Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN

From: Vitaly Kuznetsov
Date: Fri Jan 14 2022 - 07:25:18 EST

Next message: Petr Mladek: "Re: [PATCH V2] panic: Move panic_print before kmsg dumpers"
Previous message: Martin Fernandez: "Re: [PATCH v5 1/5] mm/memblock: Tag memblocks with crypto capabilities"
In reply to: Igor Mammedov: "Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN"
Next in thread: Sean Christopherson: "Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Igor Mammedov <imammedo@xxxxxxxxxx> writes:

> On Fri, 14 Jan 2022 10:31:50 +0100
> Vitaly Kuznetsov <vkuznets@xxxxxxxxxx> wrote:
>
>> Igor Mammedov <imammedo@xxxxxxxxxx> writes:
>>
>>
>> > However, a problem of failing KVM_SET_CPUID2 during VCPU re-plug
>> > is still there and re-plug will fail if KVM rejects repeated KVM_SET_CPUID2
>> > even if ioctl called with exactly the same CPUID leafs as the 1st call.
>> >
>>
>> Assuming APIC id change doesn not need to be supported, I can send v2
>> here with an empty allowlist.
> As you mentioned in another thread black list would be better
> to address Sean's concerns or just revert problematic commit.
>

Personally, I'm leaning towards the blocklist approach even if just for
'documenting' the fact that KVM doesn't correctly handle the
change. Compared to a comment in the code, such approach could help
someone save tons of debugging time (if anyone ever decides do something
weird, like changing MAXPHYADDR on the fly).

--
Vitaly

Next message: Petr Mladek: "Re: [PATCH V2] panic: Move panic_print before kmsg dumpers"
Previous message: Martin Fernandez: "Re: [PATCH v5 1/5] mm/memblock: Tag memblocks with crypto capabilities"
In reply to: Igor Mammedov: "Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN"
Next in thread: Sean Christopherson: "Re: [PATCH 2/2] KVM: x86: Forbid KVM_SET_CPUID{,2} after KVM_RUN"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]