linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Aaron Lewis <aaronlewis@google.com>
To: Alexander Graf <graf@amazon.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Sean Christopherson <sean.j.christopherson@intel.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
	KarimAllah Raslan <karahmed@amazon.de>,
	Dan Carpenter <dan.carpenter@oracle.com>,
	kvm list <kvm@vger.kernel.org>,
	linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v6 1/7] KVM: x86: Deflect unknown MSR accesses to user space
Date: Thu, 17 Sep 2020 12:38:36 -0700	[thread overview]
Message-ID: <CAAAPnDFxR8yeB0sq4ZMRoZRO4QycZsBiKzaShGwMWE_0RM6Aow@mail.gmail.com> (raw)
In-Reply-To: <186ccace-2fad-3db3-0848-cd272b1a64ba@amazon.com>

> >> +The "reason" field specifies why the MSR trap occurred. User space will only
> >> +receive MSR exit traps when a particular reason was requested during through
> >> +ENABLE_CAP. Currently valid exit reasons are:
> >> +
> >> +       KVM_MSR_EXIT_REASON_INVAL - access to invalid MSRs or reserved bits
> >
> >
> > Can we also have ENOENT?
> >          KVM_MSR_EXIT_REASON_ENOENT - Unknown MSR
>
> I tried to add that at first, but it gets tricky really fast. Why should
> user space have a vested interest in differentiating between "MSR is not
> implemented" and "MSR is guarded by a CPUID flag and thus not handled"
> or "MSR is guarded by a CAP"?
>
> The more details we reveal, the more likely we're to break ABI
> compatibility.
>

I don't suspect we will ever have a stable ABI here, whether we split
the two error values or not.  But there could be value in it.
Consider an MSR that raises #GP if any bit in the high dword is set.
KVM version 0 knows nothing about this MSR, but KVM version 1
implements it properly.  Assuming ignore_msrs=0 and error codes:
EINVAL (invalid argument, should raise a #GP) and ENOTSUP (seems like
a better name than ENOENT, Unknown MSR).

With Just EINVAL: KVM version 0 will always exit to userspace if
EINVAL is requested (it needs help). KVM version 1 will exit to
userspace only for illegal accesses if EINVAL is requested (but it
doesn't really need help).
With EINVAL and ENOTSUP: KVM version 0 will always exit to userspace
if ENOTSUP is requested (it needs help). KVM version 1 will not exit
to userspace if ENOTSUP is requested.

If you want to implement ignore_msrs in userspace it seems much easier
with the second approach, and I think all you'd have to do is return
-ENOTSUP from kvm_msr_ignored_check() instead of returning 1.

  parent reply	other threads:[~2020-09-17 20:08 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-09-02 12:59 [PATCH v6 0/7] Allow user space to restrict and augment MSR emulation Alexander Graf
2020-09-02 12:59 ` [PATCH v6 1/7] KVM: x86: Deflect unknown MSR accesses to user space Alexander Graf
2020-09-03 19:27   ` Aaron Lewis
2020-09-16  9:31     ` Alexander Graf
2020-09-16 17:08       ` Sean Christopherson
2020-09-16 19:15         ` Alexander Graf
2020-09-17 19:38       ` Aaron Lewis [this message]
2020-09-02 12:59 ` [PATCH v6 2/7] KVM: x86: Add infrastructure for MSR filtering Alexander Graf
2020-09-02 12:59 ` [PATCH v6 3/7] KVM: x86: Prepare MSR bitmaps for userspace tracked MSRs Alexander Graf
2020-09-02 12:59 ` [PATCH v6 4/7] KVM: x86: SVM: Prevent MSR passthrough when MSR access is denied Alexander Graf
2020-09-02 12:59 ` [PATCH v6 5/7] KVM: x86: VMX: " Alexander Graf
2020-09-04  2:18   ` Aaron Lewis
2020-09-16 19:44     ` Alexander Graf
2020-09-16 20:13       ` Aaron Lewis
2020-09-16 20:36         ` Alexander Graf
2020-09-02 12:59 ` [PATCH v6 6/7] KVM: x86: Introduce MSR filtering Alexander Graf
2020-09-02 12:59 ` [PATCH v6 7/7] KVM: selftests: Add test for user space MSR handling Alexander Graf
2020-09-03 19:31   ` Aaron Lewis
  -- strict thread matches above, loose matches on Subject: below --
2020-09-01 20:15 [PATCH v6 0/7] Allow user space to restrict and augment MSR emulation Alexander Graf
2020-09-01 20:15 ` [PATCH v6 1/7] KVM: x86: Deflect unknown MSR accesses to user space Alexander Graf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAAAPnDFxR8yeB0sq4ZMRoZRO4QycZsBiKzaShGwMWE_0RM6Aow@mail.gmail.com \
    --to=aaronlewis@google.com \
    --cc=corbet@lwn.net \
    --cc=dan.carpenter@oracle.com \
    --cc=graf@amazon.com \
    --cc=jmattson@google.com \
    --cc=joro@8bytes.org \
    --cc=karahmed@amazon.de \
    --cc=kvm@vger.kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=sean.j.christopherson@intel.com \
    --cc=vkuznets@redhat.com \
    --cc=wanpengli@tencent.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).