* Andy Lutomirski <l...@kernel.org> wrote:
> Setting CONFIG_PARAVIRT=y has an unintended side effect: it silently
> turns all rdmsr and wrmsr operations into the safe variants without
> any checks that the operations actually succeed.
>
> This is IMO awful: it papers over bugs. In particular, KVM gueests
> might be unwittingly depending on this behavior because
> CONFIG_KVM_GUEST currently depends on CONFIG_PARAVIRT. I'm not
> aware of any such problems, but applying this series would be a good
> way to shake them out.
>
> Fix it so that the MSR operations work the same on CONFIG_PARAVIRT=n
> and CONFIG_PARAVIRT=y as long as Xen isn't being used. The Xen
> maintainers are welcome to make a similar change on top of this.
>
> Since there's plenty of time before the next merge window, I think
> we should apply and fix anything that breaks.
No, I think we should at most generate a warning instead, and not crash the
kernel
via rdmsr()!
Most big distro kernels on bare metal have CONFIG_PARAVIRT=y (I checked Ubuntu
and
Fedora), so we are potentially exposing a lot of users to problems.
Crashing the bootup on an unknown MSR is bad. Many MSR reads and writes are
non-critical and returning the 'safe' result is much better than crashing or
hanging the bootup.
( We should double check that rdmsr()/wrmsr() results are never left
uninitialized, but are set to zero or so, for cases where the return code is
not
checked. )
Thanks,
Ingo
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
