Re: [RFC PATCH v5 083/104] KVM: x86: Split core of hypercall emulation to helper function

From: Isaku Yamahata
Date: Fri Apr 08 2022 - 01:35:08 EST

Next message: pr-tracker-bot: "Re: [git pull] drm fixes for 5.18-rc2"
Previous message: kernel test robot: "[l1k:smsc95xx_5.17 191/199] drivers/char/tpm/tpm_tis_spi_slb9670.c:24:5: warning: no previous prototype for 'slb9670_spi_unset_reset'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 07, 2022 at 03:12:57PM +0200,
Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:

> > > + if (static_call(kvm_x86_get_cpl)(vcpu) != 0) {
> > > + ret = -KVM_EPERM;
> > > + goto out;
> > > + }
>
> Is this guaranteed by TDG.VP.VMCALL?

Yes. TDCALL instruction in TD results in #GP(0) if CPL > 0.
It's documented in trust domain CPU architectural extensions spec.
https://www.intel.com/content/dam/develop/external/us/en/documents-tps/intel-tdx-cpu-architectural-specification.pdf

Anyway VMM can't know TD guest CPL (or other CPU state).
--
Isaku Yamahata <isaku.yamahata@xxxxxxxxx>

Next message: pr-tracker-bot: "Re: [git pull] drm fixes for 5.18-rc2"
Previous message: kernel test robot: "[l1k:smsc95xx_5.17 191/199] drivers/char/tpm/tpm_tis_spi_slb9670.c:24:5: warning: no previous prototype for 'slb9670_spi_unset_reset'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]