On 12/7/21 18:28, Marc Orr wrote:
+static bool svm_get_if_flag(struct kvm_vcpu *vcpu)
+{
+ struct vmcb *vmcb = to_svm(vcpu)->vmcb;
+
+ return !!(vmcb->control.int_state & SVM_GUEST_INTERRUPT_MASK);
I'm not sure if this is always valid to use for non SEV-ES guests. Maybe
the better thing would be:
return sev_es_guest(vcpu->kvm) ? vmcb->control.int_state & SVM_GUEST_INTERRUPT_MASK
: kvm_get_rflags(vcpu) & X86_EFLAGS_IF;
(Since this function returns a bool, I don't think you need the !!)
I had the same reservations when writing the patch. (Why fix what's
not broken.) The reason I wrote the patch this way is based on what I
read in APM vol2: Appendix B Layout of VMCB: "GUEST_INTERRUPT_MASK -
Value of the RFLAGS.IF bit for the guest."
I just verified with the hardware team that this flag is indeed only set
for a guest with protected state (SEV-ES / SEV-SNP). An update to the APM
will be made.
Got it now. Then the change you suggested is a must! Thanks, Tom.
Besides, the bit wouldn't have existed on old (pre-SEV-ES) processors.
Paolo
