On Wed, Nov 23, 2022 at 06:04:48PM -0600, Kim Phillips wrote:
The AMD Zen4 Automatic IBRS feature bit resides in the 0x80000021 leaf,
for which there is already support for exposing Zen3 bits to the guest.
Add AMD AutoIBRS feature bit support, including for the other bits,
using scattered/synthetic bits.
Add the corresponding word to KVM's feature machinery so that AutoIBRS
gets advertized into the guest too.
Co-developed-by: Babu Moger <Babu.Moger@xxxxxxx>
verify_tags: WARNING: Co-developed-by Babu Moger <Babu.Moger@xxxxxxx> hasn't signed off on the patch!
Co-developed-by: Borislav Petkov <bp@xxxxxxx>
Signed-off-by: Kim Phillips <kim.phillips@xxxxxxx>
...
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index c92c49a0b35b..61cd33a848cc 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -730,6 +730,25 @@ void kvm_set_cpu_caps(void)
0 /* SME */ | F(SEV) | 0 /* VM_PAGE_FLUSH */ | F(SEV_ES) |
F(SME_COHERENT));
+ /*
+ * Pass down these bits:
+ * EAX 0 NNDBP, Processor ignores nested data breakpoints
+ * EAX 2 LAS, LFENCE always serializing
+ * EAX 6 NSCB, Null selector clear base
+ * EAX 8 Automatic IBRS
+ *
+ * Other defined bits are for MSRs that KVM does not expose:
+ * EAX 3 SPCL, SMM page configuration lock
+ * EAX 13 PCMSR, Prefetch control MSR
+ */
+ kvm_cpu_cap_init_scattered(CPUID_8000_0021_EAX,
+ SF(NO_NESTED_DATA_BP) | SF(LFENCE_RDTSC) |
+ SF(NULL_SEL_CLR_BASE) | SF(AUTOIBRS));
+ if (static_cpu_has(X86_FEATURE_LFENCE_RDTSC))
+ kvm_cpu_cap_set(X86_FEATURE_LFENCE_RDTSC);
+ if (!static_cpu_has_bug(X86_BUG_NULL_SEG))
+ kvm_cpu_cap_set(X86_FEATURE_NULL_SEL_CLR_BASE);
So this looks backwards:
if X86_FEATURE_NULL_SEL_CLR_BASE is set, then X86_BUG_NULL_SEG should
not be.
Which means, you'd have to update check_null_seg_clears_base() too.
Which means, you should make the X86_FEATURE_NULL_SEL_CLR_BASE bit
addition a separate patch because this one is clearly doing too many
things at once.