David Woodhouse <dwmw2@xxxxxxxxxxxxx> writes: > On 14 December 2020 21:44:47 GMT, Vitaly Kuznetsov <vkuznets@xxxxxxxxxx> wrote: >>This actually looks more or less like hypercall distinction from after >>PATCH3: >> >> if (kvm_xen_hypercall_enabled(vcpu->kvm)) >> return kvm_xen_hypercall(vcpu); >> >> if (kvm_hv_hypercall_enabled(vcpu->kvm)) >> return kvm_hv_hypercall(vcpu); >> >>.... >> >>so my idea was why not do the same for MSRs? > > Can you define kvm_hv_msr_enabled()? > > Note kvm_hv_hypercall_enabled() is based on a value that gets written > through the MSR, so it can't be that. When Hyper-V emulation appeared in KVM we (unfortunately) didn't add a capability to globaly enable and disable it so to be backwards compatible we'll have to define kvm_emulating_hyperv() as 'true' for now as that's how KVM behaves. This, however, doesn't mean we can't add e.g. a module parameter to disable Hyper-V emulation. Also, we can probably check guest CPUIDs and if Hyper-V's signature wasn't set we can return 'false'. <rant> Having Hyper-V emulation in KVM 'always enabled' may not be a big deal from functional point of view but may not be ideal from security standpoint as bugs in arch/x86/kvm/hyperv.c become exploitable even from Linux guests. </rant> -- Vitaly
