Re: [PATCH 7/7] KVM: SVM: Enable save/restore of FRED MSRs
From: Sean Christopherson
Date: Fri Mar 06 2026 - 21:14:25 EST
On Thu, Jan 29, 2026, Shivansh Dhiman wrote:
> Set the FRED_VIRT_ENABLE bit (bit 4) in the VIRT_EXT field of VMCB to enable
> FRED Virtualization for the guest. This enables automatic save/restore of
> FRED MSRs. Also toggle this bit when setting CPUIDs, to support booting of
> secure guests.
>
> Signed-off-by: Shivansh Dhiman <shivansh.dhiman@xxxxxxx>
> ---
> arch/x86/kvm/svm/svm.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 954df4eae90e..24579c149937 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -1144,6 +1144,9 @@ static void init_vmcb(struct kvm_vcpu *vcpu, bool init_event)
> save->fred_ssp3 = 0;
> save->fred_config = 0;
>
> + if (guest_cpu_cap_has(vcpu, X86_FEATURE_FRED))
> + svm->vmcb->control.virt_ext |= FRED_VIRT_ENABLE_MASK;
This is completely unnecessary, no? CPUID is empty at vCPU creation and so FRED
_can't_ be enabled before going through svm_vcpu_after_set_cpuid().
> init_sys_seg(&save->ldtr, SEG_TYPE_LDT);
> init_sys_seg(&save->tr, SEG_TYPE_BUSY_TSS16);
>
> @@ -4529,6 +4532,9 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu)
> if (guest_cpuid_is_intel_compatible(vcpu))
> guest_cpu_cap_clear(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD);
>
> + if (guest_cpu_cap_has(vcpu, X86_FEATURE_FRED))
> + svm->vmcb->control.virt_ext |= FRED_VIRT_ENABLE_MASK;
The flag needs to be cleared if FRED isn't supported, because KVM's wonderful
ABI allows userspace to modify CPUID however many times it wants before running
the vCPU.
> +
> if (sev_guest(vcpu->kvm))
> sev_vcpu_after_set_cpuid(svm);
> }
> --
> 2.43.0
>