From 3086094c086b1b67cd9390388ecea95b1b188c1a Mon Sep 17 00:00:00 2001
From: dv <dv@openbsd.org>
Date: Wed, 26 Apr 2023 09:39:56 +0000
Subject: [PATCH] Unbreak vmm on Intel. Mistakenly enabled CET on non-CET
 systems.

Found by anton@ & jsg@
---
 sys/arch/amd64/amd64/vmm.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sys/arch/amd64/amd64/vmm.c b/sys/arch/amd64/amd64/vmm.c
index 42ac8007029..01e7859cda3 100644
--- a/sys/arch/amd64/amd64/vmm.c
+++ b/sys/arch/amd64/amd64/vmm.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vmm.c,v 1.340 2023/04/24 16:53:57 dv Exp $	*/
+/*	$OpenBSD: vmm.c,v 1.341 2023/04/26 09:39:56 dv Exp $	*/
 /*
  * Copyright (c) 2014 Mike Larkin <mlarkin@openbsd.org>
  *
@@ -3520,7 +3520,7 @@ vcpu_reset_regs_vmx(struct vcpu *vcpu, struct vcpu_reg_state *vrs)
 	vmx_setmsrbr(vcpu, MSR_TSC);
 
 	/* If host supports CET, pass through access to the guest. */
-	if (rcr4() | CR4_CET)
+	if (rcr4() & CR4_CET)
 		vmx_setmsrbrw(vcpu, MSR_S_CET);
 
 	/* XXX CR0 shadow */
@@ -7059,7 +7059,7 @@ vmm_handle_cpuid(struct vcpu *vcpu)
 				*rcx &= ~SEFF0ECX_PKU;
 
 			/* Expose IBT bit if we've enabled CET on the host. */
-			if (rcr4() | CR4_CET)
+			if (rcr4() & CR4_CET)
 				*rdx |= SEFF0EDX_IBT;
 			else
 				*rdx &= ~SEFF0EDX_IBT;
-- 
2.20.1