On 5/15/24 21:09, Sean Christopherson wrote:
Hmm, actually, we already have new uAPI/ABI in the form of VM types. What if we squeeze a documentation update into 6.10 (which adds the SEV VM flavors) to state that KVM's historical behavior of blasting all SPTEs is only_guaranteed_ for KVM_X86_DEFAULT_VM? Anyone know if QEMU deletes shared-only, i.e. non-guest_memfd, memslots during SEV-* boot?
Yes, the process is mostly the same for normal UEFI boot, SEV and SEV-ES. However, it does so while the VM is paused (remember the atomic memslot updates attempts? that's now enforced by QEMU). So it's quite possible that the old bug is not visible anymore, independent of why VFIO caused it. Paolo
If so, and assuming any such memslots are smallish, we could even start enforcing the new ABI by doing a precise zap for small (arbitrary limit TBD) shared-only memslots for !KVM_X86_DEFAULT_VM VMs.
