Re: [patch 5/6] x86/fpu: Provide fpu_update_guest_xcr0/xfd()

[Paolo Bonzini]

On 12/16/21 11:21, Tian, Kevin wrote:
> > From: Paolo Bonzini
> > Sent: Wednesday, December 15, 2021 6:41 PM
> >
> > There's also another important thing that hasn't been mentioned so far:
> > KVM_GET_SUPPORTED_CPUID should _not_ include the dynamic bits in
> > CPUID[0xD] if they have not been requested with prctl.  It's okay to
> > return the AMX bit, but not the bit in CPUID[0xD].
>
> There is no vcpu in this ioctl, thus we cannot check vcpu->arch.guest_fpu.perm.
>
> This then requires exposing xstate_get_guest_group_perm() to KVM.

Right, this is a generic /dev/kvm ioctl therefore it has to check the 
process state.

> Thomas, are you OK with this change given Paolo's ask? v1 included
> this change but it was not necessary at the moment:
>
> 	https://lore.kernel.org/lkml/87lf0ot50q.ffs@tglx/
>
> and Paolo, do we want to document that prctl() must be done before
> calling KVM_GET_SUPPORTED_CPUID? If yes, where is the proper location?

You can document it under the KVM_GET_SUPPORTED_CPUID ioctl.

(The reason for this ordering is backwards compatibility: otherwise a 
process could pass KVM_GET_SUPPORTED_CPUID to KVM_SET_CPUID2 directly, 
and the resulting VM would not be able to use AMX because it hasn't been 
requested.  Likewise, userspace needs to know that if you use prctl then 
you also need to allocate >4K for the xstate and use KVM_GET_XSAVE2 to 
retrieve it).

Paolo