[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4a27b660-ac03-4ab5-bf2e-cdddb0147bdb@intel.com>
Date: Wed, 17 Jan 2024 14:16:05 +0800
From: "Yang, Weijiang" <weijiang.yang@...el.com>
To: Yuan Yao <yuan.yao@...ux.intel.com>
CC: "seanjc@...gle.com" <seanjc@...gle.com>, "pbonzini@...hat.com"
<pbonzini@...hat.com>, "Hansen, Dave" <dave.hansen@...el.com>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>, "linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>, "peterz@...radead.org"
<peterz@...radead.org>, "Gao, Chao" <chao.gao@...el.com>, "Edgecombe, Rick P"
<rick.p.edgecombe@...el.com>, "mlevitsk@...hat.com" <mlevitsk@...hat.com>,
"john.allen@....com" <john.allen@....com>
Subject: Re: [PATCH v8 22/26] KVM: VMX: Set up interception for CET MSRs
On 1/17/2024 1:31 PM, Yuan Yao wrote:
> On Wed, Jan 17, 2024 at 09:58:40AM +0800, Yang, Weijiang wrote:
>> On 1/17/2024 9:41 AM, Yang, Weijiang wrote:
>>> On 1/15/2024 5:58 PM, Yuan Yao wrote:
>>>> On Thu, Dec 21, 2023 at 09:02:35AM -0500, Yang Weijiang wrote:
>> [...]
>>>> Looks this leading to MSR_IA32_INT_SSP_TAB not intercepted
>>>> after below steps:
>>>>
>>>> Step 1. User space set cpuid w/ X86_FEATURE_LM, w/ SHSTK.
>>>> Step 2. User space set cpuid w/o X86_FEATURE_LM, w/o SHSTK.
>>>>
>>>> Then MSR_IA32_INT_SSP_TAB won't be intercepted even w/o SHSTK
>>>> on guest cpuid, will this lead to inconsistency when do
>>>> rdmsr(MSR_IA32_INT_SSP_TAB) from guest in this scenario ?
>>> Yes, theoretically it's possible, how about changing it as below?
>>>
>>> vmx_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB,
>>> MSR_TYPE_RW,
>>> incpt | !guest_cpuid_has(vcpu, X86_FEATURE_LM));
>>>
>> Oops, should be : incpt || !guest_cpuid_has(vcpu, X86_FEATURE_LM)
> It means guest cpuid:
>
> "has X86_FEATURE_SHSTK" + "doesn't have X86_FEATURE_LM"
No, this is invalid within this series. With patch 21 to prevent SHSTK in
32-bit guest, I think the check of LM here can be omitted.
then
vmx_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB, MSR_TYPE_RW, incpt); is OK.
>
> not sure this is valid combination or not.
> If yes it's ok, else just relies on incpt is enough ?
>
Powered by blists - more mailing lists