Merge tag 'kvm-x86-svm-6.19' of https://github.com/kvm-x86/linux into HEAD

Nested virtualization features

------------------------------

TBD

On AMD CPUs, when GIF is cleared, #DB exceptions or traps due to a breakpoint

register match are ignored and discarded by the CPU. The CPU relies on the VMM

to fully virtualize this behavior, even when vGIF is enabled for the guest

(i.e. vGIF=0 does not cause the CPU to drop #DBs when the guest is running).

KVM does not virtualize this behavior as the complexity is unjustified given

the rarity of the use case. One way to handle this would be for KVM to

intercept the #DB, temporarily disable the breakpoint, single-step over the

instruction, then re-enable the breakpoint.

x2APIC

------

#define X86_FEATURE_AMD_STIBP		(13*32+15) /* Single Thread Indirect Branch Predictors */

#define X86_FEATURE_AMD_STIBP_ALWAYS_ON	(13*32+17) /* Single Thread Indirect Branch Predictors always-on preferred */

#define X86_FEATURE_AMD_IBRS_SAME_MODE	(13*32+19) /* Indirect Branch Restricted Speculation same mode protection*/

#define X86_FEATURE_EFER_LMSLE_MBZ	(13*32+20) /* EFER.LMSLE must be zero */

#define X86_FEATURE_AMD_PPIN		(13*32+23) /* "amd_ppin" Protected Processor Inventory Number */

#define X86_FEATURE_AMD_SSBD		(13*32+24) /* Speculative Store Bypass Disable */

#define X86_FEATURE_VIRT_SSBD		(13*32+25) /* "virt_ssbd" Virtualized Speculative Store Bypass Disable */

						      * can access host MMIO (ignored for all intents

						      * and purposes if CLEAR_CPU_BUF_VM is set).

						      */

#define X86_FEATURE_X2AVIC_EXT		(21*32+18) /* AMD SVM x2AVIC support for 4k vCPUs */

/*

 * BUG word(s)

 *			     the gfn, i.e. retrying the instruction will hit a

 *			     !PRESENT fault, which results in a new shadow page

 *			     and sends KVM back to square one.

 *

 * EMULTYPE_SKIP_SOFT_INT - Set in combination with EMULTYPE_SKIP to only skip

 *                          an instruction if it could generate a given software

 *                          interrupt, which must be encoded via

 *                          EMULTYPE_SET_SOFT_INT_VECTOR().

 */

#define EMULTYPE_NO_DECODE	    (1 << 0)

#define EMULTYPE_TRAP_UD	    (1 << 1)

#define EMULTYPE_PF		    (1 << 6)

#define EMULTYPE_COMPLETE_USER_EXIT (1 << 7)

#define EMULTYPE_WRITE_PF_TO_SP	    (1 << 8)

#define EMULTYPE_SKIP_SOFT_INT	    (1 << 9)

#define EMULTYPE_SET_SOFT_INT_VECTOR(v)	((u32)((v) & 0xff) << 16)

#define EMULTYPE_GET_SOFT_INT_VECTOR(e)	(((e) >> 16) & 0xff)

static inline bool kvm_can_emulate_event_vectoring(int emul_type)

{

	AVIC_IPI_FAILURE_INVALID_IPI_VECTOR,

};

#define AVIC_PHYSICAL_MAX_INDEX_MASK	GENMASK_ULL(8, 0)

#define AVIC_PHYSICAL_MAX_INDEX_MASK	GENMASK_ULL(11, 0)

/*

 * For AVIC, the max index allowed for physical APIC ID table is 0xfe (254), as

/*

 * For x2AVIC, the max index allowed for physical APIC ID table is 0x1ff (511).

 * With X86_FEATURE_X2AVIC_EXT, the max index is increased to 0xfff (4095).

 */

#define X2AVIC_MAX_PHYSICAL_ID		0x1FFUL

#define X2AVIC_4K_MAX_PHYSICAL_ID	0xFFFUL

static_assert((AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == AVIC_MAX_PHYSICAL_ID);

static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_MAX_PHYSICAL_ID);

static_assert((X2AVIC_4K_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_4K_MAX_PHYSICAL_ID);

#define SVM_SEV_FEAT_SNP_ACTIVE				BIT(0)

#define SVM_SEV_FEAT_RESTRICTED_INJECTION		BIT(3)

/* vendor-specific groups and attributes for system fd */

#define KVM_X86_GRP_SEV			1

#  define KVM_X86_SEV_VMSA_FEATURES	0

#  define KVM_X86_SNP_POLICY_BITS	1

struct kvm_vmx_nested_state_data {

	__u8 vmcs12[KVM_STATE_NESTED_VMX_VMCS_SIZE];