x86: explicitly disallow guest access to PPIN

To fulfill the "protected" in its name, don't let the real hardware values leak. While we could report a control register value expressing this (which I would have preferred), unconditionally raise #GP for all accesses (in the interest of getting this done). Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
author: Jan Beulich <jbeulich@suse.com> 2019-12-20 16:30:13 +0100
committer: Jan Beulich <jbeulich@suse.com> 2019-12-20 16:30:13 +0100
commit: 619a7119da6a57ffe8bdd0f382e011eef05fbec2 (patch)
tree: d3a2044ea1aa4c4966690da1338fc65cfa407306 /xen/arch/x86/msr.c
parent: b1710040ca9628a6517bfc06f87dcbb670f8743e (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index da504ce7ae..785574de67 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arch/x86/msr.c
@@ -136,6 +136,10 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val)
     case MSR_TSX_CTRL:
     case MSR_AMD64_LWP_CFG:
     case MSR_AMD64_LWP_CBADDR:
+    case MSR_PPIN_CTL:
+    case MSR_PPIN:
+    case MSR_AMD_PPIN_CTL:
+    case MSR_AMD_PPIN:
         /* Not offered to guests. */
         goto gp_fault;
 
@@ -279,6 +283,10 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val)
     case MSR_TSX_CTRL:
     case MSR_AMD64_LWP_CFG:
     case MSR_AMD64_LWP_CBADDR:
+    case MSR_PPIN_CTL:
+    case MSR_PPIN:
+    case MSR_AMD_PPIN_CTL:
+    case MSR_AMD_PPIN:
         /* Not offered to guests. */
         goto gp_fault;
author	Jan Beulich <jbeulich@suse.com>	2019-12-20 16:30:13 +0100
committer	Jan Beulich <jbeulich@suse.com>	2019-12-20 16:30:13 +0100
commit	619a7119da6a57ffe8bdd0f382e011eef05fbec2 (patch)
tree	d3a2044ea1aa4c4966690da1338fc65cfa407306 /xen/arch/x86/msr.c
parent	b1710040ca9628a6517bfc06f87dcbb670f8743e (diff)