Re: [PATCH v2] KVM: x86: Always set kvm_run->if_flag

[Sean Christopherson]

On Thu, Dec 09, 2021, Jim Mattson wrote:
> On Thu, Dec 9, 2021 at 9:48 AM Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
> >
> > On 12/9/21 16:52, Marc Orr wrote:
> > > The kvm_run struct's if_flag is a part of the userspace/kernel API. The
> > > SEV-ES patches failed to set this flag because it's no longer needed by
> > > QEMU (according to the comment in the source code). However, other
> > > hypervisors may make use of this flag. Therefore, set the flag for
> > > guests with encrypted registers (i.e., with guest_state_protected set).
> > >
> > > Fixes: f1c6366e3043 ("KVM: SVM: Add required changes to support intercepts under SEV-ES")
> > > Signed-off-by: Marc Orr<marcorr@xxxxxxxxxx>
> >
> > Applied, though I wonder if it is really needed by those other VMMs
> > (which? gVisor is the only one that comes to mind that is interested in
> > userspace APIC).
> 
> Vanadium appears to have one use of it.
> 
> > It shouldn't be necessary for in-kernel APIC (where userspace can inject
> > interrupts at any time), and ready_for_interrupt_injection is superior
> > for userspace APIC.
> 
> LOL. Here's that one use...
> 
> if (vcpu_run_state_->request_interrupt_window &&
> vcpu_run_state_->ready_for_interrupt_injection &&
> vcpu_run_state_->if_flag) {
> ...
> }
> 
> So, maybe this is much ado about nothing?

I assume the issue is that SEV-ES always squishes if_flag, so that above statement
can never evaluate true.