On Sun, Apr 03, 2022, Zeng Guang wrote:
>
> On 4/1/2022 10:01 AM, Sean Christopherson wrote:
> > Amusingly, I think we also need a capability to enumerate that KVM_CAP_MAX_VCPU_ID
> > is writable.
>
> IIUC, KVM_CAP_* has intrinsic writable attribute. KVM will return invalid
> If not implemented.
Yes, but forcing userspace to do a dummy write to detect support is rather ugly.
I'm not totally opposed to it. Probably a Paolo question.
Paolo?
> > > + if (cap->args[0] <= KVM_MAX_VCPU_IDS) {
> > > + kvm->arch.max_vcpu_id = cap->args[0];
> > This needs to be rejected if kvm->created_vcpus > 0, and that check needs to be
> > done under kvm_lock, otherwise userspace can bump the max ID after KVM allocates
> > per-VM structures and trigger buffer overflow.
>
> Is it necessary to use kvm_lock ? Seems no use case to call it from multi-threads.
There's no sane use case, but userspace is untrusted, i.e. KVM can't assume that
userspace will do the right/desired thing.
