From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
Subject: Re: [PATCH] SVM: forbid guest to execute monitor/mwait
Date: Thu, 22 Mar 2007 12:06:32 +0200
Message-ID: <46025528.5010707@qumranet.com>
References: <20070321184700.GA20139@amd.com> <46023264.4010105@qumranet.com>
	<20070322095605.GB20139@amd.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
To: Joerg Roedel <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
Return-path: <kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
In-Reply-To: <20070322095605.GB20139-5C7GfCeVMHo@public.gmane.org>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/kvm-devel>,
	<mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum=kvm-devel>
List-Post: <mailto:kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>
List-Help: <mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/kvm-devel>,
	<mailto:kvm-devel-request-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org?subject=subscribe>
Sender: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Errors-To: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
List-Id: kvm.vger.kernel.org

Joerg Roedel wrote:
> On Thu, Mar 22, 2007 at 09:38:12AM +0200, Avi Kivity wrote:
>   
>> Joerg Roedel wrote:
>>     
>>> From: Joerg Roedel <joerg.roedel-5C7GfCeVMHo@public.gmane.org>
>>>
>>> This patch forbids the guest to execute monitor/mwait instructions on
>>> SVM. This is necessary because the guest can execute these instructions
>>> if they are available even if the kvm cpuid doesn't report its
>>> existence.
>>>
>>>  
>>>       
>> You're intercepting the instructions unconditionally.  What about the case where cpuid does 
>> report monitor/mwait support?  The guest can legitimately use them then.
>>     
>
> I prepared a patch for QEmu to handle this but finally not
> submitted it because QEmu does not set the Monitor bit anyway. But you
> are right. It is possible for userspace to set the Montior bit and the
> guest won't be able to use it.
> I think an architecture dependent cpuid mask feature in the kernel would
> solve this problem. I'll prepare a patch for that.
>
>   

I think I'm misunderstanding something.

Is there actually an AMD cpu that supports monitor/mwait?  If not 
(understandably, having no hyperthreading), then wouldn't executing 
monitor or mwait generate #UD anyway?  I don't think there's need for 
the cpuid mask as long as setting the monitor bit cannot endanger the 
kernel.



-- 
error compiling committee.c: too many arguments to function


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV