Re: [PATCH] KVM: nVMX: Don't expose TSC scaling to L1 when on Hyper-V
From: Anirudh Rayabharam
Date: Tue Jun 14 2022 - 11:15:17 EST
On Tue, Jun 14, 2022 at 02:16:00PM +0200, Paolo Bonzini wrote:
> On 6/14/22 06:55, Anirudh Rayabharam wrote:
> > > That said, I think a better implementation of this patch is to just add
> > > a version of evmcs_sanitize_exec_ctrls that takes a struct
> > > nested_vmx_msrs *, and call it at the end of nested_vmx_setup_ctl_msrs like
> > >
> > > evmcs_sanitize_nested_vmx_vsrs(msrs);
> > Sanitize at the end might not work because I see some cases in
> > nested_vmx_setup_ctls_msrs() where we want to expose some things to L1
> > even though the hardware doesn't support it.
> >
>
> Yes, but these will never include eVMCS-unsupported features.
How are you so sure?
For example, SECONDARY_EXEC_SHADOW_VMCS is unsupported in eVMCS but in
nested_vmx_setup_ctls_msrs() we do:
6675 /*
6676 * We can emulate "VMCS shadowing," even if the hardware
6677 * doesn't support it.
6678 */
6679 msrs->secondary_ctls_high |=
6680 SECONDARY_EXEC_SHADOW_VMCS;
If we sanitize this out it might cause some regression right?
Thanks!
Anirudh.
>
> Paolo