From: Jing Liu <jing2.liu@xxxxxxxxx>
Guest xstate permissions should be set by userspace VMM before vcpu
creation. This patch extends KVM to check the guest permissions in
KVM_SET_CPUID2 ioctl to avoid permission failure at guest run-time
(e.g. when reallocation path is triggered).
Signed-off-by: Jing Liu <jing2.liu@xxxxxxxxx>
Signed-off-by: Yang Zhong <yang.zhong@xxxxxxxxx>
---
arch/x86/kvm/cpuid.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 148003e26cbb..f3c61205bbf4 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -18,6 +18,7 @@
#include <asm/processor.h>
#include <asm/user.h>
#include <asm/fpu/xstate.h>
+#include <asm/fpu/api.h>
#include <asm/sgx.h>
#include "cpuid.h"
#include "lapic.h"
@@ -97,6 +98,17 @@ static int kvm_check_cpuid(struct kvm_cpuid_entry2 *entries, int nent)
return -EINVAL;
}
+ /*
+ * Check guest permissions for XSTATE features which must
+ * be enabled dynamically.
+ */
+ best = cpuid_entry2_find(entries, nent, 7, 0);
+ if (best && cpuid_entry_has(best, X86_FEATURE_AMX_TILE)) {
+ if (!(xstate_get_guest_group_perm() &
+ XFEATURE_MASK_XTILE_DATA))
+ return -EINVAL;
+ }
+
return 0;
}
