On 11/9/21 14:37, Xiaoyao Li wrote:
Tom,
I think what you did in this commit is not so correct. It just silently
ignores the ioctls insteaf of returning an error to userspace to tell
this IOCTL is not invalid to this VM. E.g., for
kvm_arch_vcpu_ioctl_get_fpu(), QEMU just gets it succesful with fpu
being all zeros.
Yes, it's a "cop out" that removes the need for more complex changes in
QEMU.
I think for the get/set registers ioctls
KVM_GET/SET_{REGS,SREGS,FPU,XSAVE,XCRS} we need to consider SEV-ES
backwards compatibility. This means, at least for now, only apply the
restriction to TDX (using a bool-returning function, see the review for
28/69).
For SMM, MCE, vCPU events and for kvm_valid/dirty_regs, it can be done
as in this patch.
Paolo
