Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN

From: Vitaly Kuznetsov
Date: Mon Jan 17 2022 - 08:02:39 EST

Next message: Peter Zijlstra: "Re: [RFC][PATCH 3/3] sched: User Mode Concurency Groups"
Previous message: Vladimir Oltean: "Re: [PATCH net] net: ocelot: Fix the call to switchdev_bridge_port_offload"
In reply to: Paolo Bonzini: "Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Paolo Bonzini <pbonzini@xxxxxxxxxx> writes:

> On 1/17/22 10:55, Vitaly Kuznetsov wrote:
>> No, honestly I was thinking about something much simpler: instead of
>> forbidding KVM_SET_CPUID{,2} after KVM_RUN completely (what we have now
>> in 5.16), we only forbid to change certain data which we know breaks
>> some assumptions in MMU, from the comment:
>> "
>> * KVM does not correctly handle changing guest CPUID after KVM_RUN, as
>> * MAXPHYADDR, GBPAGES support, AMD reserved bit behavior, etc.. aren't
>> * tracked in kvm_mmu_page_role. As a result, KVM may miss guest page
>> * faults due to reusing SPs/SPTEs.
>> "
>> It seems that CPU hotplug path doesn't need to change these so we don't
>> need an opt-in/opt-out, we can just forbid changing certain things for
>> the time being. Alternatively, we can silently ignore such changes but I
>> don't quite like it because it would mask bugs in VMMs.
>
> I think the version that only allows exactly the same CPUID is the best,
> as it leaves less room for future bugs.
>

Ok, I hear your vote) Will prepare v2.

--
Vitaly

Next message: Peter Zijlstra: "Re: [RFC][PATCH 3/3] sched: User Mode Concurency Groups"
Previous message: Vladimir Oltean: "Re: [PATCH net] net: ocelot: Fix the call to switchdev_bridge_port_offload"
In reply to: Paolo Bonzini: "Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]