Paolo Bonzini <pbonzini@xxxxxxxxxx> writes:
> On 1/17/22 10:55, Vitaly Kuznetsov wrote:
>> No, honestly I was thinking about something much simpler: instead of
>> forbidding KVM_SET_CPUID{,2} after KVM_RUN completely (what we have now
>> in 5.16), we only forbid to change certain data which we know breaks
>> some assumptions in MMU, from the comment:
>> "
>> * KVM does not correctly handle changing guest CPUID after KVM_RUN, as
>> * MAXPHYADDR, GBPAGES support, AMD reserved bit behavior, etc.. aren't
>> * tracked in kvm_mmu_page_role. As a result, KVM may miss guest page
>> * faults due to reusing SPs/SPTEs.
>> "
>> It seems that CPU hotplug path doesn't need to change these so we don't
>> need an opt-in/opt-out, we can just forbid changing certain things for
>> the time being. Alternatively, we can silently ignore such changes but I
>> don't quite like it because it would mask bugs in VMMs.
>
> I think the version that only allows exactly the same CPUID is the best,
> as it leaves less room for future bugs.
>
Ok, I hear your vote) Will prepare v2.
--
Vitaly
