From: Razvan Cojocaru <rcojocaru@bitdefender.com>
Date: Mon, 2 Jul 2018 11:08:27 +0000 (+0200)
Subject: svm: don't clear interception for MSRs required for introspection
X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~3714
X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/%22/%22http:/www.example.com/cgi/%22?a=commitdiff_plain;h=2746088d9cb403470639508cbedbc9b952f7abc4;p=xen.git

svm: don't clear interception for MSRs required for introspection

This patch mirrors the VMX code that doesn't allow
vmx_clear_msr_intercept() to clear interception of MSRs that an
introspection agent is trying to monitor.

Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
---

diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index 165500e3f2..bb47f59e4a 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -148,6 +148,7 @@ svm_msrbit(unsigned long *msr_bitmap, uint32_t msr)
 void svm_intercept_msr(struct vcpu *v, uint32_t msr, int flags)
 {
     unsigned long *msr_bit;
+    const struct domain *d = v->domain;
 
     msr_bit = svm_msrbit(v->arch.hvm_svm.msrpm, msr);
     BUG_ON(msr_bit == NULL);
@@ -155,12 +156,12 @@ void svm_intercept_msr(struct vcpu *v, uint32_t msr, int flags)
 
     if ( flags & MSR_INTERCEPT_READ )
          __set_bit(msr * 2, msr_bit);
-    else
+    else if ( !monitored_msr(d, msr) )
          __clear_bit(msr * 2, msr_bit);
 
     if ( flags & MSR_INTERCEPT_WRITE )
         __set_bit(msr * 2 + 1, msr_bit);
-    else
+    else if ( !monitored_msr(d, msr) )
         __clear_bit(msr * 2 + 1, msr_bit);
 }