x86/msr: Filter MSR writes

author Borislav Petkov <bp@suse.de>

Wed, 10 Jun 2020 19:37:49 +0000 (21:37 +0200)

committer Borislav Petkov <bp@suse.de>

Thu, 25 Jun 2020 08:39:02 +0000 (10:39 +0200)
author Borislav Petkov <bp@suse.de>
Wed, 10 Jun 2020 19:37:49 +0000 (21:37 +0200)
committer Borislav Petkov <bp@suse.de>
Thu, 25 Jun 2020 08:39:02 +0000 (10:39 +0200)
diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c

index 1547be359d7f5a539ab470381654b6b02c4bf102..49dcfb85e7730ddeff3555f72dee67fc780023aa 100644 (file)
--- a/arch/x86/kernel/msr.c
+++ b/arch/x86/kernel/msr.c
@@ -42,6 +42,14 @@
  static struct class *msr_class;
  static enum cpuhp_state cpuhp_msr_state;
  
+enum allow_write_msrs {
+       MSR_WRITES_ON,
+       MSR_WRITES_OFF,
+       MSR_WRITES_DEFAULT,
+};
+
+static enum allow_write_msrs allow_writes = MSR_WRITES_DEFAULT;
+
  static ssize_t msr_read(struct file *file, char __user *buf,
                         size_t count, loff_t *ppos)
  {
@@ -70,6 +78,24 @@ static ssize_t msr_read(struct file *file, char __user *buf,
         return bytes ? bytes : err;
  }
  
+static int filter_write(u32 reg)
+{
+       switch (allow_writes) {
+       case MSR_WRITES_ON:  return 0;
+       case MSR_WRITES_OFF: return -EPERM;
+       default: break;
+       }
+
+       if (reg == MSR_IA32_ENERGY_PERF_BIAS)
+               return 0;
+
+       pr_err_ratelimited("Write to unrecognized MSR 0x%x by %s\n"
+                          "Please report to x86@kernel.org\n",
+                          reg, current->comm);
+
+       return 0;
+}
+
  static ssize_t msr_write(struct file *file, const char __user *buf,
                          size_t count, loff_t *ppos)
  {
@@ -84,6 +110,10 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
         if (err)
                 return err;
  
+       err = filter_write(reg);
+       if (err)
+               return err;
+
         if (count % 8)
                 return -EINVAL; /* Invalid chunk size */
  
@@ -92,9 +122,13 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
                         err = -EFAULT;
                         break;
                 }
+
+               add_taint(TAINT_CPU_OUT_OF_SPEC, LOCKDEP_STILL_OK);
+
                 err = wrmsr_safe_on_cpu(cpu, reg, data[0], data[1]);
                 if (err)
                         break;
+
                 tmp += 2;
                 bytes += 8;
         }
@@ -242,6 +276,41 @@ static void __exit msr_exit(void)
  }
  module_exit(msr_exit)
  
+static int set_allow_writes(const char *val, const struct kernel_param *cp)
+{
+       /* val is NUL-terminated, see kernfs_fop_write() */
+       char *s = strstrip((char *)val);
+
+       if (!strcmp(s, "on"))
+               allow_writes = MSR_WRITES_ON;
+       else if (!strcmp(s, "off"))
+               allow_writes = MSR_WRITES_OFF;
+       else
+               allow_writes = MSR_WRITES_DEFAULT;
+
+       return 0;
+}
+
+static int get_allow_writes(char *buf, const struct kernel_param *kp)
+{
+       const char *res;
+
+       switch (allow_writes) {
+       case MSR_WRITES_ON:  res = "on"; break;
+       case MSR_WRITES_OFF: res = "off"; break;
+       default: res = "default"; break;
+       }
+
+       return sprintf(buf, "%s\n", res);
+}
+
+static const struct kernel_param_ops allow_writes_ops = {
+       .set = set_allow_writes,
+       .get = get_allow_writes
+};
+
+module_param_cb(allow_writes, &allow_writes_ops, NULL, 0600);
+
  MODULE_AUTHOR("H. Peter Anvin <hpa@zytor.com>");
  MODULE_DESCRIPTION("x86 generic MSR driver");
  MODULE_LICENSE("GPL");
author	Borislav Petkov <bp@suse.de>
	Wed, 10 Jun 2020 19:37:49 +0000 (21:37 +0200)
committer	Borislav Petkov <bp@suse.de>
	Thu, 25 Jun 2020 08:39:02 +0000 (10:39 +0200)