Commit c813e8c9 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'x86-misc-2020-08-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull x86 MSR filtering from Ingo Molnar:
 "Filter MSR writes from user-space by default, and print a syslog entry
  if they happen outside the allowed set of MSRs, which is a single one
  for now, MSR_IA32_ENERGY_PERF_BIAS.

  The plan is to eventually disable MSR writes by default (they can
  still be enabled via allow_writes=on)"

* tag 'x86-misc-2020-08-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/msr: Filter MSR writes
parents 69094c20 a7e1f67e

arch/x86/kernel/msr.c

+69 −0
Original line number Diff line number Diff line
@@ -42,6 +42,14 @@ 
static struct class *msr_class;

static enum cpuhp_state cpuhp_msr_state;



enum allow_write_msrs {

	MSR_WRITES_ON,

	MSR_WRITES_OFF,

	MSR_WRITES_DEFAULT,

};



static enum allow_write_msrs allow_writes = MSR_WRITES_DEFAULT;



static ssize_t msr_read(struct file *file, char __user *buf,

			size_t count, loff_t *ppos)

{
@@ -70,6 +78,24 @@ static ssize_t msr_read(struct file *file, char __user *buf, 
	return bytes ? bytes : err;

}



static int filter_write(u32 reg)

{

	switch (allow_writes) {

	case MSR_WRITES_ON:  return 0;

	case MSR_WRITES_OFF: return -EPERM;

	default: break;

	}



	if (reg == MSR_IA32_ENERGY_PERF_BIAS)

		return 0;



	pr_err_ratelimited("Write to unrecognized MSR 0x%x by %s\n"

			   "Please report to x86@kernel.org\n",

			   reg, current->comm);



	return 0;

}



static ssize_t msr_write(struct file *file, const char __user *buf,

			 size_t count, loff_t *ppos)

{
@@ -84,6 +110,10 @@ static ssize_t msr_write(struct file *file, const char __user *buf, 
	if (err)

		return err;



	err = filter_write(reg);

	if (err)

		return err;



	if (count % 8)

		return -EINVAL;	/* Invalid chunk size */
@@ -92,9 +122,13 @@ static ssize_t msr_write(struct file *file, const char __user *buf, 
			err = -EFAULT;

			break;

		}



		add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);



		err = wrmsr_safe_on_cpu(cpu, reg, data[0], data[1]);

		if (err)

			break;



		tmp += 2;

		bytes += 8;

	}
@@ -242,6 +276,41 @@ static void __exit msr_exit(void) 
}

module_exit(msr_exit)



static int set_allow_writes(const char *val, const struct kernel_param *cp)

{

	/* val is NUL-terminated, see kernfs_fop_write() */

	char *s = strstrip((char *)val);



	if (!strcmp(s, "on"))

		allow_writes = MSR_WRITES_ON;

	else if (!strcmp(s, "off"))

		allow_writes = MSR_WRITES_OFF;

	else

		allow_writes = MSR_WRITES_DEFAULT;



	return 0;

}



static int get_allow_writes(char *buf, const struct kernel_param *kp)

{

	const char *res;



	switch (allow_writes) {

	case MSR_WRITES_ON:  res = "on"; break;

	case MSR_WRITES_OFF: res = "off"; break;

	default: res = "default"; break;

	}



	return sprintf(buf, "%s\n", res);

}



static const struct kernel_param_ops allow_writes_ops = {

	.set = set_allow_writes,

	.get = get_allow_writes

};



module_param_cb(allow_writes, &allow_writes_ops, NULL, 0600);



MODULE_AUTHOR("H. Peter Anvin <hpa@zytor.com>");

MODULE_DESCRIPTION("x86 generic MSR driver");

MODULE_LICENSE("GPL");

CRA Git | Maintained and supported by SUSTech CRA and CCSE