On 5/3/23 18:08, Sean Christopherson wrote:
Stop adjusting the guest's CPUID info for the allowed XFRM (a.k.a. XCR0)
for SGX enclaves. Past me didn't understand the roles and responsibilities
between userspace and KVM with respect to CPUID leafs, i.e. I thought I was
being helpful by having KVM adjust the entries.
This is clearly an ABI change, but QEMU does the right thing and AFAIK no
other VMMs support SGX (yet), so I'm hopeful/confident that we can excise
the ugly before userspace starts depending on the bad behavior.
v2:
- Collect reviews/testing. [Kai]
- Require FP+SSE to always be set in XFRM, and exempt them from the XFRM
vs. XCR0 check. [Kai]
v1: https://lore.kernel.org/all/20230405005911.423699-1-seanjc@xxxxxxxxxx
Sean Christopherson (3):
KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for
ECREATE
KVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM)
KVM: x86: Open code supported XCR0 calculation in
kvm_vcpu_after_set_cpuid()
arch/x86/kvm/cpuid.c | 43 ++++++++++--------------------------------
arch/x86/kvm/vmx/sgx.c | 11 +++++++++--
2 files changed, 19 insertions(+), 35 deletions(-)
base-commit: 5c291b93e5d665380dbecc6944973583f9565ee5
Queued, thanks. But why patch 3? Small functions are nice and remove
the need to remember what is in EDX:EAX of CPUID[0xD,0].
Paolo
