On 05.02.21 14:00, Jan Beulich wrote:
On 05.02.2021 11:56, Jürgen Groß wrote:As we need to consider backports of processor bug mitigations in old guests, too, I think we need to have a "catch-all" fallback.Not being able to run an old updated guest until we add handling for a new MSR isn't a viable option IMO.I'm not sure I follow you here: Such backports should still make use of the respective CPUID bits, and hence shouldn't contain "blind" MSR accesses. And if there's really something needing to probe an MSR, then I'd expect such a backport to make sure the probing actually works in a prereq (presumably) backport.
We know that Linux partially relies on blind MSR accesses to be tolerated on bare metal. With this and older Xen versions having worked by _not_ faulting when the guest accesses illegal MSRs it is not that unlikely that some guests will suddenly fail to boot. Especially when backporting processor bug mitigations I could envision not all distros will thoroughly test the kernel to still run as PV guest on newest Xen. Juergen
OpenPGP_0xB0DE9DD628BF132F.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
