Re: [PATCH v2 10/21] KVM:x86: Add #CP support in guest exception classification

[Yang, Weijiang]

On 5/4/2023 1:36 PM, Binbin Wu wrote:
> On 5/4/2023 11:41 AM, Yang, Weijiang wrote:
> > On 4/28/2023 2:09 PM, Binbin Wu wrote:
> > > On 4/21/2023 9:46 PM, Yang Weijiang wrote:
> > > > Add handling for Control Protection (#CP) exceptions(vector 21).
> > > > The new vector is introduced for Intel's Control-Flow Enforcement
> > > > Technology (CET) relevant violation cases.
> > > > See Intel's SDM for details.
> > [...]
> > > >   -static int exception_class(int vector)
> > > > +static int exception_class(struct kvm_vcpu *vcpu, int vector)
> > > >   {
> > > >       switch (vector) {
> > > >       case PF_VECTOR:
> > > >           return EXCPT_PF;
> > > > +    case CP_VECTOR:
> > > > +        if (vcpu->arch.cr4_guest_rsvd_bits & X86_CR4_CET)
> > > > +            return EXCPT_BENIGN;
> > > > +        return EXCPT_CONTRIBUTORY;
> > > By definition, #CP is Contributory.
> > > Can you explain more about this change here which treats #CP as 
> > > EXCPT_BENIGN when CET is not enabled in guest?
> >
> > I check the history of this patch, found maintainer modified the 
> > patch due to some unit test issue in L1. You can check the
> >
> > details here:
> >
> > Re: [PATCH v15 04/14] KVM: x86: Add #CP support in guest exception 
> > dispatch - Sean Christopherson (kernel.org) 
> > <https://lore.kernel.org/all/YBsZwvwhshw+s7yQ@xxxxxxxxxx/>
> OK, is it better to add the reason in changelog?
>
> IIUC, a new contributory exception vector (if any) should be handled 
> similarly (i.e., treated as contributory conditionally) in the future, 
> right?

Agree although the issue happens in an uncommon case, I'll add some 
description in changelog in following version, thanks!

> > > In current KVM code, there is suppose no #CP triggered in guest if 
> > > CET is not enalbed in guest, right?
> >
> > Yes.
> >
> > > >       case DE_VECTOR:
> > > >       case TS_VECTOR:
> > > >       case NP_VECTOR:
> >
> >
> > [...]