On 19.01.2022 17:53, Andrew Cooper wrote:
> On 19/01/2022 13:50, Jan Beulich wrote:
>> On 17.01.2022 20:25, Andrew Cooper wrote:
>>> @@ -323,10 +324,9 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t
>>> *val)
>>> break;
>>>
>>> case MSR_IA32_BNDCFGS:
>>> - if ( !cp->feat.mpx || !is_hvm_domain(d) ||
>>> - !hvm_get_guest_bndcfgs(v, val) )
>>> + if ( !cp->feat.mpx ) /* Implies Intel HVM only */
>> Wouldn't it make sense to accompany this comment by ...
>>
>>> goto gp_fault;
>>> - break;
>> ASSERT(is_hvm_domain(d));
>>
>> (and then the same on the "set" path)?
>
> So this is the reason for the default logic in the {get,set}_reg()
> path. The absence of MSR_BNDCFGS in the PV and SVM paths will cause the
> VM to be crashed cleanly. If you're on a VMX on a non-MPX capable
> system, the VMREAD/VMWRITE will hit a BUG (which in due course I want to
> downgrade to a domain crash).
>
> It's a bit more friendly than an ASSERT() (doesn't take the system
> down), is present in release builds too, and more precise as it excludes
> SVM too.
I see, makes sense.
Jan
