On Sun, Feb 24, 2013 at 9:15 PM, Jan Kiszka <[email protected]> wrote: >> >> They all need consistency checks, otherwise userspace or the guest and >> inject inconsistent values and perhaps exploit the host. > > To my understanding, the hardware does this for us: If we try to enter > the guest (L1, L2) with invalid CRx bits set or cleared, we get an > error, at least on Intel. But I bet AMD does so as well - and, if not, > it would make this test specific again.
The point is that kvm code may depend on this consistency, so we fail before that hardware has made the check. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
