Re: [PATCH v4 08/16] KVM: x86/pmu: Add IA32_DS_AREA MSR emulation to manage guest DS buffer

From: Peter Zijlstra
Date: Wed Apr 07 2021 - 11:40:12 EST

Next message: Ian Rogers: "[PATCH] perf arm-spe: Avoid potential buffer overrun."
Previous message: Rajneesh Bhardwaj: "Re: [PATCH 5/9] platform/x86: intel_pmc_core: Get LPM requirements for Tiger Lake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 29, 2021 at 01:41:29PM +0800, Like Xu wrote:
> @@ -3869,10 +3876,12 @@ static struct perf_guest_switch_msr *intel_guest_get_msrs(int *nr, void *data)
>
> if (arr[1].guest)
> arr[0].guest |= arr[1].guest;
> - else
> + else {
> arr[1].guest = arr[1].host;
> + arr[2].guest = arr[2].host;
> + }

What's all this gibberish?

The way I read that it says:

if guest has PEBS_ENABLED
guest GLOBAL_CTRL |= PEBS_ENABLED
otherwise
guest PEBS_ENABLED = host PEBS_ENABLED
guest DS_AREA = host DS_AREA

which is just completely random garbage afaict. Why would you leak host
msrs into the guest? Why would you change guest GLOBAL_CTRL implicitly;
guest had better wrmsr that himself to control when stuff is enabled.

This just cannot be right.

Next message: Ian Rogers: "[PATCH] perf arm-spe: Avoid potential buffer overrun."
Previous message: Rajneesh Bhardwaj: "Re: [PATCH 5/9] platform/x86: intel_pmc_core: Get LPM requirements for Tiger Lake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]