On 26/02/2018 13:15, Borislav Petkov wrote: > On Mon, Feb 26, 2018 at 12:54:52PM +0100, Paolo Bonzini wrote: >> I don't understand how one thing follows from the other. How are writes >> to 0x8B related to having a virtualized microcode loaded (which is a >> concept that actually makes no sense at all)? > > I'm questioning the whole idea. 0x8b is the MSR which gives you the > microcode revision. Most CPUs don't even allow writing to it, AFAICT. > (SDM says "may prevent writing" on VM transitions.) > > So how is that host-initiated write to 0x8b is even going to work, in > reality? kvm module writes the microcode version in there? How does the > admin work around that?
In this context, "host-initiated" write means written by KVM userspace with ioctl(KVM_SET_MSR). It generally happens only on VM startup, reset or live migration. Thanks, Paolo >> It has already been fixed for a few months, and fixing it is indeed the >> right thing to do independent of this patch. > > Yap. >
