On Fri, Sep 27, 2024, Xin Li wrote: > > > > When FRED is advertised to a guest, KVM should allow FRED SSP MSRs > > > > accesses through disabling FRED SSP MSRs interception no matter whether > > > > supervisor shadow stacks are enabled or not. > > > > > > KVM doesn't necessarily need to disabling MSR interception, e.g. if > > > the expectation > > > is that the guest will rarely/never access the MSRs when CET is > > > unsupported, then > > > we're likely better off going with a trap-and-emulate model. KVM > > > needs to emulate > > > RDMSR and WRMSR no matter what, e.g. in case the guest triggers a > > > WRMSR when KVM > > > is emulating, and so that userspace can get/set MSR values. > > > > > > And this means that yes, FRED virtualization needs to land after CET > > > virtualization, > > > otherwise managing the conflicts/dependencies will be a nightmare. > > > > > I still plan to send another iteration of the FRED patch set for review, > however I haven't seen your x86 KVM changes land into Linus' tree, it > will happen soon, right? Yep, we squeaked into rc1, the pull request to Linus was delayed because of travel and conferences.
