On Wed, Sep 21, 2022 at 2:28 AM Borislav Petkov <bp@xxxxxxxxx> wrote: > > On Tue, Sep 20, 2022 at 09:36:18PM +0000, Sean Christopherson wrote: > > Yes, but ideally KVM would explicitly tell the guest "you don't have LMSLE". > > Probably a moot point, but at the same time I don't see a reason not to be > > explicit. > > Yes but... > > On Tue, Sep 20, 2022 at 02:36:34PM -0700, Jim Mattson wrote: > > Reporting that CPUID bit gives us the right to raise #GP. AMD CPUs > > (going way back) that don't report EferLmsleUnsupported do not raise > > #GP. > > ... what does "gives us the right" mean exactly? > > I'm pretty sure I'm missing something about how KVM works but wouldn't > it raise a guest #GP when the guest tries to set an unsupported EFER > bit? I.e., why do you need to explicitly do > > kvm_cpu_cap_set(X86_FEATURE_NO_LMSLE); > > and not handle this like any other EFER reserved bit? EFER.LMLSE is not a reserved bit on AMD64 CPUs, unless CPUID.80000008:EBX[20] is set (or you're running very, very old hardware). We really shouldn't just decide on a whim to treat EFER.LMSLE as reserved under KVM. The guest CPUID information represents our detailed contract with the guest software. By setting CPUID.80000008:EBX[20], we are telling the guest that if it tries to set EFER.LMSLE, we will raise a #GP. If we don't set that bit in the guest CPUID information and we raise #GP on an attempt to set EFER.LMSLE, the virtual hardware is defective. We could document this behavior as an erratum, but since a mechanism exists to declare that the guest can expect EFER.LMSLE to #GP, doesn't it make sense to use it?
