On 17/09/2015 11:31, Borislav Petkov wrote: > >> > Crashing the bootup on an unknown MSR is bad. Many MSR reads and writes are >> > non-critical and returning the 'safe' result is much better than crashing or >> > hanging the bootup. > ... and prepending all MSR accesses with feature/CPUID checks is probably almost > impossible. That's not a big deal, that's what *_safe is for. The problem is that there are definitely some cases where the *_safe version is not being used. I agree with Ingo that we should start with a WARN. For example: - give the read_msr and write_msr hooks the same prototype as the safe variants - make the virt platforms always return "no error" for the unsafe variants (I understand if your first reaction is "ouch", but this effectively is already the current behavior) - change rdmsr/wrmsr/rdmsrl/wrmsrl to WARN if the read_msr and write_msr hooks return an error Paolo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
