On Mon, 2016-10-31 at 10:53 +0100, Borislav Petkov wrote:
> > I think that in v4.9-rc2 the CPUID[7,0].edx bits can be masked out
> by
> > applying noxsave to cmdline. Using directly cpu_count will result
> in
> > passing the bits in edx to a guest directly while the xsaveopt and
> rest
> > of AVX512 features bits will be cleared.
>
> Errr, I can't parse that reading it backwards and forwards. Please
> elaborate.
The patch that introduces AVX512_4VNNIW and AVX512_4FMAPS features was
merged to kernel 4.9-rc2 so we have possibility to mask the feature
bits using 'noxsave' option in kernel cmdline. This option clears all
AVX512 feature bits in boot_cpu_data.x86_capability.
The cpuid_mask function, which usually used in kvm, read bit from this
x86_capabity and mask out. This prevents passing disabled features to
guest. If we use cpu_count instead, which reports bits directly from
CPU, then the bits of features that are disabled in host are passed to
guest as enabled. This seems be inconsistent.
Thanks,
Piotr��.n��������+%�������w��{.n�����o�^n�r�������&��z�ޗ�zf���h���~����������_��+v���)ߣ�
