Re: KVM's sloppiness wrt IA32_SPEC_CTRL and IA32_PRED_CMD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Jul 20, 2023 at 12:04:48PM +0800, Xiaoyao Li wrote:
>On 7/20/2023 9:58 AM, Chao Gao wrote:
>> On Thu, Jul 20, 2023 at 09:25:14AM +0800, Xiaoyao Li wrote:
>> > On 7/20/2023 2:08 AM, Jim Mattson wrote:
>> > > Normally, we would restrict guest MSR writes based on guest CPU
>> > > features. However, with IA32_SPEC_CTRL and IA32_PRED_CMD, this is not
>> > > the case.
>> 
>> This issue isn't specific to the two MSRs. Any MSRs that are not
>> intercepted and with some reserved bits for future extenstions may run
>> into this issue. Right?
>
>The luck is KVM defines a list of MSRs that can be passthrough for vmx:
>
>static u32 vmx_possible_passthrough_msrs[MAX_POSSIBLE_PASSTHROUGH_MSRS]  = {
>	MSR_IA32_SPEC_CTRL,
>	MSR_IA32_PRED_CMD,
>	MSR_IA32_FLUSH_CMD,
>	MSR_IA32_TSC,
>#ifdef CONFIG_X86_64
>	MSR_FS_BASE,
>	MSR_GS_BASE,
>	MSR_KERNEL_GS_BASE,
>	MSR_IA32_XFD,
>	MSR_IA32_XFD_ERR,
>#endif
>	MSR_IA32_SYSENTER_CS,
>	MSR_IA32_SYSENTER_ESP,
>	MSR_IA32_SYSENTER_EIP,
>	MSR_CORE_C1_RES,
>	MSR_CORE_C3_RESIDENCY,
>	MSR_CORE_C6_RESIDENCY,
>	MSR_CORE_C7_RESIDENCY,
>};
>
>and only a few of them has reserved bits. It's feasible to fix them.

Yes. But note that a few MSRs will be added to the list soon, in the CET
series and the FRED series

>
>> > > hardware. This could be problematic in heterogeneous migration pools.
>> > > For instance, a VM that starts on a Cascade Lake host may set
>> > > IA32_SPEC_CTRL.PSFD[bit 7], even if the guest
>> > > CPUID.(EAX=07H,ECX=02H):EDX.PSFD[bit 0] is clear. Then, if that VM is
>> > > migrated to a Skylake host, KVM_SET_MSRS will refuse to set
>> > > IA32_SPEC_CTRL to its current value, because Skylake doesn't support
>> > > PSFD.
>> 
>> It is a guest fault. Can we modify guest kernel in this case?
>
>I don't think it's a guest fault. Guest can do whatever it wants and KVM
>cannot expect guest's behavior.

OK. I have no objection.

But I still think adjusting guest behavior is the right thing to do.
Because I don't get the benefit of emulating hardware precisely in this
case but the cost of fixing KVM's behavior is obvious: if guests write
to the MSR frequently, they get a lot of VM-exits. I think correctness
is important but not always the most important.

We are working on a real-world project rather than a toy; we should take
other factors into consideration.
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux