Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL
From: David Woodhouse
Date: Thu Feb 01 2018 - 08:26:04 EST
On Wed, 2018-01-31 at 23:26 -0500, Konrad Rzeszutek Wilk wrote:
>
> > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> > index 6a9f4ec..bfc80ff 100644
> > --- a/arch/x86/kvm/vmx.c
> > +++ b/arch/x86/kvm/vmx.c
> > @@ -594,6 +594,14 @@ struct vcpu_vmx {
> >Â #endif
> >ÂÂ
> >ÂÂÂÂÂÂÂu64ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ arch_capabilities;
> > +ÂÂÂÂÂu64ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ spec_ctrl;
> > +
> > +ÂÂÂÂÂ/*
> > +ÂÂÂÂÂ * This indicates that:
> > +ÂÂÂÂÂ * 1) guest_cpuid_has(X86_FEATURE_IBRS) == true &&
> > +ÂÂÂÂÂ * 2) The guest has actually initiated a write against the MSR.
> > +ÂÂÂÂÂ */
> > +ÂÂÂÂÂbool spec_ctrl_used;
> >ÂÂ
> >ÂÂÂÂÂÂÂ/*
> >ÂÂÂÂÂÂÂ * This indicates that:
Thanks for persisting with the details here, Karim. In addition to
Konrad's heckling at the comments, I'll add my own request to his...
I'd like the comment for spec_ctrl_used to explain why it isn't
entirely redundant with the spec_ctrl_intercepted() function.
Without nesting, I believe it *would* be redundant, but the difference
comes when an L2 is running for which L1 has not permitted the MSR to
be passed through. That's when we have spec_ctrl_used = true but the
MSR *isn't* actually passed through in the active msr_bitmap.
Question: if spec_ctrl_used is always equivalent to the intercept bit
in the vmcs01.msr_bitmap, just not the guest bitmap... should we ditch
it and always use the bit from the vmcs01.msr_bitmap?
Sorry :)Attachment:
smime.p7s
Description: S/MIME cryptographic signature