• S
    KVM: vmx: Inject #UD for SGX ENCLS instruction in guest · 0b665d30
    Sean Christopherson 提交于
    Virtualization of Intel SGX depends on Enclave Page Cache (EPC)
    management that is not yet available in the kernel, i.e. KVM support
    for exposing SGX to a guest cannot be added until basic support
    for SGX is upstreamed, which is a WIP[1].
    
    Until SGX is properly supported in KVM, ensure a guest sees expected
    behavior for ENCLS, i.e. all ENCLS #UD.  Because SGX does not have a
    true software enable bit, e.g. there is no CR4.SGXE bit, the ENCLS
    instruction can be executed[1] by the guest if SGX is supported by the
    system.  Intercept all ENCLS leafs (via the ENCLS- exiting control and
    field) and unconditionally inject #UD.
    
    [1] https://www.spinics.net/lists/kvm/msg171333.html or
        https://lkml.org/lkml/2018/7/3/879
    
    [2] A guest can execute ENCLS in the sense that ENCLS will not take
        an immediate #UD, but no ENCLS will ever succeed in a guest
        without explicit support from KVM (map EPC memory into the guest),
        unless KVM has a *very* egregious bug, e.g. accidentally mapped
        EPC memory into the guest SPTEs.  In other words this patch is
        needed only to prevent the guest from seeing inconsistent behavior,
        e.g. #GP (SGX not enabled in Feature Control MSR) or #PF (leaf
        operand(s) does not point at EPC memory) instead of #UD on ENCLS.
        Intercepting ENCLS is not required to prevent the guest from truly
        utilizing SGX.
    Signed-off-by: NSean Christopherson <sean.j.christopherson@intel.com>
    Message-Id: <20180814163334.25724-3-sean.j.christopherson@intel.com>
    Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
    0b665d30
vmx.c 400.5 KB