Re: [PATCH] SVM: forbid guest to execute monitor/mwait

[Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>]

Joerg Roedel wrote:
> On Thu, Mar 22, 2007 at 09:38:12AM +0200, Avi Kivity wrote:
>   
>> Joerg Roedel wrote:
>>     
>>> From: Joerg Roedel <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
>>>
>>> This patch forbids the guest to execute monitor/mwait instructions on
>>> SVM. This is necessary because the guest can execute these instructions
>>> if they are available even if the kvm cpuid doesn't report its
>>> existence.
>>>
>>>  
>>>       
>> You're intercepting the instructions unconditionally.  What about the case where cpuid does 
>> report monitor/mwait support?  The guest can legitimately use them then.
>>     
>
> I prepared a patch for QEmu to handle this but finally not
> submitted it because QEmu does not set the Monitor bit anyway. But you
> are right. It is possible for userspace to set the Montior bit and the
> guest won't be able to use it.
> I think an architecture dependent cpuid mask feature in the kernel would
> solve this problem. I'll prepare a patch for that.
>
>   

I think I'm misunderstanding something.

Is there actually an AMD cpu that supports monitor/mwait?  If not 
(understandably, having no hyperthreading), then wouldn't executing 
monitor or mwait generate #UD anyway?  I don't think there's need for 
the cpuid mask as long as setting the monitor bit cannot endanger the 
kernel.



-- 
error compiling committee.c: too many arguments to function


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV