Re: [PATCH v4] KVM: X86: Allow userspace to define the microcode version
From: Paolo Bonzini
Date: Tue Feb 27 2018 - 05:22:42 EST
On 27/02/2018 10:26, Wanpeng Li wrote:
> 2018-02-27 16:38 GMT+08:00 Paolo Bonzini <pbonzini@xxxxxxxxxx>:
>> On 27/02/2018 03:35, Wanpeng Li wrote:
>>> From: Wanpeng Li <wanpengli@xxxxxxxxxxx>
>>>
>>> Linux (among the others) has checks to make sure that certain features
>>> aren't enabled on a certain family/model/stepping if the microcode version
>>> isn't greater than or equal to a known good version.
>>>
>>> By exposing the real microcode version, we're preventing buggy guests that
>>> don't check that they are running virtualized (i.e., they should trust the
>>> hypervisor) from disabling features that are effectively not buggy.
>>>
>>> Suggested-by: Filippo Sironi <sironi@xxxxxxxxx>
>>> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
>>> Cc: Radim KrÄmÃÅ <rkrcmar@xxxxxxxxxx>
>>> Cc: Liran Alon <liran.alon@xxxxxxxxxx>
>>> Cc: Nadav Amit <nadav.amit@xxxxxxxxx>
>>> Signed-off-by: Wanpeng Li <wanpengli@xxxxxxxxxxx>
>>> ---
>>> v3 -> v4:
>>> * add the shifts back
>>
>> Please wait for a review instead of pushing new versions continuously.
>> Leaving the shifts means that MSR_IA32_UCODE_REV's bits 0-31 are zeroed
>> even if KVM_SET_MSRS makes them nonzero.
>
> How about something like this?
Yes, that's okay.
Paolo