On Thu, 2024-03-28 at 08:58 +0800, Xiaoyao Li wrote: > > How so? Userspace needs to learn to create a TD first. > > The current ABI of KVM_EXIT_X86_RDMSR/WRMSR is that userspace itself > sets up MSR fitler at first, then it will get such EXIT_REASON when > guest accesses the MSRs being filtered. > > If you want to use this EXIT reason, then you need to enforce userspace > setting up the MSR filter. How to enforce? I think Isaku's proposal was to let userspace configure it. For the sake of conversation, what if we don't enforce it? The downside of not enforcing it is that we then need to worry about code paths in KVM the MTRRs would call. But what goes wrong functionally? If userspace doesn't fully setup a TD things can go wrong for the TD. A plus side of using the MSR filter stuff is it reuses existing functionality. > If not enforce, but exit with > KVM_EXIT_X86_RDMSR/WRMSR no matter usersapce sets up MSR filter or not. > Then you are trying to introduce divergent behavior in KVM. The current ABI of KVM_EXIT_X86_RDMSR when TDs are created is nothing. So I don't see how this is any kind of ABI break. If you agree we shouldn't try to support MTRRs, do you have a different exit reason or behavior in mind?