KVM: x86: Explicitly configure supported XSS from {svm,vmx}_set_cpu_caps() (f8ade833) · Commits · git / linux-net

arch/x86/kvm/svm/svm.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -5284,6 +5284,8 @@ static __init void svm_set_cpu_caps(void)
		*/
		kvm_cpu_cap_clear(X86_FEATURE_BUS_LOCK_DETECT);
		kvm_cpu_cap_clear(X86_FEATURE_MSR_IMM);

		kvm_setup_xss_caps();
		}

		static __init int svm_hardware_setup(void)

+2 −0

Original line number	Diff line number	Diff line
		@@ -8051,6 +8051,8 @@ static __init void vmx_set_cpu_caps(void)
		kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
		kvm_cpu_cap_clear(X86_FEATURE_IBT);
		}

		kvm_setup_xss_caps();
		}

		static bool vmx_is_io_intercepted(struct kvm_vcpu *vcpu,

+17 −13

Original line number	Diff line number	Diff line
		@@ -9953,6 +9953,23 @@ static struct notifier_block pvclock_gtod_notifier = {
		};
		#endif

		void kvm_setup_xss_caps(void)
		{
		if (!kvm_cpu_cap_has(X86_FEATURE_XSAVES))
		kvm_caps.supported_xss = 0;

		if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) &&
		!kvm_cpu_cap_has(X86_FEATURE_IBT))
		kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;

		if ((kvm_caps.supported_xss & XFEATURE_MASK_CET_ALL) != XFEATURE_MASK_CET_ALL) {
		kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
		kvm_cpu_cap_clear(X86_FEATURE_IBT);
		kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;
		}
		}
		EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_setup_xss_caps);

		static inline void kvm_ops_update(struct kvm_x86_init_ops *ops)
		{
		memcpy(&kvm_x86_ops, ops->runtime_ops, sizeof(kvm_x86_ops));
		@@ -10125,19 +10142,6 @@ int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
		if (!tdp_enabled)
		kvm_caps.supported_quirks &= ~KVM_X86_QUIRK_IGNORE_GUEST_PAT;

		if (!kvm_cpu_cap_has(X86_FEATURE_XSAVES))
		kvm_caps.supported_xss = 0;

		if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) &&
		!kvm_cpu_cap_has(X86_FEATURE_IBT))
		kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;

		if ((kvm_caps.supported_xss & XFEATURE_MASK_CET_ALL) != XFEATURE_MASK_CET_ALL) {
		kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
		kvm_cpu_cap_clear(X86_FEATURE_IBT);
		kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_ALL;
		}

		if (kvm_caps.has_tsc_control) {
		/*
		* Make sure the user can only configure tsc_khz values that

+2 −0

Original line number	Diff line number	Diff line
		@@ -471,6 +471,8 @@ extern struct kvm_host_values kvm_host;

		extern bool enable_pmu;

		void kvm_setup_xss_caps(void);

		/*
		* Get a filtered version of KVM's supported XCR0 that strips out dynamic
		* features for which the current process doesn't (yet) have permission to use.