Re: [PATCH 2/2] KVM: VMX: Add knob to allow rejecting kvm_intel on inconsistent VMCS config

From: Jim Mattson
Date: Wed May 25 2022 - 17:17:28 EST

Next message: Nick Desaulniers: "Re: [PATCH v7 06/25] rust: add `compiler_builtins` crate"
Previous message: Guenter Roeck: "Re: [PATCH] riscv: compat: Using seperated vdso_maps for compat_vdso_info"
In reply to: Sean Christopherson: "[PATCH 2/2] KVM: VMX: Add knob to allow rejecting kvm_intel on inconsistent VMCS config"
Next in thread: Sean Christopherson: "Re: [PATCH 2/2] KVM: VMX: Add knob to allow rejecting kvm_intel on inconsistent VMCS config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 25, 2022 at 2:04 PM Sean Christopherson <seanjc@xxxxxxxxxx> wrote:
>
> Add an off-by-default module param, reject_inconsistent_vmcs_config, to
> allow rejecting the load of kvm_intel if an inconsistent VMCS config is
> detected. Continuing on with an inconsistent, degraded config is
> undesirable when the CPU is expected to support a given set of features,
> e.g. can result in a misconfigured VM if userspace doesn't cross-check
> KVM_GET_SUPPORTED_CPUID, and/or can result in poor performance due to
> lack of fast MSR switching.
>
> Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
> ---
There are several inconsistent VMCS configs that are not rejected here
(e.g. "enable XSAVES/XRSTORS" on a CPU that doesn't support XSAVES).
Do you plan to include more checks in the future, or should this be,
"reject_some_inconsistent_vmcs_configs"? :-)

Next message: Nick Desaulniers: "Re: [PATCH v7 06/25] rust: add `compiler_builtins` crate"
Previous message: Guenter Roeck: "Re: [PATCH] riscv: compat: Using seperated vdso_maps for compat_vdso_info"
In reply to: Sean Christopherson: "[PATCH 2/2] KVM: VMX: Add knob to allow rejecting kvm_intel on inconsistent VMCS config"
Next in thread: Sean Christopherson: "Re: [PATCH 2/2] KVM: VMX: Add knob to allow rejecting kvm_intel on inconsistent VMCS config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]