Re: [PATCH v5 11/12] x86/tdx: Don't write CSTAR MSR on Intel

[Sean Christopherson]

On Wed, Aug 04, 2021, Kuppuswamy Sathyanarayanan wrote:
> From: Andi Kleen <ak@xxxxxxxxxxxxxxx>
> 
> On Intel CPUs writing the CSTAR MSR is not really needed. Syscalls
> from 32bit work using SYSENTER and 32bit SYSCALL is an illegal opcode.
> But the kernel did write it anyways even though it was ignored by
> the CPU. Inside a TDX guest this actually leads to a #GP. While the #GP
> is caught and recovered from, it prints an ugly message at boot.
> Do not write the CSTAR MSR on Intel CPUs.

Not that it really matters, but...

Is #GP the actual TDX-Module behavior?  If so, isn't that a contradiction with
respect to the TDX-Module architecture?  It says:

  guest TD access violations to MSRs can cause a #GP(0) in most cases where the
  MSR is enumerated as inaccessible by the Intel TDX module via CPUID
  virtualization.  In other cases, guest TD access violations to MSRs can cause
  a #VE.

Given that there is no dedicated CPUID flag for CSTAR and CSTAR obviously exists
on Intel CPUs, I don't see how the TDX-Module can possible enumerate CSTAR as
being inaccessible.

Regardless of #GP versus #VE, "Table 16.2 MSR Virtualization" needs to state the
actual behavior.