On 7/23/20 9:25 AM, Sean Christopherson wrote:

How would people feel about taking the above two patches (02 and 03 in the
series) through the KVM tree to enable KVM virtualization of CET before the
kernel itself gains CET support?  I.e. add the MSR and feature bits, along
with the XSAVES context switching.  The feature definitons could use "" to
suppress displaying them in /proc/cpuinfo to avoid falsely advertising CET
to userspace.

AIUI, there are ABI issues that need to be sorted out, and that is likely
going to drag on for some time. 

Is this a "hell no" sort of idea, or something that would be feasible if we
can show that there are no negative impacts to the kernel?

Negative impacts like bloating every task->fpu with XSAVE state that
will never get used? ;)

I thought KVM had its own vcpu->arch.guest_fpu buffers which mirrored
the size and format of task->fpu.  Can we have KVM support today without
task->fpu support?  I see some XSS munging in the KVM code so I think
this might be *possible*, but I don't see all of the plumbing that would
make it actually work.