Re: [PATCH v11 7/9] KVM: X86: Add userspace access interface for CET MSRs
From: Yang Weijiang
Date: Sat Apr 25 2020 - 05:26:51 EST
On Fri, Apr 24, 2020 at 08:10:49AM -0700, Sean Christopherson wrote:
> On Fri, Apr 24, 2020 at 11:02:46PM +0800, Yang Weijiang wrote:
> > On Thu, Apr 23, 2020 at 11:14:06AM -0700, Sean Christopherson wrote:
> > > > + case MSR_IA32_INT_SSP_TAB:
> > > > + if (!cet_check_ctl_msr_access(vcpu, msr_info))
> > > > + return 1;
> > > > + if (!is_64_bit_mode(vcpu))
> > >
> > > This is wrong, the SDM explicitly calls out the !64 case:
> > >
> > > IA32_INTERRUPT_SSP_TABLE_ADDR (64 bits; 32 bits on processors that do not
> > > support Intel 64 architecture).
> > So the check is also unnecessary as it's natual size?
>
> It still needs a canonical check.
>
> Note, KVM diverges from the SDM for canonical checks in that it performs
> canonical checks even when the virtual CPU doesn't support 64-bit and/or
> the host kernel is a 32-bit kernel. This is intentional because the
> underlying hardware will still enforce the checks, i.e. KVM needs to make
> the physical CPU happy, and the number of people running KVM on hardware
> without 64-bit support can probably be counted on one hand.
Got it, thank you!