Explicitly check for attempts to read unsupported PMC types instead of
letting the bounds check fail. Functionally, letting the check fail is
ok, but it's unnecessarily subtle and does a poor job of documenting the
architectural behavior that KVM is emulating.
Opportunistically add macros for the type vs. index to further document
what is going on.
Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
arch/x86/kvm/vmx/pmu_intel.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/vmx/pmu_intel.c b/arch/x86/kvm/vmx/pmu_intel.c
index 644de27bd48a..bd4f4bdf5419 100644
--- a/arch/x86/kvm/vmx/pmu_intel.c
+++ b/arch/x86/kvm/vmx/pmu_intel.c
@@ -23,6 +23,9 @@
/* Perf's "BASE" is wildly misleading, this is a single-bit flag, not a base. */
#define INTEL_RDPMC_FIXED INTEL_PMC_FIXED_RDPMC_BASE
+#define INTEL_RDPMC_TYPE_MASK GENMASK(31, 16)
+#define INTEL_RDPMC_INDEX_MASK GENMASK(15, 0)
+
#define MSR_PMC_FULL_WIDTH_BIT (MSR_IA32_PMC0 - MSR_IA32_PERFCTR0)
static void reprogram_fixed_counters(struct kvm_pmu *pmu, u64 data)
@@ -82,9 +85,13 @@ static struct kvm_pmc *intel_rdpmc_ecx_to_pmc(struct kvm_vcpu *vcpu,
/*
* Fixed PMCs are supported on all architectural PMUs. Note, KVM only
* emulates fixed PMCs for PMU v2+, but the flag itself is still valid,
- * i.e. let RDPMC fail due to accessing a non-existent counter.
+ * i.e. let RDPMC fail due to accessing a non-existent counter. Reject
+ * attempts to read all other types, which are unknown/unsupported.
*/
- idx &= ~INTEL_RDPMC_FIXED;
+ if (idx & INTEL_RDPMC_TYPE_MASK & ~INTEL_RDPMC_FIXED)
+ return NULL;
+
+ idx &= INTEL_RDPMC_INDEX_MASK;
if (fixed) {
counters = pmu->fixed_counters;
num_counters = pmu->nr_arch_fixed_counters;
--
2.43.0.rc2.451.g8631bc7472-goog
