From c68291b4a3d0bcfb48a836752563ffa0637a9625 Mon Sep 17 00:00:00 2001 From: mlarkin Date: Wed, 26 Apr 2023 15:40:51 +0000 Subject: [PATCH] Incorporate r1.140 and r1.141 of vmm.c: ---------------------------- revision 1.341 date: 2023/04/26 09:39:56; author: dv; state: Exp; lines: +3 -3; commitid: 1XztmVbxa8OP2xYi; Unbreak vmm on Intel. Mistakenly enabled CET on non-CET systems. Found by anton@ & jsg@ ---------------------------- revision 1.340 date: 2023/04/24 16:53:57; author: dv; state: Exp; lines: +11 -1; commitid: q9qQ55f7h2gen8N4; vmm(4): allow guests to enable and use supervisor IBT. Why should hosts have all the fun? Conditionally unmask the cpuid bits for IBT and allow r/w access to the supervisor CET msr. Will need revisiting when we introduce usage of userland CET msr. --- sys/arch/amd64/amd64/vmm_machdep.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/sys/arch/amd64/amd64/vmm_machdep.c b/sys/arch/amd64/amd64/vmm_machdep.c index acfca6d2947..dc30e35a8be 100644 --- a/sys/arch/amd64/amd64/vmm_machdep.c +++ b/sys/arch/amd64/amd64/vmm_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vmm_machdep.c,v 1.2 2023/04/26 15:34:31 mlarkin Exp $ */ +/* $OpenBSD: vmm_machdep.c,v 1.3 2023/04/26 15:40:51 mlarkin Exp $ */ /* * Copyright (c) 2014 Mike Larkin * @@ -2859,6 +2859,10 @@ vcpu_reset_regs_vmx(struct vcpu *vcpu, struct vcpu_reg_state *vrs) vmx_setmsrbr(vcpu, MSR_MISC_ENABLE); vmx_setmsrbr(vcpu, MSR_TSC); + /* If host supports CET, pass through access to the guest. */ + if (rcr4() & CR4_CET) + vmx_setmsrbrw(vcpu, MSR_S_CET); + /* XXX CR0 shadow */ /* XXX CR4 shadow */ @@ -6166,6 +6170,13 @@ vmm_handle_cpuid(struct vcpu *vcpu) *rcx |= SEFF0ECX_PKU; else *rcx &= ~SEFF0ECX_PKU; + + /* Expose IBT bit if we've enabled CET on the host. */ + if (rcr4() & CR4_CET) + *rdx |= SEFF0EDX_IBT; + else + *rdx &= ~SEFF0EDX_IBT; + } else { /* Unsupported subleaf */ DPRINTF("%s: function 0x07 (SEFF) unsupported subleaf " -- 2.20.1