On Tue, Apr 25, 2023 at 10:35:25AM +0800, Zeng Guang wrote: > >On 4/24/2023 3:32 PM, Gao, Chao wrote: >> On Thu, Apr 20, 2023 at 09:37:19PM +0800, Zeng Guang wrote: >> > Virtualize CR4.LASS[bit 27] under KVM control instead of being guest-owned >> > as CR4.LASS generally set once for each vCPU at boot time and won't be >> > toggled at runtime. Besides, only if VM has LASS capability enumerated with >> > CPUID.(EAX=07H.ECX=1):EAX.LASS[bit 6], KVM allows guest software to be able >> > to set CR4.LASS. >> > By design CR4.LASS can be manipulated by nested guest as >> > well. >> This is inaccurate. The change in nested_vmx_cr_fixed1_bits_update() is >> to allow L1 guests to set CR4.LASS in VMX operation. > >Essentially it allows nested guest to set CR4.LASS. L1 guest uses cr4_fixed1 >to check >cr4 value requested to set by nested guest valid or not. Nested guest will >get #GP >fault if it's not allowed. The change to CR4_FIXED1 has more impacts. Without CR4_FIXED1 change, guest shouldn't enable LASS in VMX operation; it means: 1. before VMXON, LASS should be disabled 2. in VMX operation, LASS cannot be enabled What you said (i.e., L1 guest allows L2 to enable LASS) belongs in #2. But #1 isn't covered. That's why I said "inaccurate". > >> I would say: >> >> Set the CR4.LASS bit in the emulated IA32_VMX_CR4_FIXED1 MSR for guests >> to allow guests to enable LASS in nested VMX operation. >
