On 07/08/20 10:48, Chenyi Qiang wrote:
+{
+ struct vcpu_vmx *vmx = to_vmx(vcpu);
+ unsigned long *msr_bitmap = vmx->vmcs01.msr_bitmap;
+ bool pks_supported = guest_cpuid_has(vcpu, X86_FEATURE_PKS);
+
+ /*
+ * set intercept for PKRS when the guest doesn't support pks
+ */
+ vmx_set_intercept_for_msr(msr_bitmap, MSR_IA32_PKRS, MSR_TYPE_RW, !pks_supported);
+
+ if (pks_supported) {
+ vm_entry_controls_setbit(vmx, VM_ENTRY_LOAD_IA32_PKRS);
+ vm_exit_controls_setbit(vmx, VM_EXIT_LOAD_IA32_PKRS);
+ } else {
+ vm_entry_controls_clearbit(vmx, VM_ENTRY_LOAD_IA32_PKRS);
+ vm_exit_controls_clearbit(vmx, VM_EXIT_LOAD_IA32_PKRS);
+ }
Is the guest expected to do a lot of reads/writes to the MSR (e.g. at
every context switch)?
Even if this is the case, the MSR intercepts and the entry/exit controls
should only be done if CR4.PKS=1. If the guest does not use PKS, KVM
should behave as if these patches did not exist.
Paolo
