On 8/4/23 23:27, Sean Christopherson wrote:
+
+ if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) &&
+ !kvm_cpu_cap_has(X86_FEATURE_IBT))
+ return false;
+
+ return msr->host_initiated ||
+ guest_cpuid_has(vcpu, X86_FEATURE_IBT) ||
+ guest_cpuid_has(vcpu, X86_FEATURE_SHSTK);
Similar to my suggestsion for XSS, I think we drop the waiver for host_initiated
accesses, i.e. require the feature to be enabled and exposed to the guest, even
for the host.
No, please don't. Allowing host-initiated accesses is what makes it
possible to take the list of MSR indices and pass it blindly to
KVM_GET_MSR and KVM_SET_MSR. This should be documented, will send a patch.
Paolo
