On Thu, Apr 07, 2022 at 03:12:57PM +0200,
Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
> > > + if (static_call(kvm_x86_get_cpl)(vcpu) != 0) {
> > > + ret = -KVM_EPERM;
> > > + goto out;
> > > + }
>
> Is this guaranteed by TDG.VP.VMCALL?
Yes. TDCALL instruction in TD results in #GP(0) if CPL > 0.
It's documented in trust domain CPU architectural extensions spec.
https://www.intel.com/content/dam/develop/external/us/en/documents-tps/intel-tdx-cpu-architectural-specification.pdf
Anyway VMM can't know TD guest CPL (or other CPU state).
--
Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
