Re: [PATCH RFC] KVM: x86: tell guests if the exposed SMT topology is trustworthy

From: Paolo Bonzini
Date: Mon Dec 09 2019 - 04:15:14 EST

Next message: Robin Gong: "RE: [v3] dmaengine: fsl-edma: Add eDMA support for QorIQ LS1028A platform"
Previous message: Wen He: "RE: [v11 2/2] clk: ls1028a: Add clock driver for Display output interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/12/19 21:31, Ankur Arora wrote:
>> If we, however, discuss other hints such 'pre-ACK' mechanism may make
>> sense, however, I'd make it an option to a 'challenge/response'
>> protocol: if host wants to change a hint it notifies the guest and waits
>> for an ACK from it (e.g. a pair of MSRs + an interrupt). I, however,
>
> My main reason for this 'pre-ACK' approach is some discomfort with
> changing the CPUID edx from under the guest.

Changing the CPUID is fine, if we document which CPUID can change.
There are CPUID leaves that change at runtime, for example in leaf 0Dh
(though in that case it's based on XCR0 and not on external circumstances).

> As we've discussed offlist, the particular hint I'm interested in is
> KVM_HINT_REALTIME. That's not a particularly good candidate though
> because there's no correctness problem if the host does switch it
> off suddenly.

Or perhaps it's a good candidate, exactly because there's no correctness
problem. For SMT topology, there are security issues if the host
doesn't respect it anymore, so making it changeable is of limited utility.

Paolo

Next message: Robin Gong: "RE: [v3] dmaengine: fsl-edma: Add eDMA support for QorIQ LS1028A platform"
Previous message: Wen He: "RE: [v11 2/2] clk: ls1028a: Add clock driver for Display output interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]