On 12/12/2018 04:10 PM, Jim Mattson wrote:
If the guest supports RDTSCP, it already has read access to the
hardware IA32_TSC_AUX MSR via RDTSCP, so we can allow it read-access
via RDMSR as well. If the guest doesn't support RDTSCP, then we
should not allow it read access to the hardware IA32_TSC_AUX MSR.
Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx>
Reviewed-by: Marc Orr <marcorr@xxxxxxxxxx>
Reviewed-by: Peter Shier <pshier@xxxxxxxxxx>
---
arch/x86/kvm/vmx.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index c379d0bfdcba9..69deab6f37953 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -6522,6 +6522,10 @@ static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx)
if (vmx_rdtscp_supported()) {
bool rdtscp_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP);
+
+ vmx_set_intercept_for_msr(vmx->vmcs01.msr_bitmap, MSR_TSC_AUX,
+ MSR_TYPE_R, !rdtscp_enabled);
+
if (!rdtscp_enabled)
exec_control &= ~SECONDARY_EXEC_RDTSCP;
Reviewed-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx>
