On Mon, Jun 02, 2025 at 04:41:35PM -0700, Sean Christopherson wrote: > > Regarding validating this, if VERW is executed at VMenter, mitigation was > > found to be effective. This is similar to other bugs like MDS. I am not a > > virtualization expert, but I will try to validate whatever I can. > > If you can re-verify the mitigation works for VFIO devices, that's more than > good enough for me. The bar at this point is to not regress the existing mitigation, > anything beyond that is gravy. Ok sure. I'll verify that VERW is getting executed for VFIO devices. > I've verified the KVM mechanics of tracing MMIO mappings fairly well (famous last > words), the only thing I haven't sanity checked is that the existing coverage for > VFIO devices is maintained.
