From mboxrd@z Thu Jan 1 00:00:00 1970 From: Sheng Yang Subject: Re: [PATCH] MSR related clean up Date: Wed, 24 Jun 2009 17:21:26 +0800 Message-ID: <200906241721.27265.sheng@linux.intel.com> References: Mime-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Content-Disposition: inline List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Keir Fraser Cc: "xen-devel@lists.xensource.com" , Eddie Dong List-Id: xen-devel@lists.xenproject.org On Wednesday 24 June 2009 17:03:56 Keir Fraser wrote: > On 24/06/2009 09:50, "Sheng Yang" wrote: > > On Thursday 18 June 2009 17:57:06 Sheng Yang wrote: > >> rdmsr_safe() is used to access MSR unknown to Xen, and is not safe... I > >> think it is legacy. > >> > >> Also let msr_write be parity with msr_read on MSR_IA32_MISC_ENABLE. > >> > >> CC: Eddie Dong > >> Signed-off-by: Sheng Yang > > > > Keir? > > Looks pretty dangerous to me. So I'm not sure. There are various MSRs that > are detected via CPU family/model (which we pass through) which would then > #GP on access. Also this doesn't change the AMD default. Overall, what we > have now does seem to work so I'm reluctant to mess with it. > Hi Keir What we suffered now is, there are some MSRs existed in CPU, but shouldn't be accessed by guest. And guest should expected a GP fault for accessing, but we return a real value, which is not desired at all. And in general, reading from unknown native MSR is dangerous, and also break host/guest isolation. I think we at least should control what we read from native. Maybe add more MSR handling is necessary. -- regards Yang, Sheng