Xen Test Framework

Advisory: XSA-269

Before XSA-269, no reserved bit checking was performed for writes to MSR_DEBUGCTL. Branch Trace Store isn't virtualised, and must only be accessable to fully trusted guests, as a misconfiguration locks up the entire host.

After XSA-169, vPMU was removed from security support, so the CPUID bit are expected to be hidden, even when the XSA-269 vulnerability is present.

This test tries to blindly turn on BTS. If Xen doesn't hang, is isn't vulnerable to XSA-269.

See also