|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 0/9] xen/amd: Support for guest MSR_VIRT_SPEC_CTRL support
>>> On 04.12.18 at 12:26, <andrew.cooper3@xxxxxxxxxx> wrote: > On 04/12/2018 09:45, Jan Beulich wrote: >> Nor can I see how hiding these MSRs from guests would improve >> the situation in this regard: Guests may still draw unwanted >> conclusions from not being able to read these MSRs, or reading >> all zeros. > > I can't help but feel that the observations you've made answer the > question very succinctly. > > Of course we can't prevent the guest drawing conclusions from the > absense/presence of the information. What we can (and must) ensure is > that the information that is available (i.e. a #GP fault) does not have > any details which are specific to the processor that the VM happened to > boot on. But that's the issue: Even #GP on such an MSR access convey information. An OS may legitimately assume - no #GP based on the family/model/stepping values - old hardware if #GP is observed upon reading (which in turn may mean it works in a sub-optimal way) - brokenness if no #GP but an all zero value, but if the BKGD documents certain bits to be set (perhaps by the BIOS) - whatever else What I'm trying to express is: We simply can't get this right unless we _fully_ emulate family/model/stepping specific behavior (according to the values seen by the guest), with or without migration. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |