On 17/04/19 16:33, Sean Christopherson wrote: > In this exact variation of the code, no, since userspace can modify > lapic_timer_advance_ns while the vCPU is running. Obviously that case > goes away when lapic_timer_advance_ns is no longer directly consumed by > vCPUS. Indeed, and if we weren't about to add per-vCPU lapic_timer_advance_ns, the old suggestion of making lapic_timer_advance_ns read-only would stand. > Anyways, capping at a KVM controlled value is prudent since not doing > so can hang the host if something does go wrong. Yes---for the per-vCPU lapic_timer_advance_ns it is completely reasonable. Paolo
