Intel will not produce any CPU with CET that does not enumerate IA32_VMX_BASIC[56] as 1.Thanks Gil for clarity!
One can check that bit before injecting a #CP with error code, but it should not be necessary if CET is enumerated.
Of course, if the KVM may run as a guest of another VMM/hypervisor, it may be that the virtual CPU in which KVM operates may enumerate CET but clear the bit in IA32_VMX_BASIC.
- Gil
-----Original Message-----
From: Yang, Weijiang <weijiang.yang@xxxxxxxxx>
Sent: Friday, June 30, 2023 05:05
To: Gao, Chao <chao.gao@xxxxxxxxx>
Cc: Christopherson,, Sean <seanjc@xxxxxxxxxx>; pbonzini@xxxxxxxxxx; kvm@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; peterz@xxxxxxxxxxxxx; rppt@xxxxxxxxxx; binbin.wu@xxxxxxxxxxxxxxx; Edgecombe, Rick P <rick.p.edgecombe@xxxxxxxxx>; john.allen@xxxxxxx; Neiger, Gil <gil.neiger@xxxxxxxxx>
Subject: Re: [PATCH v3 10/21] KVM:x86: Add #CP support in guest exception classification
On 6/30/2023 6:27 PM, Chao Gao wrote:
[...]