On Wed, Sep 10, 2025 at 05:22:15PM +0800, Xiaoyao Li wrote: >On 9/9/2025 5:39 PM, Chao Gao wrote: >> Maintain per-guest valid XSS bits and check XSS validity against them >> rather than against KVM capabilities. This is to prevent bits that are >> supported by KVM but not supported for a guest from being set. >> >> Opportunistically return KVM_MSR_RET_UNSUPPORTED on IA32_XSS MSR accesses >> if guest CPUID doesn't enumerate X86_FEATURE_XSAVES. Since >> KVM_MSR_RET_UNSUPPORTED takes care of host_initiated cases, drop the >> host_initiated check. >> >> Signed-off-by: Chao Gao <chao.gao@xxxxxxxxx> > >Reviewed-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx> > ><snip> >> @@ -4011,15 +4011,14 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) >> } >> break; >> case MSR_IA32_XSS: >> - if (!msr_info->host_initiated && >> - !guest_cpuid_has(vcpu, X86_FEATURE_XSAVES)) >> - return 1; >> + if (!guest_cpuid_has(vcpu, X86_FEATURE_XSAVES)) >> + return KVM_MSR_RET_UNSUPPORTED; >> /* >> * KVM supports exposing PT to the guest, but does not support >> * IA32_XSS[bit 8]. Guests have to use RDMSR/WRMSR rather than >> * XSAVES/XRSTORS to save/restore PT MSRs. >> */ > >Not an issue of this patch, there seems not the proper place to put above >comment. Agreed. I am curious why PT state isn't supported, which is apparently missing from the comment. If it is due to lack of host FPU support, I think the recent guest-only xfeatures we built for CET can help. Anyway, PT is only visible on BROKEN kernels. so we won't do anything for now besides documenting the reason.
