Wed Aug 26 16:29:20 2020 UTC ()

nvmm-x86-svm: don't forget to intercept INVD

INVD executed in the guest can be dangerous for the host, due to CPU
caches being flushed without write-back.


(maxv)

diff -r1.71 -r1.72 src/sys/dev/nvmm/x86/nvmm_x86_svm.c

--- src/sys/dev/nvmm/x86/nvmm_x86_svm.c 2020/08/22 10:59:05	1.71
+++ src/sys/dev/nvmm/x86/nvmm_x86_svm.c 2020/08/26 16:29:19	1.72

 @@ -1,14 +1,14 @@
-/*	$NetBSD: nvmm_x86_svm.c,v 1.71 2020/08/22 10:59:05 maxv Exp $	*/
+/*	$NetBSD: nvmm_x86_svm.c,v 1.72 2020/08/26 16:29:19 maxv Exp $	*/
 /*
  * Copyright (c) 2018-2020 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Maxime Villard.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
 @@ -20,27 +20,27 @@
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_svm.c,v 1.71 2020/08/22 10:59:05 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_svm.c,v 1.72 2020/08/26 16:29:19 maxv Exp $");
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/kernel.h>
 #include <sys/kmem.h>
 #include <sys/cpu.h>
 #include <sys/xcall.h>
 #include <sys/mman.h>
 #include <uvm/uvm.h>
 #include <uvm/uvm_page.h>
 #include <x86/cputypes.h>
 @@ -2108,40 +2108,40 @@ svm_vcpu_init(struct nvmm_machine *mach,
 	 *  - RIDTR [reads of IDTR]
 	 *  - RGDTR [reads of GDTR]
 	 *  - RLDTR [reads of LDTR]
 	 *  - RTR [reads of TR]
 	 *  - WIDTR [writes of IDTR]
 	 *  - WGDTR [writes of GDTR]
 	 *  - WLDTR [writes of LDTR]
 	 *  - WTR [writes of TR]
 	 *  - RDTSC [rdtsc instruction]
 	 *  - PUSHF [pushf instruction]
 	 *  - POPF [popf instruction]
 	 *  - IRET [iret instruction]
 	 *  - INTN [int $n instructions]
 	 *  - INVD [invd instruction]
 	 *  - PAUSE [pause instruction]
 	 *  - INVLPG [invplg instruction]
 	 *  - TASKSW [task switches]
+	 *
 	 * Intercept the rest below.
 	 */
 	vmcb->ctrl.intercept_misc1 =
 	    VMCB_CTRL_INTERCEPT_INTR |
 	    VMCB_CTRL_INTERCEPT_NMI |
 	    VMCB_CTRL_INTERCEPT_INIT |
 	    VMCB_CTRL_INTERCEPT_RDPMC |
 	    VMCB_CTRL_INTERCEPT_CPUID |
 	    VMCB_CTRL_INTERCEPT_RSM |
 	    VMCB_CTRL_INTERCEPT_INVD |
 	    VMCB_CTRL_INTERCEPT_HLT |
 	    VMCB_CTRL_INTERCEPT_INVLPGA |
 	    VMCB_CTRL_INTERCEPT_IOIO_PROT |
 	    VMCB_CTRL_INTERCEPT_MSR_PROT |
 	    VMCB_CTRL_INTERCEPT_FERR_FREEZE |
 	    VMCB_CTRL_INTERCEPT_SHUTDOWN;
 	/*
 	 * Allow:
 	 *  - ICEBP [icebp instruction]
 	 *  - WBINVD [wbinvd instruction]
 	 *  - WCR_SPEC(0..15) [writes of CR0-15, received after instruction]
+	 *