Re: [PATCH 00/19] Refresh queued CET virtualization series

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jun 16, 2022 at 04:46:24AM -0400, Yang Weijiang wrote:

> To minimize the impact to exiting kernel/KVM code, most of KVM patch
> code can be bypassed during runtime.Uncheck "CONFIG_X86_KERNEL_IBT"
> and "CONFIG_X86_SHADOW_STACK" in Kconfig before kernel build to get
> rid of CET featrures in KVM. If both of them are not enabled, KVM
> clears related feature bits as well as CET user bit in supported_xss,
> this makes CET related checks stop at the first points. Since most of
> the patch code runs on the none-hot path of KVM, it's expected to
> introduce little impact to existing code.

Do I understand this right in that a host without X86_KERNEL_IBT cannot
run a guest with X86_KERNEL_IBT on? That seems unfortunate, since that
was exactly what I did while developing the X86_KERNEL_IBT patches.

I'm thinking that if the hardware supports it, KVM should expose it,
irrespective of the host kernel using it.



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux