On 6/16/2022 3:49 PM, Dave Hansen wrote:
This touches on the "what", but not the "why". Could you explain in
here both why this is needed and why an app might want to use it?
[ while studying on this a bit further, found a few things here ]
They (ARCH_{REQ|GET}_XCOMP_GUEST_PERM) provide a userspace VMM to request & check guest permission.
In general, KVM looks to have an API as a set of ioctls [1]. A guest VMM uses KVM_GET_DEVICE_ATTR::KVM_X86_XCOMP_GUEST_SUPP to query the available features [2][3]. ARCH_GET_XCOMP_SUPP is not usable here because KVM wants to control those exposed features [4] (via KVM_SUPPORTED_XCR0).
But oddly this mask does not appear to be actively referenced by those two arch_prctl options. I can see this ioctl attribute is currently disconnected from these arch_prctl options.
Also I failed to find the documentation about this KVM_X86_XCOMP_GUEST_SUPP interface:
$ git grep KVM_X86_XCOMP_GUEST_SUPP ./Documentation/
$
I guess people will be confused with having these two options only. I think documenting this has to come along with these missing pieces (and potential fix). So I'm inclined to drop this one at the moment.