On Wed, 2018-01-31 at 23:26 -0500, Konrad Rzeszutek Wilk wrote:
>
> > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> > index 6a9f4ec..bfc80ff 100644
> > --- a/arch/x86/kvm/vmx.c
> > +++ b/arch/x86/kvm/vmx.c
> > @@ -594,6 +594,14 @@ struct vcpu_vmx {
> > #endif
> >
> > u64 arch_capabilities;
> > + u64 spec_ctrl;
> > +
> > + /*
> > + * This indicates that:
> > + * 1) guest_cpuid_has(X86_FEATURE_IBRS) == true &&
> > + * 2) The guest has actually initiated a write against the MSR.
> > + */
> > + bool spec_ctrl_used;
> >
> > /*
> > * This indicates that:Thanks for persisting with the details here, Karim. In addition to Konrad's heckling at the comments, I'll add my own request to his... I'd like the comment for spec_ctrl_used to explain why it isn't entirely redundant with the spec_ctrl_intercepted() function. Without nesting, I believe it *would* be redundant, but the difference comes when an L2 is running for which L1 has not permitted the MSR to be passed through. That's when we have spec_ctrl_used = true but the MSR *isn't* actually passed through in the active msr_bitmap. Question: if spec_ctrl_used is always equivalent to the intercept bit in the vmcs01.msr_bitmap, just not the guest bitmap... should we ditch it and always use the bit from the vmcs01.msr_bitmap? Sorry :)
smime.p7s
Description: S/MIME cryptographic signature
