amd/kvm: do not intercept new MSRs for spectre v2 mitigation

Do not intercept MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD on AMD
for Spectre v2 mitigation.
As IBRS is not used on AMD, attempt to intercept MSR_IA32_SPEC_CTRL
will have guest crash with injected GP fault.
Also change the comment about field 'always' in svm_direct_access_msrs structure
for clarity.

OraBug: 27370258

Signed-off-by: Elena Ufimtseva <elena.ufimtseva@oracle.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Håkon Bugge <haakon.bugge@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>

diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 3f9c3b1fa1aeada8de1c5a24dc35babfdfef2b9e..852febe8fc1aaa32f3a94b6d5280f6fe5c37415e 100644 (file)
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -171,7 +171,7 @@ static DEFINE_PER_CPU(u64, current_tsc_ratio);
 
 static const struct svm_direct_access_msrs {
        u32 index;   /* Index of the MSR */
-       bool always; /* True if intercept is always on */
+       bool always; /* True if direct msr access is always on */
 } direct_access_msrs[] = {
        { .index = MSR_STAR,                            .always = true  },
        { .index = MSR_IA32_SYSENTER_CS,                .always = true  },
@@ -187,8 +187,8 @@ static const struct svm_direct_access_msrs {
        { .index = MSR_IA32_LASTBRANCHTOIP,             .always = false },
        { .index = MSR_IA32_LASTINTFROMIP,              .always = false },
        { .index = MSR_IA32_LASTINTTOIP,                .always = false },
-       { .index = MSR_IA32_SPEC_CTRL,                  .always = false },
-       { .index = MSR_IA32_PRED_CMD,                   .always = false },
+       { .index = MSR_IA32_SPEC_CTRL,                  .always = true },
+       { .index = MSR_IA32_PRED_CMD,                   .always = true },
        { .index = MSR_INVALID,                         .always = false },
 };
 
@@ -805,9 +805,6 @@ static void svm_vcpu_init_msrpm(u32 *msrpm)
 
                set_msr_interception(msrpm, direct_access_msrs[i].index, 1, 1);
        }
-
-       set_msr_interception(msrpm, MSR_IA32_SPEC_CTRL, 0, 0);
-       set_msr_interception(msrpm, MSR_IA32_PRED_CMD,  0, 0);
 }
 
 static void add_msr_offset(u32 offset)