On 14/03/19 11:43, Xiaoyao Li wrote: > Yes, you are right. With your patches, only when we enable cpuid faulting for > the QEMU or other VMM userspace processes via arch_prctl, does it "leak" into > the KVM guest. > > But arch_prctl is not the only way to enable it. We can enable cpuid faulting > via module "msr.ko". And I think it's indeed an issue, we should not ignore it > as it needs special cases and purpose to make it happen so far. Whatever is done with "msr.ko" is a non-issue. msr.ko is at best a debugging tool if you use it for MSRs that the kernel can write. That said, even the arch_prctl is an issue, as well as Peter's patch you quote below. The patch is a good idea even though it should be implemented in a more efficient way. Paolo > Besides, Peter's this patch https://patchwork.kernel.org/patch/10850143/ is much > likely to cause the cpuid fauting enabled in host by default during kernel > startup. If that one is going to be applied, it's better to fix the cpuid > faulting leak issue before that.
