On Fri, Apr 24, 2020 at 08:10:49AM -0700, Sean Christopherson wrote: > On Fri, Apr 24, 2020 at 11:02:46PM +0800, Yang Weijiang wrote: > > On Thu, Apr 23, 2020 at 11:14:06AM -0700, Sean Christopherson wrote: > > > > + case MSR_IA32_INT_SSP_TAB: > > > > + if (!cet_check_ctl_msr_access(vcpu, msr_info)) > > > > + return 1; > > > > + if (!is_64_bit_mode(vcpu)) > > > > > > This is wrong, the SDM explicitly calls out the !64 case: > > > > > > IA32_INTERRUPT_SSP_TABLE_ADDR (64 bits; 32 bits on processors that do not > > > support Intel 64 architecture). > > So the check is also unnecessary as it's natual size? > > It still needs a canonical check. > > Note, KVM diverges from the SDM for canonical checks in that it performs > canonical checks even when the virtual CPU doesn't support 64-bit and/or > the host kernel is a 32-bit kernel. This is intentional because the > underlying hardware will still enforce the checks, i.e. KVM needs to make > the physical CPU happy, and the number of people running KVM on hardware > without 64-bit support can probably be counted on one hand. Got it, thank you!
