From: Sean Christopherson seanjc@google.com Sent: Wednesday, December 29, 2021 7:39 AM
On Wed, Dec 22, 2021, Jing Liu wrote:
Guest xstate permissions should be set by userspace VMM before vcpu creation. Extend KVM_SET_CPUID2 to verify that every feature reported in CPUID[0xD] has proper permission set.
Why? Nothing in the changelog, code, or comments explains why KVM _needs_ to prevent userspace from advertising bogus features to the guest. E.g. the virtual address width check exists because _KVM_ will do the wrong thing given a width other than 48 or 57, and explicity says as much in a comment.
Advertising a known bogus feature due to lacking of permission does no good compared to failing it early even before the guest is running. This also avoids tons of complexity at run-time to deal with permission violation (e.g. introducing new kvm exit reason if you tracked the v2 discussion).
But yes, we should add a clear comment here.
Thanks Kevin