From 2fba3160a5b47d6a352d5a583c75dec549c416a8 Mon Sep 17 00:00:00 2001
From: mlarkin <mlarkin@openbsd.org>
Date: Sun, 3 Sep 2023 09:30:43 +0000
Subject: [PATCH] vmm(4): Suppress AMD HwPstate visibility to guests

On newer Ryzen/EPYC, we need to hide the HwPstate CPUID 80000007:EDX
field for HwPstate, or guests will try to access the MSRs associated
with those, and that will fail with #GP.

ok deraadt
---
 sys/arch/amd64/amd64/identcpu.c     | 3 ++-
 sys/arch/amd64/amd64/vmm_machdep.c  | 4 ++--
 sys/arch/amd64/include/specialreg.h | 3 ++-
 sys/arch/amd64/include/vmmvar.h     | 3 ++-
 4 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/sys/arch/amd64/amd64/identcpu.c b/sys/arch/amd64/amd64/identcpu.c
index ecbdc0afe4e..0d113e732b8 100644
--- a/sys/arch/amd64/amd64/identcpu.c
+++ b/sys/arch/amd64/amd64/identcpu.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: identcpu.c,v 1.137 2023/08/16 04:07:37 jsg Exp $	*/
+/*	$OpenBSD: identcpu.c,v 1.138 2023/09/03 09:30:43 mlarkin Exp $	*/
 /*	$NetBSD: identcpu.c,v 1.1 2003/04/26 18:39:28 fvdl Exp $	*/
 
 /*
@@ -228,6 +228,7 @@ const struct {
 }, cpu_cpuid_perf_eax[] = {
 	{ CPUIDEAX_VERID,	"PERF" },
 }, cpu_cpuid_apmi_edx[] = {
+	{ CPUIDEDX_HWPSTATE,	"HWPSTATE" },
 	{ CPUIDEDX_ITSC,	"ITSC" },
 }, cpu_amdspec_ebxfeatures[] = {
 	{ CPUIDEBX_INVLPGB,		"INVLPGB" },
diff --git a/sys/arch/amd64/amd64/vmm_machdep.c b/sys/arch/amd64/amd64/vmm_machdep.c
index 352126d81c0..6a63b021e20 100644
--- a/sys/arch/amd64/amd64/vmm_machdep.c
+++ b/sys/arch/amd64/amd64/vmm_machdep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: vmm_machdep.c,v 1.5 2023/08/15 08:27:29 miod Exp $ */
+/* $OpenBSD: vmm_machdep.c,v 1.6 2023/09/03 09:30:43 mlarkin Exp $ */
 /*
  * Copyright (c) 2014 Mike Larkin <mlarkin@openbsd.org>
  *
@@ -6319,7 +6319,7 @@ vmm_handle_cpuid(struct vcpu *vcpu)
 		*rax = eax;
 		*rbx = ebx;
 		*rcx = ecx;
-		*rdx = edx;
+		*rdx = edx & VMM_APMI_EDX_MASK;
 		break;
 	case 0x80000008:	/* Phys bits info and topology (AMD) */
 		*rax = eax;
diff --git a/sys/arch/amd64/include/specialreg.h b/sys/arch/amd64/include/specialreg.h
index 2d7c0307ed9..38edcca6148 100644
--- a/sys/arch/amd64/include/specialreg.h
+++ b/sys/arch/amd64/include/specialreg.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: specialreg.h,v 1.108 2023/08/16 04:07:37 jsg Exp $	*/
+/*	$OpenBSD: specialreg.h,v 1.109 2023/09/03 09:30:43 mlarkin Exp $	*/
 /*	$NetBSD: specialreg.h,v 1.1 2003/04/26 18:39:48 fvdl Exp $	*/
 /*	$NetBSD: x86/specialreg.h,v 1.2 2003/04/25 21:54:30 fvdl Exp $	*/
 
@@ -329,6 +329,7 @@
  * "Advanced Power Management Information" bits (CPUID function 0x80000007):
  * EDX bits.
  */
+#define CPUIDEDX_HWPSTATE	(1 << 7)	/* Hardware P State Control */
 #define CPUIDEDX_ITSC		(1 << 8)	/* Invariant TSC */
 
 /*
diff --git a/sys/arch/amd64/include/vmmvar.h b/sys/arch/amd64/include/vmmvar.h
index e9f8384cccf..a187c4f1d2d 100644
--- a/sys/arch/amd64/include/vmmvar.h
+++ b/sys/arch/amd64/include/vmmvar.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vmmvar.h,v 1.91 2023/04/26 15:11:21 mlarkin Exp $	*/
+/*	$OpenBSD: vmmvar.h,v 1.92 2023/09/03 09:30:43 mlarkin Exp $	*/
 /*
  * Copyright (c) 2014 Mike Larkin <mlarkin@openbsd.org>
  *
@@ -559,6 +559,7 @@ struct vm_mprotect_ept_params {
     CPUIDEBX_STIBP | CPUIDEBX_IBRS_ALWAYSON | CPUIDEBX_STIBP_ALWAYSON | \
     CPUIDEBX_IBRS_PREF | CPUIDEBX_SSBD | CPUIDEBX_VIRT_SSBD | \
     CPUIDEBX_SSBD_NOTREQ)
+#define VMM_APMI_EDX_MASK ~(CPUIDEDX_HWPSTATE)
 
 /*
  * SEFF flags - copy from host minus:
-- 
2.20.1