On Thu, Mar 14, 2024, Michael Roth wrote: > On Wed, Mar 13, 2024 at 09:49:52PM -0500, Michael Roth wrote: > > I've been trying to get SNP running on top of these patches and hit and > > issue with these due to fpstate_set_confidential() being done during > > svm_vcpu_create(), so when QEMU tries to sync FPU state prior to calling > > SNP_LAUNCH_FINISH it errors out. I think the same would happen with > > SEV-ES as well. > > > > Maybe fpstate_set_confidential() should be relocated to SEV_LAUNCH_FINISH > > site as part of these patches? > > Talked to Tom a bit about this and that might not make much sense unless > we actually want to add some code to sync that FPU state into the VMSA > prior to encryption/measurement. Otherwise, it might as well be set to > confidential as soon as vCPU is created. > > And if userspace wants to write FPU register state that will not actually > become part of the guest state, it probably does make sense to return an > error for new VM types and leave it to userspace to deal with > special-casing that vs. the other ioctls like SET_REGS/SREGS/etc. Won't regs and sregs suffer the same fate? That might not matter _today_ for "real" VMs, but it would be a blocking issue for selftests, which need to stuff state to jumpstart vCPUs. And maybe someday real VMs will catch up to the times and stop starting at the RESET vector...
