From: Aaron Lewis <aaronlewis@google.com>
To: Alexander Graf <graf@amazon.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Jonathan Corbet <corbet@lwn.net>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
KarimAllah Raslan <karahmed@amazon.de>,
Dan Carpenter <dan.carpenter@oracle.com>,
kvm list <kvm@vger.kernel.org>,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v6 1/7] KVM: x86: Deflect unknown MSR accesses to user space
Date: Thu, 17 Sep 2020 12:38:36 -0700 [thread overview]
Message-ID: <CAAAPnDFxR8yeB0sq4ZMRoZRO4QycZsBiKzaShGwMWE_0RM6Aow@mail.gmail.com> (raw)
In-Reply-To: <186ccace-2fad-3db3-0848-cd272b1a64ba@amazon.com>
> >> +The "reason" field specifies why the MSR trap occurred. User space will only
> >> +receive MSR exit traps when a particular reason was requested during through
> >> +ENABLE_CAP. Currently valid exit reasons are:
> >> +
> >> + KVM_MSR_EXIT_REASON_INVAL - access to invalid MSRs or reserved bits
> >
> >
> > Can we also have ENOENT?
> > KVM_MSR_EXIT_REASON_ENOENT - Unknown MSR
>
> I tried to add that at first, but it gets tricky really fast. Why should
> user space have a vested interest in differentiating between "MSR is not
> implemented" and "MSR is guarded by a CPUID flag and thus not handled"
> or "MSR is guarded by a CAP"?
>
> The more details we reveal, the more likely we're to break ABI
> compatibility.
>
I don't suspect we will ever have a stable ABI here, whether we split
the two error values or not. But there could be value in it.
Consider an MSR that raises #GP if any bit in the high dword is set.
KVM version 0 knows nothing about this MSR, but KVM version 1
implements it properly. Assuming ignore_msrs=0 and error codes:
EINVAL (invalid argument, should raise a #GP) and ENOTSUP (seems like
a better name than ENOENT, Unknown MSR).
With Just EINVAL: KVM version 0 will always exit to userspace if
EINVAL is requested (it needs help). KVM version 1 will exit to
userspace only for illegal accesses if EINVAL is requested (but it
doesn't really need help).
With EINVAL and ENOTSUP: KVM version 0 will always exit to userspace
if ENOTSUP is requested (it needs help). KVM version 1 will not exit
to userspace if ENOTSUP is requested.
If you want to implement ignore_msrs in userspace it seems much easier
with the second approach, and I think all you'd have to do is return
-ENOTSUP from kvm_msr_ignored_check() instead of returning 1.
next prev parent reply other threads:[~2020-09-17 20:08 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-02 12:59 [PATCH v6 0/7] Allow user space to restrict and augment MSR emulation Alexander Graf
2020-09-02 12:59 ` [PATCH v6 1/7] KVM: x86: Deflect unknown MSR accesses to user space Alexander Graf
2020-09-03 19:27 ` Aaron Lewis
2020-09-16 9:31 ` Alexander Graf
2020-09-16 17:08 ` Sean Christopherson
2020-09-16 19:15 ` Alexander Graf
2020-09-17 19:38 ` Aaron Lewis [this message]
2020-09-02 12:59 ` [PATCH v6 2/7] KVM: x86: Add infrastructure for MSR filtering Alexander Graf
2020-09-02 12:59 ` [PATCH v6 3/7] KVM: x86: Prepare MSR bitmaps for userspace tracked MSRs Alexander Graf
2020-09-02 12:59 ` [PATCH v6 4/7] KVM: x86: SVM: Prevent MSR passthrough when MSR access is denied Alexander Graf
2020-09-02 12:59 ` [PATCH v6 5/7] KVM: x86: VMX: " Alexander Graf
2020-09-04 2:18 ` Aaron Lewis
2020-09-16 19:44 ` Alexander Graf
2020-09-16 20:13 ` Aaron Lewis
2020-09-16 20:36 ` Alexander Graf
2020-09-02 12:59 ` [PATCH v6 6/7] KVM: x86: Introduce MSR filtering Alexander Graf
2020-09-02 12:59 ` [PATCH v6 7/7] KVM: selftests: Add test for user space MSR handling Alexander Graf
2020-09-03 19:31 ` Aaron Lewis
-- strict thread matches above, loose matches on Subject: below --
2020-09-01 20:15 [PATCH v6 0/7] Allow user space to restrict and augment MSR emulation Alexander Graf
2020-09-01 20:15 ` [PATCH v6 1/7] KVM: x86: Deflect unknown MSR accesses to user space Alexander Graf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAAAPnDFxR8yeB0sq4ZMRoZRO4QycZsBiKzaShGwMWE_0RM6Aow@mail.gmail.com \
--to=aaronlewis@google.com \
--cc=corbet@lwn.net \
--cc=dan.carpenter@oracle.com \
--cc=graf@amazon.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=karahmed@amazon.de \
--cc=kvm@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).