On Mon, Mar 04, 2019 at 10:47:53AM -0800, Sean Christopherson wrote: > On Mon, Feb 25, 2019 at 09:27:11PM +0800, Yang Weijiang wrote: > > Guest CET SHSTK and IBT capability are reported via > > CPUID.(EAX=7, ECX=0):ECX[bit 7] and EDX[bit 20] respectively. > > Guest user mode and supervisor mode xsaves component size > > is reported via CPUID.(EAX=0xD, ECX=1):ECX[bit 11] and ECX[bit 12] > > respectively. > > > > Signed-off-by: Zhang Yi Z <[email protected]> > > Signed-off-by: Yang Weijiang <[email protected]> > > --- > > arch/x86/kvm/cpuid.c | 60 +++++++++++++++++++++++++++++++++----------- > > arch/x86/kvm/x86.h | 4 +++ > > 2 files changed, 50 insertions(+), 14 deletions(-) > > > > diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c > > index cb1aece25b17..5e05756cc6db 100644 > > --- a/arch/x86/kvm/cpuid.c > > +++ b/arch/x86/kvm/cpuid.c > > @@ -65,6 +65,16 @@ u64 kvm_supported_xcr0(void) > > return xcr0; > > } > > > > +u64 kvm_supported_xss(void) > > +{ > > + u64 xss; > > + > > + rdmsrl(MSR_IA32_XSS, xss); > > Honest question as I haven't thought through the flows: do we actually > need to restrict XSS based on what's enabled in the host? This > conflicts with your other statements that CET features can be enabled > independent of host support.
Never mind, just saw Paolo's comment in a previous version about XSAVE being dependent on host XSS. The below comment about caching still applies though. > And if we do incorporate the host status, the value should be read once > and cached unless we're expecting the host value to change dynamically, > e.g. see host_efer. > > > + xss &= KVM_SUPPORTED_XSS; > > + return xss; > > +} > > +EXPORT_SYMBOL(kvm_supported_xss); > > + > > #define F(x) bit(X86_FEATURE_##x) > > > > /* For scattered features from cpufeatures.h; we currently expose none */
