Re: [PATCH 1/3] KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE

From: Huang, Kai
Date: Thu Apr 20 2023 - 06:58:28 EST

Next message: Konrad Dybcio: "Re: [PATCH 14/18] arm64: dts: qcom: sm8350: correct PCI phy unit address"
Previous message: Konrad Dybcio: "Re: [PATCH 13/18] arm64: dts: qcom: sm8350: correct DMA controller unit address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> >
> > Oooh, right. It's not that FP+SSE are always allowed, it's that FP+SSE must always
> > be _set_. So this?
> >
> > xfrm & ~(vcpu->arch.guest_supported_xcr0 | XFEATURE_MASK_FPSSE) ||
> > (xfrm & XFEATURE_MASK_FPSSE) != XFEATURE_MASK_FPSSE
>
> Looks good.
>
> I'll try to get some test done with this code change.
>

Tested this series with your above code change by running simple SGX app in the
guest.

For this particular case, tested with ECREATE with xfrm = 0x1 in the guest, and
guest can receive #GP.

So for the entire series:

Reviewed-by: Kai Huang <kai.huang@xxxxxxxxx>
Tested-by: Kai Huang <kai.huang@xxxxxxxxx>

>

Next message: Konrad Dybcio: "Re: [PATCH 14/18] arm64: dts: qcom: sm8350: correct PCI phy unit address"
Previous message: Konrad Dybcio: "Re: [PATCH 13/18] arm64: dts: qcom: sm8350: correct DMA controller unit address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]