Re: [PATCH v19 059/130] KVM: x86/tdp_mmu: Don't zap private pages for unsupported cases

[Xiaoyao Li]

On 3/28/2024 9:06 AM, Edgecombe, Rick P wrote:
> On Thu, 2024-03-28 at 08:58 +0800, Xiaoyao Li wrote:
> > > How so? Userspace needs to learn to create a TD first.
> >
> > The current ABI of KVM_EXIT_X86_RDMSR/WRMSR is that userspace itself
> > sets up MSR fitler at first, then it will get such EXIT_REASON when
> > guest accesses the MSRs being filtered.
> >
> > If you want to use this EXIT reason, then you need to enforce userspace
> > setting up the MSR filter. How to enforce?
>
> I think Isaku's proposal was to let userspace configure it.
>
> For the sake of conversation, what if we don't enforce it? The downside of not enforcing it is that
> we then need to worry about code paths in KVM the MTRRs would call. But what goes wrong
> functionally? If userspace doesn't fully setup a TD things can go wrong for the TD.
>
> A plus side of using the MSR filter stuff is it reuses existing functionality.
>
> >   If not enforce, but exit with
> > KVM_EXIT_X86_RDMSR/WRMSR no matter usersapce sets up MSR filter or not.
> > Then you are trying to introduce divergent behavior in KVM.
>
> The current ABI of KVM_EXIT_X86_RDMSR when TDs are created is nothing. So I don't see how this is
> any kind of ABI break. If you agree we shouldn't try to support MTRRs, do you have a different exit
> reason or behavior in mind?

Just return error on TDVMCALL of RDMSR/WRMSR on TD's access of MTRR MSRs.