solo5-hvt on KVM: should enable MSR filtering for defense in depth

[edwintorok]

MSR filtering does not appear to be enabled (just the default KVM filters). If an MSR is not used by Solo5, it probably shouldn't be writable to reduce the attack surface.
Obvious attack vectors (like MSR_AMD64_PATCH_LOADER) are already blocked, but various other MSRs are not.
E.g. the various HyperV enlightenment MSRs, various additional KVM API MSRs appear to be enabled (e.g. you have 2 clocks: the KVM one, and the Solo5 one, etc.)

Solo5 has a very well defined, and small interface with the unikernels it runs (good!), and I think it unintentionally exposed all the acceleration features that a regular VM would need.

See https://www.kernel.org/doc/html/latest/virt/kvm/api.html#kvm-x86-set-msr-filter for the API to use.

Although I'm not aware of a particular attack using these MSRs, the attack surface is larger than necessary.

Note: this is x86-64 specific, I don't know whether other architectures would have an equivalent.

[hannesm]

Indeed we should do this. While the set-msr-filter you linked to is Linux-specific, we'll need support on FreeBSD and OpenBSD as well (or first, take a look whether it is an issue on these platforms).