Re: [PATCH v10 24/27] KVM: x86: Enable CET virtualization for VMX and advertise to userspace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 5/21/2024 1:15 AM, Dave Hansen wrote:
On 5/20/24 10:09, Sean Christopherson wrote:
IIUC, this series tries to tie IBT to SHSTK feature, i.e., IBT cannot be
exposed as an independent feature to guest without exposing SHSTK at the same
time. If it is, then below patch is not needed anymore:
https://lore.kernel.org/all/20240219074733.122080-3-weijiang.yang@xxxxxxxxx/
That's a question for the x86 maintainers.  Specifically, do they want to allow
enabling XFEATURE_CET_USER even if userspace shadow stack support is disabled.
I like the sound of "below patch is not needed anymore".

Unless removing the patch causes permanent issues or results in
something that's not functional, I say: jettison it with glee. If it's
that important, it can be considered on its own merits separately.
I guess the existing dependency there is due to the fact that only user SHSTK is landed and there's
possibly no such kind of odd bare metal platform.

Side topic:  would it be reasonable to enforce IBT dependency on XFEATURE_CET_USER when *user* IBT
enabling patches are landing in kernel? Then guest kernel can play with user IBT alone if VMM
userspace just wants to enable IBT for guest. Or when SHSTK is disabled for whatever reason.







[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux