_REG(ctxt->insn.modrm.value) == 7)
		return ES_OK;
		break;

		case SVM_EXIT_WBINVD:
		if (opcode == 0x90f)
		return ES_OK;
		break;

		default:
		break;
		}

		sev_printk(KERN_ERR "Wrong/unhandled opcode bytes: 0x%x, exit_code: 0x%lx, rIP: 0x%lx\n",
		opcode, exit_code, ctxt->regs->ip);

		return ES_UNSUPPORTED;
		}

arch/x86/kernel/sev.c

+4 −1

Original line number	Diff line number	Diff line
		@@ -1752,7 +1752,10 @@ static enum es_result vc_handle_exitcode(struct es_em_ctxt *ctxt,
		struct ghcb *ghcb,
		unsigned long exit_code)
		{
		enum es_result result;
		enum es_result result = vc_check_opcode_bytes(ctxt, exit_code);

		if (result != ES_OK)
		return result;

		switch (exit_code) {
		case SVM_EXIT_READ_DR7: