Jim Mattson <jmattson@xxxxxxxxxx> writes: > On Tue, Jun 28, 2022 at 9:01 AM Vitaly Kuznetsov <vkuznets@xxxxxxxxxx> wrote: >> ... > > Read-only MSRs cannot be changed after their values may have been > observed by the guest. > >> Anirudh, the same concern applies to your 'intermediate' patch too. >> >> Smart ideas on what can be done are more than welcome) > > You could define a bunch of "quirks," and userspace could use > KVM_CAP_DISABLE_QUIRKS2 to ask that the broken bits be cleared. This sounds correct, but awful :-) I, however, think we can avoid this. For the KVM-on-eVMCS case: - When combined with "[PATCH 00/11] KVM: VMX: Support TscScaling and EnclsExitingBitmap whith eVMCS" series (https://lore.kernel.org/kvm/20220621155830.60115-1-vkuznets@xxxxxxxxxx/), the filtering we do in setup_vmcs_config() is no longer needed. I need to check various available Hyper-V versions but my initial investigation shows that we were only filtering out TSC Scaling and 'Load IA32_PERF_GLOBAL_CTRL' vmexit/vmentry, the rest were never present in VMX control MSRs (as presented by Hyper-V) in the first place. For PERF_GLOBAL_CTRL errata: - We can move the filtering to vmx_vmexit_ctrl()/vmx_vmentry_ctrl() preserving the status quo: KVM doesn't use the feature but it is exposed to L1 hypervisor (and L1 hypervisor presumably has the same check and doesn't use the feature. FWIW, the workaround was added in 2011 and the erratas it references appeared in 2010, this means that the affected CPUs are quite old, modern proprietary hypervisors won't likely boot there). If we do the above, there's going to be no changes to VMX control MSRs generated by nested_vmx_setup_ctls_msrs(). I, however, need to work on a combined series. -- Vitaly
