On Wed, May 25, 2022 at 2:04 PM Sean Christopherson <seanjc@xxxxxxxxxx> wrote: > > Add an off-by-default module param, reject_inconsistent_vmcs_config, to > allow rejecting the load of kvm_intel if an inconsistent VMCS config is > detected. Continuing on with an inconsistent, degraded config is > undesirable when the CPU is expected to support a given set of features, > e.g. can result in a misconfigured VM if userspace doesn't cross-check > KVM_GET_SUPPORTED_CPUID, and/or can result in poor performance due to > lack of fast MSR switching. > > Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx> > --- There are several inconsistent VMCS configs that are not rejected here (e.g. "enable XSAVES/XRSTORS" on a CPU that doesn't support XSAVES). Do you plan to include more checks in the future, or should this be, "reject_some_inconsistent_vmcs_configs"? :-)
