On Tue, Aug 06, 2019 at 03:16:12PM +0800, Wei Wang wrote:
> +static bool intel_pmu_set_lbr_msr(struct kvm_vcpu *vcpu,
> + struct msr_data *msr_info)
> +{
> + struct kvm_pmu *pmu = vcpu_to_pmu(vcpu);
> + u32 index = msr_info->index;
> + u64 data = msr_info->data;
> + bool ret = false;
> +
> + /* The lbr event should have been allocated when reaching here. */
> + if (WARN_ON(!pmu->lbr_event))
> + return ret;
> +
> + /*
> + * Host perf could reclaim the lbr feature via ipi calls, and this can
> + * be detected via lbr_event->oncpu being set to -1. To ensure the
> + * writes to the lbr msrs don't happen after the lbr feature has been
> + * reclaimed by the host, the interrupt is disabled before performing
> + * the writes.
> + */
> + local_irq_disable();
> + if (pmu->lbr_event->oncpu == -1)
> + goto out;
> +
> + switch (index) {
> + case MSR_IA32_DEBUGCTLMSR:
> + ret = true;
> + /*
> + * Currently, only FREEZE_LBRS_ON_PMI and DEBUGCTLMSR_LBR are
> + * supported.
> + */
> + data &= (DEBUGCTLMSR_FREEZE_LBRS_ON_PMI | DEBUGCTLMSR_LBR);
> + vmcs_write64(GUEST_IA32_DEBUGCTL, data);
> + break;
> + default:
> + if (is_lbr_msr(vcpu, index)) {
> + ret = true;
> + wrmsrl(index, data);
@data needs to be run through is_noncanonical_address() when writing the
MSRs that take an address. In general, it looks like there's a lack of
checking on the validity of @data.
> + }
> + }
> +
> +out:
> + local_irq_enable();
> + return ret;
> +}
> +
