On Wed, Jan 23, 2019 at 04:59:09AM +0800, Yang Weijiang wrote: > For kvm Guest OS, right now, only bit 11(user mode CET) and bit 12 > (supervisor CET) are supported in XSS MSR, if other bits are being set, > the write to XSS will be skipped. > > Signed-off-by: Zhang Yi Z <yi.z.zhang@xxxxxxxxxxxxxxx> > Signed-off-by: Yang Weijiang <weijiang.yang@xxxxxxxxx> > --- > arch/x86/kvm/vmx.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 9c8cecac80ea..25ac22b3923a 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -47,6 +47,7 @@ > #include <asm/virtext.h> > #include <asm/mce.h> > #include <asm/fpu/internal.h> > +#include <asm/fpu/types.h> > #include <asm/perf_event.h> > #include <asm/debugreg.h> > #include <asm/kexec.h> > @@ -4334,12 +4335,16 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > case MSR_IA32_XSS: > if (!vmx_xsaves_supported()) > return 1; > + > /* > - * The only supported bit as of Skylake is bit 8, but > - * it is not supported on KVM. > + * Right now, only support XSS_CET_U[bit 11] and > + * XSS_CET_S[bit 12] in MSR_IA32_XSS. > */ > - if (data != 0) > + > + if (!vmx_guest_cet_cap(vcpu) || This isn't super intuitive, as evidenced by the additional comment. If you mask off the unsupported bits then you can make a clean check and don't need a comment, e.g.: supported = kvm_supported_xss(); if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) && !guest_cpuid_has(vcpu, X86_FEATURE_IBT)) supported &= ~(XSS_CET_S | XSS_CET_U); if (data & ~supported) return 1; > + data & ~(KVM_SUPPORTED_XSS & host_xss)) Didn't you add kvm_supported_xss() in an earlier patch? Might as well use it here. > return 1; > + > vcpu->arch.ia32_xss = data; > if (vcpu->arch.ia32_xss != host_xss) > add_atomic_switch_msr(vmx, MSR_IA32_XSS, > -- > 2.17.1 >
