On 28/02/19 09:44, Yang Weijiang wrote: >>> if (!vmx_xsaves_supported()) >>> return 1; >>> + >>> /* >>> - * The only supported bit as of Skylake is bit 8, but >>> - * it is not supported on KVM. >>> + * Check bits being set are supported in KVM. >> I'd drop the comment altogether, it's pretty obvious from the code that >> were checking which bits are supported. > you won't see these redundancies in next version ;) >>> */ >>> - if (data != 0) >>> + if (data & ~kvm_supported_xss()) >>> return 1; You should instead check this against CPUID[0xD, 1].EDX:ECX. If CET is disabled in CPUID, the guest should not be able to set it in MSR_IA32_CSS. Paolo
