Re: [PATCH v2] KVM: X86: #GP when guest attempts to write MCi_STATUS register w/o 0

From: Paolo Bonzini
Date: Thu Nov 02 2017 - 13:35:55 EST

Next message: Konrad Rzeszutek Wilk: "Re: [PATCH v3 2/3] KVM: nVMX: Validate the IA32_BNDCFGS on nested VM-entry"
Previous message: Adam Thomson: "RE: [RFC PATCH 2/7] typec: tcpm: Add ADO header for Alert message handling"
Next in thread: Jim Mattson: "Re: [PATCH v2] KVM: X86: #GP when guest attempts to write MCi_STATUS register w/o 0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 19/10/2017 20:09, Jim Mattson wrote:
> "(offset & 0x3) == 1" seems like an obfuscated way of writing the
> predicate, is_mci_status_msr(msr). But other than that, this change
> looks fine to me.
>
> I'm a little more concerned about the code above. At the very least,
> it needs to let the host set an arbitrary value for save/restore to
> work.

Why? The guest cannot have written anything but the three allowed
values, userspace cannot write anything else either outside save/restore
without KVM_SET_MSR failing, and KVM itself (specifically
kvm_vcpu_ioctl_x86_setup_mce) only ever initializes IA32_MCi_CTL to all
ones. So save will only ever find those three values, and restore's
KVM_SET_MSR restore should never fail either.

Thanks,

Paolo

> Reviewed-by: Jim Mattson <jmattson@xxxxxxxxxx>

Next message: Konrad Rzeszutek Wilk: "Re: [PATCH v3 2/3] KVM: nVMX: Validate the IA32_BNDCFGS on nested VM-entry"
Previous message: Adam Thomson: "RE: [RFC PATCH 2/7] typec: tcpm: Add ADO header for Alert message handling"
Next in thread: Jim Mattson: "Re: [PATCH v2] KVM: X86: #GP when guest attempts to write MCi_STATUS register w/o 0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]