Re: [PATCH v10 26/27] KVM: nVMX: Enable CET support for nested guest

"Yang, Weijiang" <weijiang.yang@xxxxxxxxx> · Mon, 6 May 2024 17:25:44 +0800




On 5/2/2024 7:23 AM, Sean Christopherson wrote:
On Sun, Feb 18, 2024, Yang Weijiang wrote:
@@ -2438,6 +2460,30 @@ static void prepare_vmcs02_early(struct vcpu_vmx *vmx, struct loaded_vmcs *vmcs0
  	}
  }
  
+static inline void cet_vmcs_fields_get(struct kvm_vcpu *vcpu, u64 *ssp,
+				       u64 *s_cet, u64 *ssp_tbl)
+{
+	if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) {
+		*ssp = vmcs_readl(GUEST_SSP);
+		*s_cet = vmcs_readl(GUEST_S_CET);
+		*ssp_tbl = vmcs_readl(GUEST_INTR_SSP_TABLE);
+	} else if (guest_can_use(vcpu, X86_FEATURE_IBT)) {
+		*s_cet = vmcs_readl(GUEST_S_CET);
+	}
Same comments about accessing S_CET, please do so in a dedicated path.

Will change it, thanks!


+}
+
+static inline void cet_vmcs_fields_put(struct kvm_vcpu *vcpu, u64 ssp,
+				       u64 s_cet, u64 ssp_tbl)
This should probably use "set" instead of "put".  I can't think of a single case
where KVM uses "put" to describe writing state, e.g. "put" is always used when
putting a reference or unloading state.

Yes, "put" is not proper in this case, will change it.



+{
+	if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) {
+		vmcs_writel(GUEST_SSP, ssp);
+		vmcs_writel(GUEST_S_CET, s_cet);
+		vmcs_writel(GUEST_INTR_SSP_TABLE, ssp_tbl);
+	} else if (guest_can_use(vcpu, X86_FEATURE_IBT)) {
+		vmcs_writel(GUEST_S_CET, s_cet);
+	}
And here.

OK.









