| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aRPo2oxGGEG5LEWv@intel.com>
Date: Wed, 12 Nov 2025 09:54:34 +0800
From: Chao Gao <chao.gao@...el.com>
To: Paolo Bonzini <pbonzini@...hat.com>
CC: "Chang S. Bae" <chang.seok.bae@...el.com>, <kvm@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <seanjc@...gle.com>, <zhao1.liu@...el.com>
Subject: Re: [PATCH RFC v1 07/20] KVM: nVMX: Support the extended instruction
info field
>> --- a/arch/x86/kvm/vmx/nested.c
>> +++ b/arch/x86/kvm/vmx/nested.c
>> @@ -4798,6 +4798,8 @@ static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12,
>> vmcs12->vm_exit_intr_info = exit_intr_info;
>> vmcs12->vm_exit_instruction_len = exit_insn_len;
>> vmcs12->vmx_instruction_info = vmcs_read32(VMX_INSTRUCTION_INFO);
>> + if (vmx_egpr_enabled(vcpu))
>> + vmcs12->extended_instruction_info = vmcs_read64(EXTENDED_INSTRUCTION_INFO);
>
>>From patch 17:
>
>+static inline bool vmx_egpr_enabled(struct kvm_vcpu *vcpu)
>+{
>+ return vcpu->arch.xcr0 & XFEATURE_MASK_APX && is_64_bit_mode(vcpu);
>+}
>
>but here you must not check XCR0, the extended instruction information field
>is always available. The spec says "A non-IntelĀ® APX enabled VMM is free to
>continue using the legacy definition of the field, since lack of IntelĀ® APX
>enabling will guarantee that regIDs are only 4-bits, maximum" but you can
>also use the extended instruction information field if you want. So, I'd
>make this also static_cpu_has(X86_FEATURE_APX).
Shouldn't we check guest's capabilities rather than host's,
i.e., guest_cpu_cap_has(X86_FEATURE_APX)?
Powered by blists - more mailing lists