On Sat, Jun 19, 2021, stsp wrote: > 19.06.2021 01:32, Sean Christopherson пишет: > > Argh! Check out this gem: > > > > /* > > * Fix the "Accessed" bit in AR field of segment registers for older > > * qemu binaries. > > * IA32 arch specifies that at the time of processor reset the > > * "Accessed" bit in the AR field of segment registers is 1. And qemu > > * is setting it to 0 in the userland code. This causes invalid guest > > * state vmexit when "unrestricted guest" mode is turned on. > > * Fix for this setup issue in cpu_reset is being pushed in the qemu > > * tree. Newer qemu binaries with that qemu fix would not need this > > * kvm hack. > > */ > > if (is_unrestricted_guest(vcpu) && (seg != VCPU_SREG_LDTR)) > > var->type |= 0x1; /* Accessed */ > > > > > > KVM fixes up segs when unrestricted guest is enabled, but otherwise leaves 'em > > be, presumably because it has the emulator to fall back on for invalid state. > > Guess what's missing in the invalid state check... > > > > I think this should do it: > Until when will it run on an emulator in this case? Will it be too slow > without a slightest hint to the user? KVM would emulate until the invalid state went away, i.e. until the offending register was loaded with a new segment that set the Accessed bit. > If it is indeed the performance penalty for no good reason, then my > preference would be to get an error right from KVM_SET_SREGS instead, or > maybe from KVM_RUN, but not run everything on an emulator. Sadly, to be consistent with other segments (SS and CS), I believe detecting and emulating is the right "fix". Ideally, KVM would differentiate between "invalid for !unrestricted_guest" and "always invalid", with the latter being rejected and punted to userspace. E.g. I don't think it's possible for a physical CPU to have a loaded segment with the Accessed bit set. Unfortunately that ship sailed long, long ago. One possibility would be to try disabling emulate_invalid_guest_state via module param. That should cause failure instead of emulating. But I suspect that that appraoch will cause explosions for your core2duo users as KVM is probably emulating at other points for them. :-/ The other thing you could do would be to add a bit instrumention to query the number of instructions KVM has emulated and alert the user if it exceeds some arbitrary threshold. The hiccup there is that KVM's stats are currently on debugfs, which is usually root-only. $ tail /sys/kernel/debug/kvm/insn_emulation 0
