Re: [PATCH] KVM: x86: synthesize TSA CPUID bits via SCATTERED_F()
From: Sean Christopherson
Date: Mon Feb 09 2026 - 10:09:17 EST
On Mon, Feb 09, 2026, Carlos López wrote:
> Hi,
>
> On 2/9/26 6:48 AM, Jim Mattson wrote:
> > On Sun, Feb 8, 2026 at 1:14 PM Borislav Petkov <bp@xxxxxxxxx> wrote:
> >>
> >> On Sun, Feb 08, 2026 at 12:50:18PM -0800, Jim Mattson wrote:
> >>>> /*
> >>>> * Synthesized Feature - For features that are synthesized into boot_cpu_data,
> >>>> * i.e. may not be present in the raw CPUID, but can still be advertised to
> >>>> * userspace. Primarily used for mitigation related feature flags.
> >>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >>>> */
> >>>> #define SYNTHESIZED_F(name)
> >>>>
> >>>>> + SCATTERED_F(TSA_SQ_NO),
> >>>>> + SCATTERED_F(TSA_L1_NO),
> >>>>
> >>>> And scattered are of the same type.
> >>>>
> >>>> Sean, what's the subtle difference here?
> >>>
> >>> SYNTHESIZED_F() sets the bit unconditionally. SCATTERED_F() propagates
> >>> the bit (if set) from the host's cpufeature flags.
As noted below, SYNTHESIZED_F() isn't entirely unconditional. kvm_cpu_cap_init()
factors in boot_cpu_data.x86_capability, the problem here is that SYNTHESIZED_F()
is now being used for KVM-only leafs, and so the common code doesn't work as
intended.
> >> Yah, and I was hinting at the scarce documentation.
Maybe I could add a table showing how the XXX_F() macros map to various controls?
> >> SYNTHESIZED_F() is "Primarily used for mitigation related feature flags."
> >> SCATTERED_F() is "For features that are scattered by cpufeatures.h."
> >
> > Ugh. I have to rescind my Reviewed-by. IIUC, SCATTERED_F() implies a
> > logical and with hardware CPUID, which means that the current proposal
> > will never set the ITS_NO bits.
>
> Right, I see what you mean now. SCATTERED_F() will set kvm_cpu_caps
> correctly, but then this will clear the bits, because
> kvm_cpu_cap_synthesized is now 0:
>
> kvm_cpu_caps[leaf] &= (raw_cpuid_get(cpuid) |
> kvm_cpu_cap_synthesized);
>
> So to me it seems like SYNTHESIZED_F() is just wrong,
It was right when I wrote it :-)
> since it always enables bits for KVM-only leafs.
Yes, I didn't anticipate synthesizing flags into KVM-only leafs.
> So how about the following
> (I think Binbin Wu suggests this in his other email):
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 819c176e02ff..5e863e213f54 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -769,7 +769,8 @@ do { \
> */
> #define SYNTHESIZED_F(name) \
> ({ \
> - kvm_cpu_cap_synthesized |= feature_bit(name); \
> + if (boot_cpu_has(X86_FEATURE_##name)) \
> + kvm_cpu_cap_synthesized |= feature_bit(name); \
I would rather do this:
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 88a5426674a1..5f41924987c7 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -770,7 +770,10 @@ do { \
#define SYNTHESIZED_F(name) \
({ \
kvm_cpu_cap_synthesized |= feature_bit(name); \
- F(name); \
+ \
+ BUILD_BUG_ON(X86_FEATURE_##name >= MAX_CPU_FEATURES); \
+ if (boot_cpu_has(X86_FEATURE_##name)) \
+ F(name); \
})
/*
because I'd like to keep kvm_cpu_cap_synthesized unconditional and have
kvm_cpu_cap_features reflect what is supported. And with
Fixes: 31272abd5974 ("KVM: SVM: Advertise TSA CPUID bits to guests")
because everything was fine before that commit (though it was set up to fail).
> F(name); \
> })
>