Re: [PATCH v5 04/19] KVM:x86: Refresh CPUID on write to guest MSR_IA32_XSS

From: Paolo Bonzini
Date: Mon Aug 07 2023 - 02:56:05 EST

On 8/4/23 20:27, Sean Christopherson wrote:
I think my preference is to enforce guest CPUID for host accesses to XSS, XFD, XFD_ERR, etc I'm pretty sure I've advocated for the exact opposite in the past, i.e. argued that KVM's ABI is to not enforce ordering between KVM_SET_CPUID2 and KVM_SET_MSR. But this is becoming
untenable, juggling the dependencies in KVM is complex and is going
to result in a nasty bug at some point.

Fortunately, you are right now. Well, almost :) but the important part is that indeed the dependencies are too complex.

While host-side accesses must be allowed, they should only allow the default value if the CPUID bit is not set.