KVM: SEV: Configure "ALLOWED_SEV_FEATURES" VMCB Field

	u64 avic_physical_id;	/* Offset 0xf8 */

	u8 reserved_7[8];

	u64 vmsa_pa;		/* Used for an SEV-ES guest */

	u8 reserved_8[720];

	u8 reserved_8[40];

	u64 allowed_sev_features;	/* Offset 0x138 */

	u64 guest_sev_features;		/* Offset 0x140 */

	u8 reserved_9[664];

	/*

	 * Offset 0x3e0, 32 bytes reserved

	 * for use by hypervisor/software.

#define SVM_SEV_FEAT_ALTERNATE_INJECTION		BIT(4)

#define SVM_SEV_FEAT_DEBUG_SWAP				BIT(5)

#define VMCB_ALLOWED_SEV_FEATURES_VALID			BIT_ULL(63)

struct vmcb_seg {

	u16 selector;

	u16 attrib;

static void sev_es_init_vmcb(struct vcpu_svm *svm)

{

	struct kvm_sev_info *sev = to_kvm_sev_info(svm->vcpu.kvm);

	struct vmcb *vmcb = svm->vmcb01.ptr;

	struct kvm_vcpu *vcpu = &svm->vcpu;

	if (svm->sev_es.vmsa && !svm->sev_es.snp_has_guest_vmsa)

		svm->vmcb->control.vmsa_pa = __pa(svm->sev_es.vmsa);

	if (cpu_feature_enabled(X86_FEATURE_ALLOWED_SEV_FEATURES))

		svm->vmcb->control.allowed_sev_features = sev->vmsa_features |

							  VMCB_ALLOWED_SEV_FEATURES_VALID;

	/* Can't intercept CR register access, HV can't modify CR registers */

	svm_clr_intercept(svm, INTERCEPT_CR0_READ);

	svm_clr_intercept(svm, INTERCEPT_CR4_READ);

	pr_err("%-20s%016llx\n", "avic_logical_id:", control->avic_logical_id);

	pr_err("%-20s%016llx\n", "avic_physical_id:", control->avic_physical_id);

	pr_err("%-20s%016llx\n", "vmsa_pa:", control->vmsa_pa);

	pr_err("%-20s%016llx\n", "allowed_sev_features:", control->allowed_sev_features);

	pr_err("%-20s%016llx\n", "guest_sev_features:", control->guest_sev_features);

	if (sev_es_guest(vcpu->kvm)) {

		save = sev_decrypt_vmsa(vcpu);