On Tue, May 16, 2023 at 03:16:59PM +0800, Xiaoyao Li wrote:
>On 4/14/2023 2:25 PM, Chao Gao wrote:
>
>...
>
>> +static inline void vmx_set_guest_spec_ctrl(struct vcpu_vmx *vmx, u64 val)
>> +{
>> + vmx->guest_spec_ctrl = val;
>> +
>> + /*
>> + * For simplicity, always keep IA32_SPEC_CTRL_SHADOW up-to-date,
>> + * regardless of the MSR intercept state.
>> + */
>> + if (cpu_has_spec_ctrl_virt())
>> + vmcs_write64(IA32_SPEC_CTRL_SHADOW, val);
>> +
>> + /*
>> + * Update the effective value of IA32_SPEC_CTRL to reflect changes to
>> + * guest's IA32_SPEC_CTRL. Bits in the mask should always be set.
>> + */
>
>Why bits in the mask should always be set?
>
>The bits set in the mask only means them cannot be modified by guest. KVM can
>use the mask to force the bits to 0 as well.
Yes.
Because there is no use case for VMMs to lock some bits to 0 behind guests, this
isn't used in series. There was a note in v1's changelog [1]:
Note "virtual IA32_SPEC_CTRL" is now used by VMM to enforce some bits
of IA32_SPEC_CTRL to 1 (i.e., enabled some HW mitigations transparently
for guests). In theory, VMM can disable some HW mitigations behind guests.
But to keep this series simple, we leave that for future work.
But somehow I dropped it (when I tried to slim down the changelog). Will add it
back and add a comment above the definition of spec_ctrl_mask.
[1]: https://lore.kernel.org/lkml/20221210160046.2608762-5-chen.zhang@xxxxxxxxx/
>
>> + vmx->spec_ctrl = val | vmx_get_spec_ctrl_mask(vmx);
>> +}
>> #endif /* __KVM_X86_VMX_H */
>
