Re: [PATCH v4 18/21] KVM: x86: Expose APX foundation feature to guests

[Sean Christopherson]

On Tue, May 12, 2026, Chang S. Bae wrote:
> @@ -1441,7 +1445,7 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
>  	switch (function) {
>  	case 0:
>  		/* Limited to the highest leaf implemented in KVM. */
> -		entry->eax = min(entry->eax, 0x24U);
> +		entry->eax = min(entry->eax, 0x29U);
>  		break;
>  	case 1:
>  		cpuid_entry_override(entry, CPUID_1_EDX);
> @@ -1712,6 +1716,11 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
>  		}
>  		break;
>  	}
> +	/* APX sub-features */
> +	case 0x29: {

Curly braces are unnecessary, now and in the next patch.

> +		entry->eax = entry->ebx = entry->ecx = entry->edx = 0;
> +		break;
> +	}
>  	case KVM_CPUID_SIGNATURE: {
>  		const u32 *sigptr = (const u32 *)KVM_SIGNATURE;
>  		entry->eax = KVM_CPUID_FEATURES;
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 85d4087ea927..84496bc0508d 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -5554,6 +5554,7 @@ static __init void svm_set_cpu_caps(void)
>  	 */
>  	kvm_cpu_cap_clear(X86_FEATURE_BUS_LOCK_DETECT);
>  	kvm_cpu_cap_clear(X86_FEATURE_MSR_IMM);
> +	kvm_cpu_cap_clear(X86_FEATURE_APX);
>  
>  	kvm_setup_xss_caps();
>  	kvm_finalize_cpu_caps();
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index f5f27e7b00b6..fc0924389398 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -219,10 +219,16 @@ EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_nr_uret_msrs);
>  static u32 __read_mostly kvm_uret_msrs_list[KVM_MAX_NR_USER_RETURN_MSRS];
>  static DEFINE_PER_CPU(struct kvm_user_return_msrs, user_return_msrs);
>  
> +#ifndef CONFIG_KVM_APX
> +#undef  XFEATURE_MASK_APX
> +#define XFEATURE_MASK_APX 0
> +#endif

Eww.

> +
>  #define KVM_SUPPORTED_XCR0     (XFEATURE_MASK_FP | XFEATURE_MASK_SSE \
>  				| XFEATURE_MASK_YMM | XFEATURE_MASK_BNDREGS \
>  				| XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 \
> -				| XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE)
> +				| XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE \
> +				| XFEATURE_MASK_APX)

Rather than the funky #undef, I vote to move KVM_SUPPORTED_XCR0 into
kvm_x86_vendor_init() as a "const u64".  That way kvm_x86_vendor_init() can
further manipulate kvm_caps.supported_xcr0 based on CONFIG_KVM_APX without
having to use iffdefery, and without having to worry about other KVM code
treating KVM_SUPPORTED_XCR0 as 100% authoritative.

E.g. slot this in as a prep patch:

---
From: Sean Christopherson <seanjc@xxxxxxxxxx>
Date: Fri, 29 May 2026 08:13:30 -0700
Subject: [PATCH] KVM: x86: Move KVM_SUPPORTED_{XCRO,XSS} into
 kvm_x86_vendor_init()

Move KVM_SUPPORTED_{XCR0,XSS} into kvm_x86_vendor_init() as "const u64"
values so that KVM's initialization code can further manipulate the set of
support XCR0/XSS features without need ugly #ifdeffery and without risking
other code treating KVM_SUPPORTED_{XCR0,XSS} as 100% authoritative.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
---
 arch/x86/kvm/cpuid.c |  2 +-
 arch/x86/kvm/x86.c   | 25 +++++++++++++------------
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index e69156b54cff..ea1b9a2f9116 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -253,7 +253,7 @@ static u32 kvm_apply_cpuid_pv_features_quirk(struct kvm_vcpu *vcpu)
 
 /*
  * Calculate guest's supported XCR0 taking into account guest CPUID data and
- * KVM's supported XCR0 (comprised of host's XCR0 and KVM_SUPPORTED_XCR0).
+ * KVM's supported XCR0 (the host's actual XCR0 masked by what KVM supports).
  */
 static u64 cpuid_get_supported_xcr0(struct kvm_vcpu *vcpu)
 {
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 48f259015ce4..cffbfe5ff116 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -219,19 +219,7 @@ EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_nr_uret_msrs);
 static u32 __read_mostly kvm_uret_msrs_list[KVM_MAX_NR_USER_RETURN_MSRS];
 static DEFINE_PER_CPU(struct kvm_user_return_msrs, user_return_msrs);
 
-#define KVM_SUPPORTED_XCR0     (XFEATURE_MASK_FP | XFEATURE_MASK_SSE \
-				| XFEATURE_MASK_YMM | XFEATURE_MASK_BNDREGS \
-				| XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 \
-				| XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE)
-
 #define XFEATURE_MASK_CET_ALL	(XFEATURE_MASK_CET_USER | XFEATURE_MASK_CET_KERNEL)
-/*
- * Note, KVM supports exposing PT to the guest, but does not support context
- * switching PT via XSTATE (KVM's PT virtualization relies on perf; swapping
- * PT via guest XSTATE would clobber perf state), i.e. KVM doesn't support
- * IA32_XSS[bit 8] (guests can/must use RDMSR/WRMSR to save/restore PT MSRs).
- */
-#define KVM_SUPPORTED_XSS	(XFEATURE_MASK_CET_ALL)
 
 bool __read_mostly allow_smaller_maxphyaddr = 0;
 EXPORT_SYMBOL_FOR_KVM_INTERNAL(allow_smaller_maxphyaddr);
@@ -10074,6 +10062,19 @@ static void kvm_x86_check_cpu_compat(void *ret)
 
 int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
 {
+	const u64 KVM_SUPPORTED_XCR0 = XFEATURE_MASK_FP | XFEATURE_MASK_SSE |
+				       XFEATURE_MASK_YMM | XFEATURE_MASK_BNDREGS |
+				       XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 |
+				       XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE;
+       /*
+	* Note, KVM supports exposing PT to the guest, but does not support
+	* context switching PT via XSTATE (KVM's PT virtualization relies on
+	* perf; swapping PT via guest XSTATE would clobber perf state), i.e.
+	* KVM doesn't support IA32_XSS[bit 8] (guests can/must use RDMSR/WRMSR
+	* to save/restore PT MSRs).
+	*/
+	const u64 KVM_SUPPORTED_XSS = XFEATURE_MASK_CET_ALL;
+
 	u64 host_pat;
 	int r, cpu;
 

base-commit: b7fbe9a1bf9ee6c967ef77d366ca58c35fcf1887
--