On Tue, Sep 6, 2022 at 5:29 PM Chao Gao <chao.gao@xxxxxxxxx> wrote: > > On Tue, Sep 06, 2022 at 04:41:26PM -0700, Jim Mattson wrote: > >This looks like a souped-up version of AMD's X86_FEATURE_V_SPEC_CTRL. > >From https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html: > > > >When “virtualize IA32_SPEC_CTRL” VM-execution control is enabled, the > >processor supports virtualizing MSR writes and reads to > >IA32_SPEC_CTRL. This VM-execution control is enabled when the tertiary > >processor-based VM-execution control bit 7 is set and the tertiary > >controls are enabled. The support for this VM-execution control is > >enumerated by bit 7 of the IA32_VMX_PROCBASED_CTLS3 MSR (0x492). > > > >Is anyone working on kvm support for this yet? (Intel?) > > Chen is working on it. He has some patches already and is working on the > testing and review with security experts. The plan is to post patches in > ww40 or ww41. Do you have any questions/concerns about enabling > "virtualize IA32_SPEC_CTRL" in KVM? Not at all. I was just wondering if we needed to implement it.
