Re: [PATCH 2/5] KVM: nVMX: Verify the VMX controls MSRs with the global capability when setting VMX MSRs

From: Chenyi Qiang
Date: Sun Aug 30 2020 - 23:16:20 EST

Next message: Kent Gibson: "[PATCH v6 00/20] gpio: cdev: add uAPI v2"
Previous message: Wei Yang: "[PATCH 2/6] ftrace: use fls() to get the bits for dup_hash()"
In reply to: Jim Mattson: "Re: [PATCH 2/5] KVM: nVMX: Verify the VMX controls MSRs with the global capability when setting VMX MSRs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 8/29/2020 2:23 AM, Jim Mattson wrote:

On Fri, Aug 28, 2020 at 1:54 AM Chenyi Qiang <chenyi.qiang@xxxxxxxxx> wrote:

When setting the nested VMX MSRs, verify it with the values in
vmcs_config.nested_vmx_msrs, which reflects the global capability of
VMX controls MSRs.

Signed-off-by: Chenyi Qiang <chenyi.qiang@xxxxxxxxx>

You seem to have entirely missed the point of this code, which is to
prevent userspace from adding features that have previously been
removed for this vCPU (e.g as a side-effect of KVM_SET_CPUID).

We only have the case that the scope of features set by userspace is always reduced, right? If so, we don't need the change here.

Next message: Kent Gibson: "[PATCH v6 00/20] gpio: cdev: add uAPI v2"
Previous message: Wei Yang: "[PATCH 2/6] ftrace: use fls() to get the bits for dup_hash()"
In reply to: Jim Mattson: "Re: [PATCH 2/5] KVM: nVMX: Verify the VMX controls MSRs with the global capability when setting VMX MSRs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]