On Tue, Mar 26, 2024 at 07:13:46PM +0800, Chao Gao <chao.gao@xxxxxxxxx> wrote: > On Tue, Mar 26, 2024 at 10:42:36AM +0800, Edgecombe, Rick P wrote: > >On Tue, 2024-03-26 at 10:32 +0800, Chao Gao wrote: > >> > > > Something like this for "112/130 KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall" > >> > > > Compile only tested at this point. > >> > > > >> > > Seems reasonable to me. Does QEMU configure a special set of MSRs to filter for TDX currently? > >> > > >> > No for TDX at the moment. We need to add such logic. > >> > >> What if QEMU doesn't configure the set of MSRs to filter? In this case, KVM > >> still needs to handle the MSR accesses. > > > >Do you see a problem for the kernel? I think if any issues are limited to only the guest, then we > >should count on userspace to configure the msr list. > > How can QEMU handle MTRR MSR accesses if KVM exits to QEMU? I am not sure if > QEMU needs to do a lot of work to virtualize MTRR. The default kernel logic will to return error for TDG.VP.VMCALL<RDMSR or WRMSR MTRR registers>. Qemu can have mostly same in the current kernel logic. rdmsr: MTRRCAP: 0 MTRRDEFTYPE: MTRR_TYPE_WRBACK wrmsr: MTRRDEFTYPE: If write back, nop. Otherwise error. > If QEMU doesn't configure the msr filter list correctly, KVM has to handle > guest's MTRR MSR accesses. In my understanding, the suggestion is KVM zap > private memory mappings. But guests won't accept memory again because no one > currently requests guests to do this after writes to MTRR MSRs. In this case, > guests may access unaccepted memory, causing infinite EPT violation loop > (assume SEPT_VE_DISABLE is set). This won't impact other guests/workloads on > the host. But I think it would be better if we can avoid wasting CPU resource > on the useless EPT violation loop. Qemu is expected to do it correctly. There are manyways for userspace to go wrong. This isn't specific to MTRR MSR. -- Isaku Yamahata <isaku.yamahata@xxxxxxxxx>