• Alexander Graf's avatar
    KVM: x86: Introduce MSR filtering · 1a155254
    Alexander Graf authored
    It's not desireable to have all MSRs always handled by KVM kernel space. Some
    MSRs would be useful to handle in user space to either emulate behavior (like
    uCode updates) or differentiate whether they are valid based on the CPU model.
    
    To allow user space to specify which MSRs it wants to see handled by KVM,
    this patch introduces a new ioctl to push filter rules with bitmaps into
    KVM. Based on these bitmaps, KVM can then decide whether to reject MSR access.
    With the addition of KVM_CAP_X86_USER_SPACE_MSR it can also deflect the
    denied MSR events to user space to operate on.
    
    If no filter is populated, MSR handling stays identical to before.
    Signed-off-by: default avatarAlexander Graf <graf@amazon.com>
    
    Message-Id: <20200925143422.21718-8-graf@amazon.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    1a155254
kvm.h 10.2 KB