From: Sean Christopherson <seanjc@google.com>
To: Tyler Stachecki <stachecki.tyler@gmail.com>
Cc: Leonardo Bras <leobras@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
Shuah Khan <shuah@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
linux-kselftest@vger.kernel.org, llvm@lists.linux.dev
Subject: Re: [PATCH 0/5] KVM: x86: Fix breakage in KVM_SET_XSAVE's ABI
Date: Wed, 4 Oct 2023 09:54:55 -0700 [thread overview]
Message-ID: <ZR2Y34hFpLmCYsUr@google.com> (raw)
In-Reply-To: <ZR2EyUULbRpXW8wK@luigi.stachecki.net>
On Wed, Oct 04, 2023, Tyler Stachecki wrote:
> On Wed, Oct 04, 2023 at 07:51:17AM -0700, Sean Christopherson wrote:
> > It's not about removing features. The change you're asking for is to have KVM
> > *silently* drop data. Aside from the fact that such a change would break KVM's
> > ABI, silently ignoring data that userspace has explicitly requested be loaded for
> > a vCPU is incredibly dangerous.
>
> Sorry if it came off that way
No need to apologise, you got bit by a nasty kernel bug and are trying to find a
solution. There's nothing wrong with that.
> I fully understand and am resigned to the "you
> break it, you keep both halves" nature of what I had initially proposed and
> that it is not a generally tractable solution.
Yeah, the crux of the matter is that we have no control or even knowledge of who
all is using KVM, with what userspace VMM, on what hardware, etc. E.g. if this
bug were affecting our fleet and for some reason we couldn't address the problem
in userspace, carrying a hack in KVM in our internal kernel would probably be a
viable option because we can do a proper risk assessment. E.g. we know and control
exactly what userspace we're running, the underlying hardware in affected pools,
what features are exposed to the guest, etc. And we could revert the hack once
all affected VMs had been sanitized.
next prev parent reply other threads:[~2023-10-04 16:55 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-28 0:19 [PATCH 0/5] KVM: x86: Fix breakage in KVM_SET_XSAVE's ABI Sean Christopherson
2023-09-28 0:19 ` [PATCH 1/5] x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer Sean Christopherson
2023-09-28 0:19 ` [PATCH 2/5] KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} Sean Christopherson
2023-09-28 14:09 ` Dave Hansen
2023-09-28 0:19 ` [PATCH 3/5] KVM: selftests: Touch relevant XSAVE state in guest for state test Sean Christopherson
2023-09-28 0:19 ` [PATCH 4/5] KVM: selftests: Load XSAVE state into untouched vCPU during " Sean Christopherson
2023-09-28 0:19 ` [PATCH 5/5] KVM: selftests: Force load all supported XSAVE state in " Sean Christopherson
2023-10-04 7:11 ` [PATCH 0/5] KVM: x86: Fix breakage in KVM_SET_XSAVE's ABI Leonardo Bras
2023-10-04 12:21 ` Tyler Stachecki
2023-10-04 14:51 ` Sean Christopherson
2023-10-04 15:29 ` Tyler Stachecki
2023-10-04 16:54 ` Sean Christopherson [this message]
2023-10-05 1:29 ` Sean Christopherson
2023-10-12 14:45 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZR2Y34hFpLmCYsUr@google.com \
--to=seanjc@google.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=leobras@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=mingo@redhat.com \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=pbonzini@redhat.com \
--cc=shuah@kernel.org \
--cc=stachecki.tyler@gmail.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox