Re: The current status of PKS virtualization

[Paolo Bonzini]

Il lun 10 nov 2025, 17:32 Ruihan Li <lrh2000@xxxxxxxxxx> ha scritto:
>
> Hi,
>
> I'm sorry to bother you by replying to the email from years ago. I would like
> to learn about the current status of PKS virtualization.
>
> In short, I tried to rebase this patch series on the latest kernel. The result
> was a working kernel that supports PKS virtualization, which would be useful
> for my purposes. Would PKS virtualization be accepted even if the kernel itself
> does not use PKS?


Yes, I think it should.

Virtualized PKS does not depend on host PKS, because it uses an MSR
rather than XSAVE areas (which are harder to add to KVM without host
support).

> Fundamentally, I don't think this patch series
> has to be built on top of basic PKS support. But I am unsure whether there is a
> policy or convention that states virtualization support can only be added after
> basic support.

No, there is none. In fact, the only dependency of the original series
on host PKS was for functions to read/write the host PKRS MSR. Without
host PKS support it could be loaded with all-ones, or technically it
could even be left with the guest value. Since the host clears
CR4.PKS, the actual value won't matter.

> One problem is that if the Linux kernel does not use PKS, we will be unable to
> test PKS virtualization with a guest Linux kernel. However, given that we have
> KVM unit test infrastructure, I believe we can find a way to properly test PKS
> virtualization for its correctness?

I agree. Thanks!

Paolo

> I'd like to hear from you to know whether I understand things correctly. Thank
> you in advance for any feedback.
>
> Thanks,
> Ruihan Li
>