On 27/02/2018 10:26, Wanpeng Li wrote: > 2018-02-27 16:38 GMT+08:00 Paolo Bonzini <pbonzini@xxxxxxxxxx>: >> On 27/02/2018 03:35, Wanpeng Li wrote: >>> From: Wanpeng Li <wanpengli@xxxxxxxxxxx> >>> >>> Linux (among the others) has checks to make sure that certain features >>> aren't enabled on a certain family/model/stepping if the microcode version >>> isn't greater than or equal to a known good version. >>> >>> By exposing the real microcode version, we're preventing buggy guests that >>> don't check that they are running virtualized (i.e., they should trust the >>> hypervisor) from disabling features that are effectively not buggy. >>> >>> Suggested-by: Filippo Sironi <sironi@xxxxxxxxx> >>> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> >>> Cc: Radim Krčmář <rkrcmar@xxxxxxxxxx> >>> Cc: Liran Alon <liran.alon@xxxxxxxxxx> >>> Cc: Nadav Amit <nadav.amit@xxxxxxxxx> >>> Signed-off-by: Wanpeng Li <wanpengli@xxxxxxxxxxx> >>> --- >>> v3 -> v4: >>> * add the shifts back >> >> Please wait for a review instead of pushing new versions continuously. >> Leaving the shifts means that MSR_IA32_UCODE_REV's bits 0-31 are zeroed >> even if KVM_SET_MSRS makes them nonzero. > > How about something like this? Yes, that's okay. Paolo
