Paolo Bonzini <pbonzini@xxxxxxxxxx> writes: > On 20/03/20 16:23, Thomas Gleixner wrote: >> Thomas Gleixner <tglx@xxxxxxxxxxxxx> writes: >> >>> Paolo Bonzini <pbonzini@xxxxxxxxxx> writes: >>>> The WARN_ON is essentially comparing a user-provided value with 0. It is >>>> trivial to trigger it just by passing garbage to KVM_SET_CLOCK. Guests >>>> can break if you do so, but if it hurts when you do like this just do not >>>> do it. >>> >>> Yes, it's a user provided value and it's completely unchecked. If that >>> value is bogus then the guest will go sideways because timekeeping is >>> completely busted. At least you should explain WHY you don't care. >> >> Or why it does not matter.... > > I can change the commit message to "Guests can break if you do so, but > the same applies to every KVM_SET_* ioctl". It's impossible to be sure > that userspace doesn't ever send a bogus KVM_SET_CLOCK and later > rectifies it with the right value. Yes please.
