Received: by 10.223.185.116 with SMTP id b49csp3679253wrg; Mon, 26 Feb 2018 04:17:54 -0800 (PST) X-Google-Smtp-Source: AG47ELv5Yjj2YQeH8fhnpvmd7UYQ9Yh+6J6zjjHxX0+xGyRWxA3vqVY4EaGL482Dr2QnvuHd0V9V X-Received: by 10.98.59.218 with SMTP id w87mr3471713pfj.37.1519647474723; Mon, 26 Feb 2018 04:17:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519647474; cv=none; d=google.com; s=arc-20160816; b=X7QMsCFfwkb243zA7qQboWKGMxbTrQJiM2B04o1NWKLb51M0ODN7HhP/g0SyfOdl94 Dcq8MqtBqvTC0DAOrxUpTd+qJkVP8X2fFEaS4vf0vGjg200yeCMI5kWcsYnVip10rjpQ 4+Ua5j8dCLyyTruVPPco/1maG3ygnBnug9LCHIVk3d4OWjRR8CndM2Y5yi9gWzZTDpYR AAtGzeyMGe8ASszqLbdz6ex2Z/SsWzpTAEUgVJPA5v+C73QNgzoT6QFWNV0Eo8OCoJOp AH7mI057PhxlLVbP4zQD7Ihi1dinQuf0wFHmUgWVeAnZB7qxKjLTuHTOZfIU4fh1uCNH sUpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=jZvho62Cm4zR2qfvfj+eQSVPY+A6Fg65l3fWMd3ty/8=; b=pJ1FxyXdeWm8IkqwVCnayyf7REDvhSLo4o7l2uXd0lbWu1KGxa3PBJ/MVCogDjKTlW ZeJot2IoAcZYKy26IUtLQXI9U2C2heQ+oy6MyS7DeEAsF/cWCYo0uwtAoIqsUPt4so/t RFFz7HqO7CvIby9xO8Iy6dMWq4cB4VJHJWK7dX7X+uFZtZROcGM7A4MfJge7/kEOLY4k qd8WymWBPk1Q0Lw4fFpHhsYB25BlNPR7QzL+E1LSLKtchlKYOlRyCfCo6S7XQlsVIxkh eDQjW0qk4odclOmBKIFS3LOpxi+u+zkJxnQwXQ8MrNT41UttxNpoeV19U/vA6KqVZdgu djOg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t11-v6si6684427plz.214.2018.02.26.04.17.40; Mon, 26 Feb 2018 04:17:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752826AbeBZMRA (ORCPT + 99 others); Mon, 26 Feb 2018 07:17:00 -0500 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:34634 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752353AbeBZMQ6 (ORCPT ); Mon, 26 Feb 2018 07:16:58 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 525AD402242D; Mon, 26 Feb 2018 12:16:58 +0000 (UTC) Received: from [10.36.117.126] (ovpn-117-126.ams2.redhat.com [10.36.117.126]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5FCC110FFE73; Mon, 26 Feb 2018 12:16:57 +0000 (UTC) Subject: Re: [PATCH] KVM: X86: Allow userspace to define the microcode version To: Borislav Petkov Cc: Wanpeng Li , LKML , kvm , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= References: <20180226094148.GA15539@pd.tnic> <20180226104921.GA4377@pd.tnic> <20180226111630.GB4377@pd.tnic> <20180226113000.GC4377@pd.tnic> <20180226114409.GD4377@pd.tnic> <46cecef2-b0fb-b0c2-bbf3-983328d52763@redhat.com> <20180226121509.GE4377@pd.tnic> From: Paolo Bonzini Message-ID: <24cd527d-5287-f0be-ffe8-eab341bf1d94@redhat.com> Date: Mon, 26 Feb 2018 13:16:56 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <20180226121509.GE4377@pd.tnic> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Mon, 26 Feb 2018 12:16:58 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Mon, 26 Feb 2018 12:16:58 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'pbonzini@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 26/02/2018 13:15, Borislav Petkov wrote: > On Mon, Feb 26, 2018 at 12:54:52PM +0100, Paolo Bonzini wrote: >> I don't understand how one thing follows from the other. How are writes >> to 0x8B related to having a virtualized microcode loaded (which is a >> concept that actually makes no sense at all)? > > I'm questioning the whole idea. 0x8b is the MSR which gives you the > microcode revision. Most CPUs don't even allow writing to it, AFAICT. > (SDM says "may prevent writing" on VM transitions.) > > So how is that host-initiated write to 0x8b is even going to work, in > reality? kvm module writes the microcode version in there? How does the > admin work around that? In this context, "host-initiated" write means written by KVM userspace with ioctl(KVM_SET_MSR). It generally happens only on VM startup, reset or live migration. Thanks, Paolo >> It has already been fixed for a few months, and fixing it is indeed the >> right thing to do independent of this patch. > > Yap. >