Re: [PATCH v10 26/27] KVM: nVMX: Enable CET support for nested guest
From: Sean Christopherson
Date: Wed May 01 2024 - 19:23:37 EST
On Sun, Feb 18, 2024, Yang Weijiang wrote:
> @@ -2438,6 +2460,30 @@ static void prepare_vmcs02_early(struct vcpu_vmx *vmx, struct loaded_vmcs *vmcs0
> }
> }
>
> +static inline void cet_vmcs_fields_get(struct kvm_vcpu *vcpu, u64 *ssp,
> + u64 *s_cet, u64 *ssp_tbl)
> +{
> + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) {
> + *ssp = vmcs_readl(GUEST_SSP);
> + *s_cet = vmcs_readl(GUEST_S_CET);
> + *ssp_tbl = vmcs_readl(GUEST_INTR_SSP_TABLE);
> + } else if (guest_can_use(vcpu, X86_FEATURE_IBT)) {
> + *s_cet = vmcs_readl(GUEST_S_CET);
> + }
Same comments about accessing S_CET, please do so in a dedicated path.
> +}
> +
> +static inline void cet_vmcs_fields_put(struct kvm_vcpu *vcpu, u64 ssp,
> + u64 s_cet, u64 ssp_tbl)
This should probably use "set" instead of "put". I can't think of a single case
where KVM uses "put" to describe writing state, e.g. "put" is always used when
putting a reference or unloading state.
> +{
> + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) {
> + vmcs_writel(GUEST_SSP, ssp);
> + vmcs_writel(GUEST_S_CET, s_cet);
> + vmcs_writel(GUEST_INTR_SSP_TABLE, ssp_tbl);
> + } else if (guest_can_use(vcpu, X86_FEATURE_IBT)) {
> + vmcs_writel(GUEST_S_CET, s_cet);
> + }
And here.