From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
Wanpeng Li <wanpengli@tencent.com>,
Borislav Petkov <bp@alien8.de>, Ingo Molnar <mingo@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Brijesh Singh <brijesh.singh@amd.com>,
Ashish Kalra <Ashish.Kalra@amd.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
x86@kernel.org
Subject: Re: [PATCH] KVM: SVM: Assume a 64-bit hypercall for guests with protected state
Date: Mon, 24 May 2021 17:03:29 +0000 [thread overview]
Message-ID: <YKvcYeXaxTQ//87M@google.com> (raw)
In-Reply-To: <c6864982-b30a-29b5-9a10-3cfdd331057e@redhat.com>
On Mon, May 24, 2021, Paolo Bonzini wrote:
> On 24/05/21 15:58, Tom Lendacky wrote:
> > > Would it hurt if we just move 'vcpu->arch.guest_state_protected' check
> > > to is_64_bit_mode() itself? It seems to be too easy to miss this
> > > peculiar detail about SEV in review if new is_64_bit_mode() users are to
> > > be added.
> > I thought about that, but wondered if is_64_bit_mode() was to be used in
> > other places in the future, if it would be a concern. I think it would be
> > safe since anyone adding it to a new section of code is likely to look at
> > what that function is doing first.
> >
> > I'm ok with this. Paolo, I know you already queued this, but would you
> > prefer moving the check into is_64_bit_mode()?
>
> Let's introduce a new wrapper is_64_bit_hypercall, and add a
> WARN_ON_ONCE(vcpu->arch.guest_state_protected) to is_64_bit_mode.
Can we introduce the WARN(s) in a separate patch, and deploy them much more
widely than just is_64_bit_mode()? I would like to have them lying in wait at
every path that should be unreachable, e.g. get/set segments, get_cpl(), etc...
Side topic, kvm_get_cs_db_l_bits() should be moved to svm.c. Functionally, it's
fine to have it as a vendor-agnostic helper, but practically speaking it should
never be called directly.
next prev parent reply other threads:[~2021-05-24 17:03 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-22 16:43 [PATCH] KVM: SVM: Assume a 64-bit hypercall for guests with protected state Tom Lendacky
2021-05-22 18:17 ` Tom Lendacky
2021-05-24 11:53 ` Vitaly Kuznetsov
2021-05-24 13:28 ` Tom Lendacky
2021-05-24 13:49 ` Vitaly Kuznetsov
2021-05-24 13:58 ` Tom Lendacky
2021-05-24 14:20 ` Paolo Bonzini
2021-05-24 16:05 ` Tom Lendacky
2021-05-24 17:03 ` Sean Christopherson [this message]
2021-05-24 17:06 ` Paolo Bonzini
2021-05-24 17:40 ` Tom Lendacky
2021-05-24 12:29 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YKvcYeXaxTQ//87M@google.com \
--to=seanjc@google.com \
--cc=Ashish.Kalra@amd.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.