KVM: SVM: Convert feature updates from CPUID to KVM cpu caps

Use the recently introduced KVM CPU caps to propagate SVM-only (kernel)
settings to supported CPUID flags.

Note, there are a few subtleties:

  - Setting a flag based on a *different* feature is effectively
    emulation, and must be done at runtime via ->set_supported_cpuid().

  - CPUID 0x8000000A.EDX is a feature leaf that was previously not
    adjusted by kvm_cpu_cap_mask() because all features are hidden by
    default.

Opportunistically add a technically unnecessary break and fix an
indentation issue in svm_set_supported_cpuid().

No functional change intended.

Reviewed-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 31ea934d9b4998f6eea95397405c0603fa54500a..a5aed82d9ffab35b47f8f6ae71f5cc8a69172e34 100644 (file)
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -370,6 +370,12 @@ void kvm_set_cpu_caps(void)
                F(AMD_SSB_NO) | F(AMD_STIBP) | F(AMD_STIBP_ALWAYS_ON)
        );
 
+       /*
+        * Hide all SVM features by default, SVM will set the cap bits for
+        * features it emulates and/or exposes for L1.
+        */
+       kvm_cpu_cap_mask(CPUID_8000_000A_EDX, 0);
+
        kvm_cpu_cap_mask(CPUID_C000_0001_EDX,
                F(XSTORE) | F(XSTORE_EN) | F(XCRYPT) | F(XCRYPT_EN) |
                F(ACE2) | F(ACE2_EN) | F(PHE) | F(PHE_EN) |

diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index aae5e3eff48dcdbf1c46e7964e5a9e24821c6d44..61333c8306b0dd823ba3e3be7345cf365fb49b59 100644 (file)
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -1367,6 +1367,23 @@ static void svm_hardware_teardown(void)
        iopm_base = 0;
 }
 
+static __init void svm_set_cpu_caps(void)
+{
+       kvm_set_cpu_caps();
+
+       /* CPUID 0x80000001 */
+       if (nested)
+               kvm_cpu_cap_set(X86_FEATURE_SVM);
+
+       /* CPUID 0x8000000A */
+       /* Support next_rip if host supports it */
+       if (boot_cpu_has(X86_FEATURE_NRIPS))
+               kvm_cpu_cap_set(X86_FEATURE_NRIPS);
+
+       if (npt_enabled)
+               kvm_cpu_cap_set(X86_FEATURE_NPT);
+}
+
 static __init int svm_hardware_setup(void)
 {
        int cpu;
@@ -1479,7 +1496,7 @@ static __init int svm_hardware_setup(void)
                        pr_info("Virtual GIF supported\n");
        }
 
-       kvm_set_cpu_caps();
+       svm_set_cpu_caps();
 
        return 0;
 
@@ -6035,16 +6052,20 @@ static void svm_cpuid_update(struct kvm_vcpu *vcpu)
                                         APICV_INHIBIT_REASON_NESTED);
 }
 
+/*
+ * Vendor specific emulation must be handled via ->set_supported_cpuid(), not
+ * svm_set_cpu_caps(), as capabilities configured during hardware_setup() are
+ * masked against hardware/kernel support, i.e. they'd be lost.
+ *
+ * Note, setting a flag based on a *different* feature, e.g. setting VIRT_SSBD
+ * if LS_CFG_SSBD or AMD_SSBD is supported, is effectively emulation.
+ */
 static void svm_set_supported_cpuid(struct kvm_cpuid_entry2 *entry)
 {
        switch (entry->function) {
-       case 0x80000001:
-               if (nested)
-                       cpuid_entry_set(entry, X86_FEATURE_SVM);
-               break;
        case 0x80000008:
                if (boot_cpu_has(X86_FEATURE_LS_CFG_SSBD) ||
-                    boot_cpu_has(X86_FEATURE_AMD_SSBD))
+                   boot_cpu_has(X86_FEATURE_AMD_SSBD))
                        cpuid_entry_set(entry, X86_FEATURE_VIRT_SSBD);
                break;
        case 0x8000000A:
@@ -6052,16 +6073,9 @@ static void svm_set_supported_cpuid(struct kvm_cpuid_entry2 *entry)
                entry->ebx = 8; /* Lets support 8 ASIDs in case we add proper
                                   ASID emulation to nested SVM */
                entry->ecx = 0; /* Reserved */
-               entry->edx = 0; /* Per default do not support any
-                                  additional features */
-
-               /* Support next_rip if host supports it */
-               if (boot_cpu_has(X86_FEATURE_NRIPS))
-                       cpuid_entry_set(entry, X86_FEATURE_NRIPS);
-
-               /* Support NPT for the guest if enabled */
-               if (npt_enabled)
-                       cpuid_entry_set(entry, X86_FEATURE_NPT);
+               /* Note, 0x8000000A.EDX is managed via kvm_cpu_caps. */;
+               cpuid_entry_mask(entry, CPUID_8000_000A_EDX);
+               break;
        }
 }