On Tue, Feb 28, 2023 at 10:24:16PM +0000, Takahiro Itazuri wrote: > I'm still a kernel newbie and I don't have a strong opinion for that. > I just thought it would be helpful if the KVM_GET_SUPPORTED_CPUID API > returns the same security information as the host, as long as it is > harmless. Not harmless - cpufeatures.h should contain flags which the kernel uses and not *every* CPUID bit out there. If you want to advertize flags to guests, see arch/x86/kvm/reverse_cpuid.h and the KVM-only feature flags. You can add them there. > https://documentation.suse.com/sles/15-SP1/html/SLES-all/cha-spectre.html Well, I was against adding that to the documentation when I was at SUSE but ... -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette
