From nobody Sat Feb  7 06:54:26 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass(p=quarantine dis=none)  header.from=amd.com
ARC-Seal: i=2; a=rsa-sha256; t=1770311437; cv=pass;
	d=zohomail.com; s=zohoarc;
	b=PTkBkvfkxie8EuovjzUaogKcGa8uE14NOjgqgndWAKvT1ujuONAXGfhLNi+/FozeCOBf5i2kzc+lHZk6B5yPbwD0CzQeVdUToB9UNmSB8rCxkKa1ujGrAysEtHCSjjC8kU1weHuLr55K0Gorojbidfjy/L7fFXLjh1mzRw9iEWU=
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1770311437;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=mflu5yg/x6sFMgT8nkXWde/8IdOHVsgphCYV4lo/bCM=;
	b=fQ7nhz6Nb0kaaFK/m7FPN8FMFQjwu2h+L1iFl7xfrXP3TDzyYofJ4nmDPy6XueiEO7LL8FGjOW3zn8zN2sqRNZk3uj26ECtlcKJxAIu2iqAdvOXK8dtsWweLgDSd3U8s84UdcY+0nZrP4IrZgdmNvAX+KnSiIP6VeNhJclttcxE=
ARC-Authentication-Results: i=2; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass header.from=<alejandro.garciavallejo@amd.com> (p=quarantine
 dis=none)
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1770311437272224.31536612717025;
 Thu, 5 Feb 2026 09:10:37 -0800 (PST)
Received: from list by lists.xenproject.org with
 outflank-mailman.1222285.1530305 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rl-0004bb-Th; Thu, 05 Feb 2026 17:10:05 +0000
Received: by outflank-mailman (output) from mailman id 1222285.1530305;
 Thu, 05 Feb 2026 17:10:05 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rl-0004aD-Nk; Thu, 05 Feb 2026 17:10:05 +0000
Received: by outflank-mailman (input) for mailman id 1222285;
 Thu, 05 Feb 2026 17:10:04 +0000
Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254]
 helo=se1-gles-sth1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=eiMP=AJ=amd.com=Alejandro.GarciaVallejo@srs-se1.protection.inumbo.net>)
 id 1vo2rk-0003nM-2S
 for xen-devel@lists.xenproject.org; Thu, 05 Feb 2026 17:10:04 +0000
Received: from CH4PR04CU002.outbound.protection.outlook.com
 (mail-northcentralusazlp170130007.outbound.protection.outlook.com
 [2a01:111:f403:c105::7])
 by se1-gles-sth1.inumbo.com (Halon) with ESMTPS
 id 81d1ea6e-02b5-11f1-b161-2bf370ae4941;
 Thu, 05 Feb 2026 18:10:02 +0100 (CET)
Received: from BN9PR03CA0153.namprd03.prod.outlook.com (2603:10b6:408:f4::8)
 by CH1PR12MB9671.namprd12.prod.outlook.com (2603:10b6:610:2b0::8) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.16; Thu, 5 Feb
 2026 17:09:51 +0000
Received: from BN3PEPF0000B36E.namprd21.prod.outlook.com
 (2603:10b6:408:f4:cafe::e2) by BN9PR03CA0153.outlook.office365.com
 (2603:10b6:408:f4::8) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9587.14 via Frontend Transport; Thu,
 5 Feb 2026 17:09:51 +0000
Received: from satlexmb07.amd.com (165.204.84.17) by
 BN3PEPF0000B36E.mail.protection.outlook.com (10.167.243.165) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9611.0 via Frontend Transport; Thu, 5 Feb 2026 17:09:50 +0000
Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com
 (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Thu, 5 Feb
 2026 11:09:49 -0600
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 81d1ea6e-02b5-11f1-b161-2bf370ae4941
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=iOjw3ddZ57njugMK2f9y1tn4zVqtQoaRIEsfBEnOj7r5ztDnqOkO6MRAQ6+MFLUWg5qyYOqz9qomPZEHcwSWQYY+r1/WLyoZQPBIABjGjQEPqGJ7RL1kJpGXgji6Vhbr6E8IWQ3bfP4Hd9Y0pp1ELQybUX3zIaWEzQcxOd2sC8F085VW/o08iP9Wvho+wNvcLpScyuYCgfvu0yuE+polczTWn5HAdIofxvjmOb/wZxX3fj1kOGg6mJ25QrJSYrhCt7ZQLU5I+cSHcpneusIQmQ281c/wpVCl0BrVlJMgi2Ej0HAKWm16lfvrw/tAi4WahgiuRbiBiAH8Sg+GvRU1rA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=mflu5yg/x6sFMgT8nkXWde/8IdOHVsgphCYV4lo/bCM=;
 b=R8ZvBlsLB3J9mZqqVtatqGfpe2b+0f+aihjJhTOrsAVtfkiMTj5/6ei5diEgYI25jmWrrhqc6aMTkIgdSaoA4dJMXU08a0a/X5seG3PUw7GkdSGTew7Ukr0PA1dkfHMa72sFuuRComKCE2C0EF35mfljdsHZ9ddnMjFGTonII8H7Tym1uamInTSD8SBUgXtFbb8AXTvtTR/raDKS8YbVJDAnw4nVL2sqFiG2yDliONsyYTTH4h9gLZcZdZf4djD0vvZ9Lr7EYW6VXrmoeiKm6EX59h7MDuTDYnbpAfylw7cDcsEK7Neps3H+VlZTAPTSBf2vyGZMAk8xSOZrGfCx8Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=mflu5yg/x6sFMgT8nkXWde/8IdOHVsgphCYV4lo/bCM=;
 b=tNRbKtTZobvdc4M//bb8VfkKrxPDNABXrykVs3PoRVMkuTHFt0cTfjlU2NO5gh3mI9nr0TdInu+p86Y/h5iN417RSJaeemZEGym+MqrqrKaQ4DeLaQAsG0zDOfFRJbLIksllhNoNiSfq18ouee6ytcUYLOBDgDdTdSEI2W1xQPM=
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
From: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
To: <xen-devel@lists.xenproject.org>
CC: Alejandro Vallejo <alejandro.garciavallejo@amd.com>, Oleksii Kurochko
	<oleksii.kurochko@gmail.com>, Community Manager
	<community.manager@xenproject.org>, Jan Beulich <jbeulich@suse.com>, "Andrew
 Cooper" <andrew.cooper3@citrix.com>, =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?=
	<roger.pau@citrix.com>
Subject: [PATCH v2 1/4] x86: Reject CPU policies with vendors other than the
 host's
Date: Thu, 5 Feb 2026 18:09:19 +0100
Message-ID: <20260205170923.38425-2-alejandro.garciavallejo@amd.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
References: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: satlexmb08.amd.com (10.181.42.217) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BN3PEPF0000B36E:EE_|CH1PR12MB9671:EE_
X-MS-Office365-Filtering-Correlation-Id: 695867bc-d7fb-4fe7-566a-08de64d95fad
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
 BCL:0;ARA:13230040|36860700013|376014|82310400026|1800799024|13003099007;
X-Microsoft-Antispam-Message-Info: 
 =?us-ascii?Q?TUCGFBGjf9qY8mvleQz3Xm5ndTNUTAKywaFNivGqXq6ruro8TeqqKB9qQOur?=
 =?us-ascii?Q?uohtBlqiNg6MTFODSmUSrFMuYYCuKBEdE09vUXNssUUDNfBp6SLF/jSgY3ZI?=
 =?us-ascii?Q?OVg8JYk7W3PnTK/mpPamOjM0XT/xWDNiaXPunDrPsohZElnxQ/sSJS0Q9Dbl?=
 =?us-ascii?Q?keC1u6M+lftuTCpMxHN/Q2NyBMYvSFxz5Dhcq2oS3zPHfsc0/LOcb3ulCAUt?=
 =?us-ascii?Q?pZzhRkLwmSke1AStnejLyY3Qh7DexqsiofXc867WwoL38m2G9vqcNt3KUrWq?=
 =?us-ascii?Q?uWfdywuGFwQee4c4P0NmfWkVLrarSH13KHft+EBPI6EJ8b6iQewLTIs+KWOG?=
 =?us-ascii?Q?TxjheFSCNuwP3HrXEj37zLU0BfixNDCU3WYTp2lE1KFXE9DqnjPjr2fiftvP?=
 =?us-ascii?Q?+yggpztznwIhPmdqmvYvDC3Cr4mCUFEDnCdae8WbCWjgpqVLVoHCozgvNbQi?=
 =?us-ascii?Q?BKwknjM/N2OUymCT1zuglz2F0tgn6LRm8fLh9NPHM8ENu5hpSdnMwQxs2Lef?=
 =?us-ascii?Q?inWB8GyAlN7yhBUt6TPhgKt1AUK9XhkDRmwn8seOhxC4D8K2pF6tdMo0WkUM?=
 =?us-ascii?Q?bNNfs3FRH7kXkmkr8WUEVbjaF7V3SuwXyaYKJmZdMcYzUB8TAWSoY1dzYDVv?=
 =?us-ascii?Q?zyEBlDCt+BREb2FnIhEG00k25CyUZ4LFyjfnTvJSH3l0aW1tDF3sIz4WZukw?=
 =?us-ascii?Q?/pVm1sVgh2SprJ5CQ/QCtebq+KbyojseS42oMYwg+LV2IS2UoExbsdqLjuvJ?=
 =?us-ascii?Q?qk9o53wELic8aDstsG/xJiOnUsc/49JHutjsuTwy6oHQng7TVt8CXZREWAfn?=
 =?us-ascii?Q?aJdZpqrcmkkGdWYw0kHcRxhda2cUhen04DGtp/XQRFIwTLAdUBF3+lV3HLgA?=
 =?us-ascii?Q?fkiJFzOVTBrDhjVZITv0IX3sL1TSrK2eSZ4OfmL4mrOs8rM7j0M/FoZn1JEG?=
 =?us-ascii?Q?4e51JyFVUpnMeMh0SOsDvlO9O4xdFYVsUtJ4FHfQGRFP1UIVuJgLtRiSdpS0?=
 =?us-ascii?Q?h8Ui9+5w3Hc6xgdK5Sme71GlIYEDoDBv6rjk8gHqJINmNQ93izM1gCAa3yCg?=
 =?us-ascii?Q?zIcgeDboCFkcH9cX8ON99dWR/cEn86tS+HMh8GlIbxV5k7oyFBPqBWUZcjlp?=
 =?us-ascii?Q?eAKFVlHA+1gWkNCJgyId7WZppKzZqQcnh8ZH/xe0nD1hkMpVwroLlbcTeJ9T?=
 =?us-ascii?Q?Kp984RiyYEfk3tT7F1DBoc4dzSds1ttFX5myQR2uB3AeoPx1j9/1ri0MD5cQ?=
 =?us-ascii?Q?dBNGe4P+STuQXL7h7b24uUWUR9OGB8blvVlsQyMYo46XIWNGpkLxtp2i23mi?=
 =?us-ascii?Q?bpax2VNF6QF21q6i1qRtKkDWtsBlWs64ObPdCKXYvwknnyLoZQv6GvVnQsj8?=
 =?us-ascii?Q?TS/1QEEXckYX/SGxlzn8wezDaEaVvoBrmmsdU2aKrJcZtDpN1PQym/76Spqb?=
 =?us-ascii?Q?9osnagI7WClFo7sgFFrLoD1zoz4O6upFmKRGd2ix3305FXk1zBrq+ouZ4AvF?=
 =?us-ascii?Q?UTC27dIW0nGW9ks1VHzOnk+vTgESMzbPmZOBSnC+gQuspBnOtgFJPiN9pytZ?=
 =?us-ascii?Q?yVUJgnaCJ+ASmcT0jj9CnS3d2AD3HQVZNB6xxDXj?=
X-Forefront-Antispam-Report: 
 CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(376014)(82310400026)(1800799024)(13003099007);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 jrWRRhDnAbH7gDpcdAVpRWAwVMhyQaGXVApI7Z8fkmt5SMveW/tDG0RVCSX9lgIUt9zRjwLihwwC5kIiSpwZjaF+u96xxj6BwFpW6/gksv3Hehk6JlPjzU8z7MlNFY4xQw5zKFLojK5W/oDTsAjBNkbs8lxnK5C/G6MaY3J2FjOQKZvlkZK2DCEhXNtUQAfOHTus143CQCOTxiJ1SUQq64KaHObUBHmos6I0iBHiwsyjdbLz3W2nya+iy2IGcRvHmsGvd7orM+apoQnN4PejHHGuuz0eBdZwaJII6liOj8qcSGL6T6oPiPBvJctmj53sX3cBf5WETwNwIY5uKmogtdD+xrVTxFM9mx4nxrw+WDUilbkSRqCR0sc5x7DuAkTq9/53X03NjNl1RQ6QXR6JiRAgHGLvroGMxdaNyIb+oyNqiqHGPJEFDzVuprAIEuu2
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Feb 2026 17:09:50.8644
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 695867bc-d7fb-4fe7-566a-08de64d95fad
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 BN3PEPF0000B36E.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH1PR12MB9671
X-ZohoMail-DKIM: pass (identity @amd.com)
X-ZM-MESSAGEID: 1770311438831154100
Content-Type: text/plain; charset="utf-8"

While in principle it's possible to have a vendor virtualising another,
this is fairly tricky in practice and comes with the world's supply of
security issues.

Reject any CPU policy with vendors not matching the host's.

Signed-off-by: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
---
v2:
  * Reversed polarity of leaf0 check in policy compatibility helper.
  * Reworded changelog entry in terms of LM + save/restore.
---
 CHANGELOG.md         | 5 +++++
 xen/lib/x86/policy.c | 3 ++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 18f3d10f20..426c0bce67 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,11 @@ The format is based on [Keep a Changelog](https://keepac=
hangelog.com/en/1.0.0/)
    - Xenoprofile support.  Oprofile themselves removed support for Xen in =
2014
      prior to the version 1.0 release, and there has been no development s=
ince
      before then in Xen.
+   - Domains can no longer run on a CPU vendor if they were initially laun=
ched
+     on a different CPU vendor. This affects live migrations and save/rest=
ore
+     workflows accross mixed-vendor hosts. Cross-vendor emulation has alwa=
ys
+     been unreliable, but since 2017 with the advent of speculation securi=
ty it
+     became unsustainably so.
=20
  - Removed xenpm tool on non-x86 platforms as it doesn't actually provide
    anything useful outside of x86.
diff --git a/xen/lib/x86/policy.c b/xen/lib/x86/policy.c
index f033d22785..079c42a29b 100644
--- a/xen/lib/x86/policy.c
+++ b/xen/lib/x86/policy.c
@@ -15,7 +15,8 @@ int x86_cpu_policies_are_compatible(const struct cpu_poli=
cy *host,
 #define FAIL_MSR(m) \
     do { e.msr =3D (m); goto out; } while ( 0 )
=20
-    if ( guest->basic.max_leaf > host->basic.max_leaf )
+    if ( (guest->x86_vendor     !=3D host->x86_vendor) ||
+         (guest->basic.max_leaf >  host->basic.max_leaf) )
         FAIL_CPUID(0, NA);
=20
     if ( guest->feat.max_subleaf > host->feat.max_subleaf )
--=20
2.43.0
From nobody Sat Feb  7 06:54:26 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass(p=quarantine dis=none)  header.from=amd.com
ARC-Seal: i=2; a=rsa-sha256; t=1770311427; cv=pass;
	d=zohomail.com; s=zohoarc;
	b=ccV+FOwiZPiRI+0WJgYf0KmR/tfKXyGwwbkUN8bo5hUIJpLcIAMJDAKqix2x3EaupW5L+AEnG+VOC8gPL+OXU082eePcLa2gNijGYCh8d5hQnEeoy+uXPDjaMssIOu0+0KFK28CDjc1IB1uV708SYagFuFe/qjcFRln6bmT0gP4=
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1770311427;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=E4FKeqmCM9a2ErEXn6Kh0b9mOhoAFlSSuBV0vP6kKFk=;
	b=KJFYHiT3UqvW+Rf0MtG2sjexHdOYkeoN1ah9BcuAJ82hm94LIv05hWKXtGFoa/+PxxjZfwdPqSmIbD5Y43g178jwQvYRj69rrqtYL3Bsoen+oG9gMZfEBPIxF2KRGaghKtL0jQqvpZFTUr5J6aZFjcOFxDDPjPNmvDVjq7SxA7s=
ARC-Authentication-Results: i=2; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass header.from=<alejandro.garciavallejo@amd.com> (p=quarantine
 dis=none)
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1770311427468915.5305016440396;
 Thu, 5 Feb 2026 09:10:27 -0800 (PST)
Received: from list by lists.xenproject.org with
 outflank-mailman.1222283.1530282 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rk-0003u2-5B; Thu, 05 Feb 2026 17:10:04 +0000
Received: by outflank-mailman (output) from mailman id 1222283.1530282;
 Thu, 05 Feb 2026 17:10:04 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rj-0003s9-Uu; Thu, 05 Feb 2026 17:10:03 +0000
Received: by outflank-mailman (input) for mailman id 1222283;
 Thu, 05 Feb 2026 17:10:02 +0000
Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50]
 helo=se1-gles-flk1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=eiMP=AJ=amd.com=Alejandro.GarciaVallejo@srs-se1.protection.inumbo.net>)
 id 1vo2ri-0003It-Nu
 for xen-devel@lists.xenproject.org; Thu, 05 Feb 2026 17:10:02 +0000
Received: from MW6PR02CU001.outbound.protection.outlook.com
 (mail-westus2azlp170120002.outbound.protection.outlook.com
 [2a01:111:f403:c007::2])
 by se1-gles-flk1.inumbo.com (Halon) with ESMTPS
 id 808cf9f1-02b5-11f1-9ccf-f158ae23cfc8;
 Thu, 05 Feb 2026 18:10:00 +0100 (CET)
Received: from BN9PR03CA0457.namprd03.prod.outlook.com (2603:10b6:408:139::12)
 by DM4PR12MB6010.namprd12.prod.outlook.com (2603:10b6:8:6a::7) with
 Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9587.13; Thu, 5 Feb 2026 17:09:52 +0000
Received: from BN3PEPF0000B370.namprd21.prod.outlook.com
 (2603:10b6:408:139:cafe::36) by BN9PR03CA0457.outlook.office365.com
 (2603:10b6:408:139::12) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9587.14 via Frontend Transport; Thu,
 5 Feb 2026 17:09:48 +0000
Received: from satlexmb07.amd.com (165.204.84.17) by
 BN3PEPF0000B370.mail.protection.outlook.com (10.167.243.167) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9611.0 via Frontend Transport; Thu, 5 Feb 2026 17:09:52 +0000
Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com
 (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Thu, 5 Feb
 2026 11:09:50 -0600
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 808cf9f1-02b5-11f1-9ccf-f158ae23cfc8
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=kAO+Wd9NweWWzOfASMGBmsPmgVlSuCr8f4Ot6U+rBY0QaoAQHuBghGCNLQsHcWTWyI9ZaF3MdGUDdqOVuDe8hing94uwKeStP/71nw6xV/yhuoDG5LfCfZyU5QkqMzxFW+5bcUKuQctpDJjsyIhSzH2t9++Co0zprFCO0ti45ew+7o7TJvbonSRnywDEzdeSQhH0qGNJYuSV7aLw5O3JszoMPHrkBQeNvWEXTE5m5HKHoV+swedI/SAD8Sj+DGaxubxyrTArGjByfPYXrEeZXeahFEuKEpAPEckMyQgbbWivq7NvhWNg3poySAinHZmP3PCpE7Bl/5hVsrcZOFjlEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=E4FKeqmCM9a2ErEXn6Kh0b9mOhoAFlSSuBV0vP6kKFk=;
 b=lpzewu1hyHLymkyEkPC+N+sBNhl7cRHUIQPCwSJhJh/5BzJv+Yaeze7MS+TZ11HZSW1Z7WqY9dUDhc4oR46SB6DMLvtWij7Xw4NNrgeFRBK/07WH2tPJY9qNQo3fNQwa6/j9kiQVCz0AjLZJG9SnfkkfEagUhI6lBgAy7Nvfn2PPvGKJGT1aeVDYezL9w9F/teDLshY8sEffkr0Tl3DbOPm87PGpd1VVYSQjZDrS8I4ZkCtaQoerXNVNeBjhSZNml1yCICIDVUUH/02WOF5/T75zR8IW6wURGEunH0LS2fC3l9rSLbDaFFS8061PjuVdW/bD1bsXH1/F3b7VM2KMbw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=E4FKeqmCM9a2ErEXn6Kh0b9mOhoAFlSSuBV0vP6kKFk=;
 b=PEKn78Xl2QBq+omHbs3iFpua/u55cCbXz4A2J8fpQ3i5JcZpCH3Ajp7fpZMsVS3Vo4ZQz3qdpfwmJ2f2QXDWZSq57aX3UCMfiRQLQrhiM2yDkmGyFA5DPqgk4Clf1UIBeBEmktTu9SeaOilXSjiFgh0h/vdoM2tLvqWvgUqY54k=
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
From: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
To: <xen-devel@lists.xenproject.org>
CC: Alejandro Vallejo <alejandro.garciavallejo@amd.com>, Jan Beulich
	<jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>,
	=?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= <roger.pau@citrix.com>, Jason Andryuk
	<jason.andryuk@amd.com>
Subject: [PATCH v2 2/4] x86/hvm: Disable cross-vendor handling in #UD handler
Date: Thu, 5 Feb 2026 18:09:20 +0100
Message-ID: <20260205170923.38425-3-alejandro.garciavallejo@amd.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
References: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: satlexmb08.amd.com (10.181.42.217) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BN3PEPF0000B370:EE_|DM4PR12MB6010:EE_
X-MS-Office365-Filtering-Correlation-Id: 0f89cbd7-9528-4d3e-d118-08de64d96073
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
 BCL:0;ARA:13230040|1800799024|376014|36860700013|82310400026;
X-Microsoft-Antispam-Message-Info: 
 =?us-ascii?Q?G9I8i8Ew1CbZ5mtRMJjgB85h47SCty2b+rsbG1/ZyFV5839zd47heBpZb5FZ?=
 =?us-ascii?Q?aArGit6UdCd9/dcuGJT41zWSksq93BSJKDi22F/rNeBGmbW6Wgiu1TXV9VWJ?=
 =?us-ascii?Q?DYQX/d4v3f/s+aXwttXwYNf13KFRZJpMl7PcXmhawWOmYlc3GcmSnuIFlQke?=
 =?us-ascii?Q?jqJ2wVKh8F1VhCyqjfln3fUoeVKs8JAc6FeNgIezuKGrR5DkpYnz//rHljY8?=
 =?us-ascii?Q?h1c74Lkq94tzt2D/ytXrs1jdoB4lwXHF7njcRvo8neyt8+25iwhuQrCMeNLJ?=
 =?us-ascii?Q?RI/Rztx1z18RanENBOb2HdhQrv6BqtiHNsER4w4MsGv8Q2gGqUhjyX2e7mdJ?=
 =?us-ascii?Q?AF9Fxwn82D/lMhdSm40GTDo+7uFpFG8r0OteynvBq+WXHu85QY9vMWZfNGXc?=
 =?us-ascii?Q?+Jw79z43ELcUi+a5mntEZjVjmpOG44Q/VMLf3dXdW7KDyOIwxw7a+225Sx1+?=
 =?us-ascii?Q?nf6Rtoywp3vnJVYNSHypAESydFJWud2Tt5SbVUF/3+rkFQemjwlEQRaJaE5g?=
 =?us-ascii?Q?yIMGGKcmSLEdFPLiPo9HV3P0T3o8LRlJtOgZsb+5UM8T7MAPFB5lZhT4tdIh?=
 =?us-ascii?Q?vW0pfCXRJAAhcmy9YUK/weQlVKVVqL8cdqz2qj+Wao71pAZZfbPua6a8tBkV?=
 =?us-ascii?Q?Tsl3MMClURGPZffZ7Z6W+PMTbjBbtTWQtj2ywH7NjK52rZEkIf3Lws9KApT1?=
 =?us-ascii?Q?8Ng7gZioyydOdiTuPCYj4d5qcOmdMYIBg7NXPNxfUx6PEJ/JxCFweUaXRFmm?=
 =?us-ascii?Q?qv6DbDvgWeV6H9wwxRuHBgaqWutwy6KpC5jJ63gjkstcqyZMvepNBoGWyoOi?=
 =?us-ascii?Q?KNRJaudR4EngDlOKuK7CO5IjJK/2OC9XYIkNI5TthQPPBJjArNC7B09WJvDw?=
 =?us-ascii?Q?Ca3aQZ26NB6LEdHE2htJBOs0zJOaojLDWROQayn578Q7gJADgTztteDtNNwK?=
 =?us-ascii?Q?izc0/FPhO9GTIqy1H/RQVk3C+kP3AQTkSvQ1Z6+1tEr+eFazmpB89zI0KoRo?=
 =?us-ascii?Q?sov+It00QkgMSTzfl4s8SY84V3YgH0E7dsRXRj8vzPN02Ol130f6U9TgD6V8?=
 =?us-ascii?Q?t8QX26oPlHsRJ1BI2rQ7pAP8sQgNbyeeAdUMvblmyY2Xc9cGuJ7VQGRXwpSI?=
 =?us-ascii?Q?a0GxfyODmmnqfIapDcseLGxfHsDT+r8rHyj99BNYqw7s6N/xyAH/F3Xcp+Zg?=
 =?us-ascii?Q?9LJY/TFCS+UsZvvjo2aErDqvwFwrYTAWMTqozVsRaY7sDLEIYRT8v9NPqlSc?=
 =?us-ascii?Q?aIoz7PL4hZyTtEwoar/aZVuWpdLu7Diop81wvBBvGa05cAKZXEE4yaCh2cTf?=
 =?us-ascii?Q?s3Vxezto0KszeGch17Pu+msl4OhfeyPuEEpRYVzcbeuH0kgnLiPMuY/GSlGU?=
 =?us-ascii?Q?J13yj25gaUDhnHxX6PQ76Xxr0eM0bl0XGWl2wm1FnCHTAUjrVkK2jEQNAsXA?=
 =?us-ascii?Q?PPiyTHg8NQNRTlEp7rpkeOzqvficqXTT1Em2rbdW1NkkawfNH+p5Ls3MH2eX?=
 =?us-ascii?Q?+9J+DPHJwsJb2dvq+eW+UOrDYjbZnOVCDeHj0u8bg9Knb65O50YmYdKcs4Hp?=
 =?us-ascii?Q?oFMbOGgilkcGVfKNCfdNHu0swmNo8RlbQm+g+8qwnHQXMxVm5AuLfcfspRy7?=
 =?us-ascii?Q?7Y0j2goARDXfPz9rAnHb2sM=3D?=
X-Forefront-Antispam-Report: 
 CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(36860700013)(82310400026);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 ED1LGKZOE2uzilZVIHgf6KW3iDGdDV/D3d850EdZdijVbVqIe81Y3DjFjr/1gQjJ7qxqHeSZ7KpYhWwL20izEkHv4+MjF/DgBPeA7vzuJ2JXhG2om0oCdphGN1d7oPXKA3PCtcUR4EW2CFiJpYBQR2aRbaDmoaNgnqg+h08SnxMr7G7m8xxTx8A4KjtguDCBVhdRhWmLcmtW3ayHxK/JC9JTaTTJH06HgDOP4sf8p6zZpAnFkQ8RnMJEs5RJmxoVgFN7XMc03KVyva1aaHCGgxnUHOtnPLY1+vmTa8B83ky6PeX3BeaVxTW86sJ+qdo5307iyQad2iMdNBvbUUwlheJfxEzFFB2w2UfuKoX6wuTvhWkTWaXkXb0qhL8InfBdblx+rfV94AOcgGjHwn4LkmtmEzopIv8GGZQKb2BZvzr1+J2JOrtKZJRXHoH0FmQ4
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Feb 2026 17:09:52.1660
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 0f89cbd7-9528-4d3e-d118-08de64d96073
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 BN3PEPF0000B370.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6010
X-ZohoMail-DKIM: pass (identity @amd.com)
X-ZM-MESSAGEID: 1770311429150158500
Content-Type: text/plain; charset="utf-8"

Remove cross-vendor support now that VMs can no longer have a different
vendor than the host.

While at it, refactor the function to exit early and skip initialising
the emulation context when FEP is not enabled.

No functional change intended.

Signed-off-by: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
---
The diff is annoying, but keeping prior logic is silly when it can be
simplified and the emulation context initialisation removed on the
overwhelming majority of cases.

v2:
  * Fix bug introduced in v1: Don't emulate instructions when they
    shouldn't be emulated.
  * Refactor the function so it's simpler.
---
 xen/arch/x86/hvm/hvm.c     | 77 +++++++++++++++-----------------------
 xen/arch/x86/hvm/svm/svm.c |  3 +-
 xen/arch/x86/hvm/vmx/vmx.c |  3 +-
 3 files changed, 32 insertions(+), 51 deletions(-)

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 4d37a93c57..8708af9425 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3832,69 +3832,47 @@ int hvm_descriptor_access_intercept(uint64_t exit_i=
nfo,
     return X86EMUL_OKAY;
 }
=20
-static bool cf_check is_cross_vendor(
-    const struct x86_emulate_state *state, const struct x86_emulate_ctxt *=
ctxt)
-{
-    switch ( ctxt->opcode )
-    {
-    case X86EMUL_OPC(0x0f, 0x05): /* syscall */
-    case X86EMUL_OPC(0x0f, 0x34): /* sysenter */
-    case X86EMUL_OPC(0x0f, 0x35): /* sysexit */
-        return true;
-    }
-
-    return false;
-}
-
 void hvm_ud_intercept(struct cpu_user_regs *regs)
 {
     struct vcpu *cur =3D current;
-    bool should_emulate =3D
-        cur->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor;
     struct hvm_emulate_ctxt ctxt;
+    const struct segment_register *cs =3D &ctxt.seg_reg[x86_seg_cs];
+    uint32_t walk =3D PFEC_insn_fetch;
+    unsigned long addr;
+    char sig[5]; /* ud2; .ascii "xen" */
=20
-    hvm_emulate_init_once(&ctxt, opt_hvm_fep ? NULL : is_cross_vendor, reg=
s);
+    if ( !opt_hvm_fep )
+        goto reinject;
=20
-    if ( opt_hvm_fep )
-    {
-        const struct segment_register *cs =3D &ctxt.seg_reg[x86_seg_cs];
-        uint32_t walk =3D ((ctxt.seg_reg[x86_seg_ss].dpl =3D=3D 3)
-                         ? PFEC_user_mode : 0) | PFEC_insn_fetch;
-        unsigned long addr;
-        char sig[5]; /* ud2; .ascii "xen" */
-
-        if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip,
-                                        sizeof(sig), hvm_access_insn_fetch,
-                                        cs, &addr) &&
-             (hvm_copy_from_guest_linear(sig, addr, sizeof(sig),
-                                         walk, NULL) =3D=3D HVMTRANS_okay)=
 &&
-             (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) =3D=3D 0) )
-        {
-            regs->rip +=3D sizeof(sig);
-            regs->eflags &=3D ~X86_EFLAGS_RF;
+    hvm_emulate_init_once(&ctxt, NULL, regs);
=20
-            /* Zero the upper 32 bits of %rip if not in 64bit mode. */
-            if ( !(hvm_long_mode_active(cur) && cs->l) )
-                regs->rip =3D (uint32_t)regs->rip;
+    if ( ctxt.seg_reg[x86_seg_ss].dpl =3D=3D 3 )
+        walk |=3D PFEC_user_mode;
=20
-            add_taint(TAINT_HVM_FEP);
+    if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip,
+                                    sizeof(sig), hvm_access_insn_fetch,
+                                    cs, &addr) &&
+         (hvm_copy_from_guest_linear(sig, addr, sizeof(sig),
+                                     walk, NULL) =3D=3D HVMTRANS_okay) &&
+         (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) =3D=3D 0) )
+    {
+        regs->rip +=3D sizeof(sig);
+        regs->eflags &=3D ~X86_EFLAGS_RF;
=20
-            should_emulate =3D true;
-        }
-    }
+        /* Zero the upper 32 bits of %rip if not in 64bit mode. */
+        if ( !(hvm_long_mode_active(cur) && cs->l) )
+            regs->rip =3D (uint32_t)regs->rip;
=20
-    if ( !should_emulate )
-    {
-        hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC);
-        return;
+        add_taint(TAINT_HVM_FEP);
     }
+    else
+        goto reinject;
=20
     switch ( hvm_emulate_one(&ctxt, VIO_no_completion) )
     {
     case X86EMUL_UNHANDLEABLE:
     case X86EMUL_UNIMPLEMENTED:
-        hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC);
-        break;
+        goto reinject;
     case X86EMUL_EXCEPTION:
         hvm_inject_event(&ctxt.ctxt.event);
         /* fall through */
@@ -3902,6 +3880,11 @@ void hvm_ud_intercept(struct cpu_user_regs *regs)
         hvm_emulate_writeback(&ctxt);
         break;
     }
+
+    return;
+
+ reinject:
+    hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC);
 }
=20
 enum hvm_intblk hvm_interrupt_blocked(struct vcpu *v, struct hvm_intack in=
tack)
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index 18ba837738..10d1bf350c 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -589,8 +589,7 @@ static void cf_check svm_cpuid_policy_changed(struct vc=
pu *v)
     const struct cpu_policy *cp =3D v->domain->arch.cpu_policy;
     u32 bitmap =3D vmcb_get_exception_intercepts(vmcb);
=20
-    if ( opt_hvm_fep ||
-         (v->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor)=
 )
+    if ( opt_hvm_fep )
         bitmap |=3D (1U << X86_EXC_UD);
     else
         bitmap &=3D ~(1U << X86_EXC_UD);
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index 82c55f49ae..eda99e268d 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -803,8 +803,7 @@ static void cf_check vmx_cpuid_policy_changed(struct vc=
pu *v)
     const struct cpu_policy *cp =3D v->domain->arch.cpu_policy;
     int rc =3D 0;
=20
-    if ( opt_hvm_fep ||
-         (v->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor)=
 )
+    if ( opt_hvm_fep )
         v->arch.hvm.vmx.exception_bitmap |=3D (1U << X86_EXC_UD);
     else
         v->arch.hvm.vmx.exception_bitmap &=3D ~(1U << X86_EXC_UD);
--=20
2.43.0
From nobody Sat Feb  7 06:54:26 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass(p=quarantine dis=none)  header.from=amd.com
ARC-Seal: i=2; a=rsa-sha256; t=1770311428; cv=pass;
	d=zohomail.com; s=zohoarc;
	b=muyXn16VXruNRIM3r6oXEjyZU03jVJ7ve9XF55yHmG/MYUl1u1KrjBkMj7pbT4v4/E6g1TI77ejpuj4EDom4MJeeNQFfl/G21CwzxU2n8ZRqNDOTwv+ADpYygihaq6B9APa3xeh8dxZn60VN7DHDIzUzXGbt5W4xfMRwc0tpm8E=
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1770311428;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=jBpFBQTDjfYGESALWpvq1K9sdPU23kKe6+u6O2nDSkc=;
	b=CyOSeve3CSapfKvd8iLzFcZ2bf0MnJvalkKnbd/fQLAyS/9GQ/cBQTYm5z5/jZ9Awj0Qx2s+ZMd23XZ5ZllgCp2WHWziAqSPoFwRHprRJUMkmekUzVCbYHtuGwYk75G5YdAJon1kA6DmU4ZP9LDF/WPSSBozvQfCMLLizZIa4BQ=
ARC-Authentication-Results: i=2; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass header.from=<alejandro.garciavallejo@amd.com> (p=quarantine
 dis=none)
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1770311428915405.6873115737868;
 Thu, 5 Feb 2026 09:10:28 -0800 (PST)
Received: from list by lists.xenproject.org with
 outflank-mailman.1222286.1530308 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rm-0004ga-6l; Thu, 05 Feb 2026 17:10:06 +0000
Received: by outflank-mailman (output) from mailman id 1222286.1530308;
 Thu, 05 Feb 2026 17:10:06 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rm-0004ec-01; Thu, 05 Feb 2026 17:10:06 +0000
Received: by outflank-mailman (input) for mailman id 1222286;
 Thu, 05 Feb 2026 17:10:04 +0000
Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50]
 helo=se1-gles-flk1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=eiMP=AJ=amd.com=Alejandro.GarciaVallejo@srs-se1.protection.inumbo.net>)
 id 1vo2rk-0003It-TG
 for xen-devel@lists.xenproject.org; Thu, 05 Feb 2026 17:10:04 +0000
Received: from CY7PR03CU001.outbound.protection.outlook.com
 (mail-westcentralusazlp170100005.outbound.protection.outlook.com
 [2a01:111:f403:c112::5])
 by se1-gles-flk1.inumbo.com (Halon) with ESMTPS
 id 82a07710-02b5-11f1-9ccf-f158ae23cfc8;
 Thu, 05 Feb 2026 18:10:03 +0100 (CET)
Received: from BN9PR03CA0461.namprd03.prod.outlook.com (2603:10b6:408:139::16)
 by DS7PR12MB5815.namprd12.prod.outlook.com (2603:10b6:8:77::13) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9587.14; Thu, 5 Feb
 2026 17:09:54 +0000
Received: from BN3PEPF0000B370.namprd21.prod.outlook.com
 (2603:10b6:408:139:cafe::20) by BN9PR03CA0461.outlook.office365.com
 (2603:10b6:408:139::16) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9587.14 via Frontend Transport; Thu,
 5 Feb 2026 17:09:43 +0000
Received: from satlexmb07.amd.com (165.204.84.17) by
 BN3PEPF0000B370.mail.protection.outlook.com (10.167.243.167) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9611.0 via Frontend Transport; Thu, 5 Feb 2026 17:09:54 +0000
Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com
 (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Thu, 5 Feb
 2026 11:09:52 -0600
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 82a07710-02b5-11f1-9ccf-f158ae23cfc8
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=XKBUMpcXB882L+w4U6c/m0A68oxUKJgyABnfS3tYhhrbRC8QVIthHeNgfb3CdVKNFuyXgcGmaqVQWTEhfdSWbNe2cxhcim1c5DBxxYzlSdazKrEsGBrSWzkJ2n6FAbxmFh7GLbsRxD/TZXUia+okFOAXBslmNyjFQFGxww1JjYHaOn0wWp2M8LEy5DzkoHd5Dj4qLSNdI9GhQmuqOYFbabaJf/AVp4KEtNjX8mcasmLMonSoFwz2pMZelw6KST0RweUre41jPI1YJgdcs/27HlxRr8yBfGZhvyDc6PmY31syq8363/WPRqufb0fD1H1SIhUNvJBkWJZKooTvaEUV6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=jBpFBQTDjfYGESALWpvq1K9sdPU23kKe6+u6O2nDSkc=;
 b=FmFMNqcUbC4PAbMtyhi2XzJB3SOIETY6/aimC2utr7GonogxnMXUHnxQGaeG76I83n7kTnx7dMnuOaY/la0Wavr1NwM6ne4/Eq4ERSsgYvIO6hFBMDCzr7OF0crTQJ/5Xa959IAD9KwvICAWTjVqtKR06FfbvzxhQ9ewCluuJ2y+B3y8vx5K48ejjyRfIX6k1xF//4U8S6KO2KdnhsTL/m7YfSxy3ppTIFpx4QVdMlipOofMZrSKRV5IGg2T2cutZNHWVZlSikQctVAY63NCCjXP2eonnAa7oVIf/qLV12MK3xjXy45Bt6xT0cbfog3dN8VfDqQ9VS7uEaXPTaLl0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=jBpFBQTDjfYGESALWpvq1K9sdPU23kKe6+u6O2nDSkc=;
 b=R2mikabrClKSY/POgWnxWcq+fvfWcf5fu4e/bfLPxEx29eweOuiclmDhpFZRqLVKHSMdYKKtRZo4DbCnXC3NC67xTCPROgqAwVLYZGeZ14yjGL5ebsw7FbULRyF9GBtuPA98/DzRSq+pijnGL3+pHYpeVMF44TK20w+Hd+l7ifY=
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
From: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
To: <xen-devel@lists.xenproject.org>
CC: Alejandro Vallejo <alejandro.garciavallejo@amd.com>, Jan Beulich
	<jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>,
	=?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= <roger.pau@citrix.com>, Teddy Astie
	<teddy.astie@vates.tech>
Subject: [PATCH v2 3/4] x86/hvm: Remove cross-vendor checks from MSR handlers.
Date: Thu, 5 Feb 2026 18:09:21 +0100
Message-ID: <20260205170923.38425-4-alejandro.garciavallejo@amd.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
References: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: satlexmb08.amd.com (10.181.42.217) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BN3PEPF0000B370:EE_|DS7PR12MB5815:EE_
X-MS-Office365-Filtering-Correlation-Id: 26e2c9d8-8ce4-4777-4849-08de64d961c1
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
 BCL:0;ARA:13230040|1800799024|376014|36860700013|82310400026;
X-Microsoft-Antispam-Message-Info: 
 =?us-ascii?Q?8ktf/zgpQEaD/coL0Q7aICyna9c83yQOWmwZK0BXt9cmoLIcwce+5wfZDfY5?=
 =?us-ascii?Q?D4GUDMvJIQBpAsEw2m9+Iko2H04mvotTQ584NG12Y+C5VDXIcTh8+ovuzVVl?=
 =?us-ascii?Q?FRrHvnOpdZB+xaZ4I+ZTnoFZQfFBNVdwFYlLdXYZAmKUPfxTQZhkL1CIIDl2?=
 =?us-ascii?Q?tCWKerU+v+WxiwT024eyNP/3IXIKqWQ9taBkKnkUdJ0lwFSw0ThLPOKyi+uE?=
 =?us-ascii?Q?sksid0czvWnsPAOs1hpL2WOVKVPLdGAm7xGUv5AYSL2I6SK3CfwVAiRnUSv6?=
 =?us-ascii?Q?D8YlRZ4vrILcpHlmJcYZzZPqkpHH5z2BupvgfM8o1KwwO7hrzxQpDiJgAYbu?=
 =?us-ascii?Q?itK+6GNu4ALwCynZG+njmuoYrpPq1ZiMiYPSIeEn8ycobRDhV3IGKuwARYyR?=
 =?us-ascii?Q?ky3L1BEVOPsAZ+1qBhkvEurrMQmuBnsCS8yxVrCFzbBzWgP8GF1/J2DPxAFB?=
 =?us-ascii?Q?bBHdYyITjcOsFbZfprd0x/ztSn2cEk/HqFopulz7cdEL63oOo3w81Iu6d+2K?=
 =?us-ascii?Q?IuvGOvL5fy9AL/jl/KD7r1AxcDPJnf7pYRZX2BaWXaFSA8Y2H0mnIa3j7VkL?=
 =?us-ascii?Q?kcPMG0gc9Eq9me+80C92H3iUGp7Gd/GuHv0+wMvXhTB6nkFebV2r7Rb1HfOZ?=
 =?us-ascii?Q?5lDOdkKqG0o3vuz5gLVMHtdurTskVONq5xlcxJZ7rNcBV+WREOAum789XotX?=
 =?us-ascii?Q?PCtH3WgYahTEMTXeb13kZHSvtauG/fVg2TeqNiqUeKN0wNUbJnhBRX+EZxCS?=
 =?us-ascii?Q?0w5AQxQLMmTjTeNgf8aO/Di/XHC9AOZpWrMIYUIt7XFHsUHie3siCWAT/Fef?=
 =?us-ascii?Q?9zE9mhRRrPFa4QAbuIig5nHlhn3cCgpK3sU0vZvD9XQ1Je53r42fEW8i8cUY?=
 =?us-ascii?Q?O4hsDDeMVAySBYCykB2uQxurpjBMjo4gXc+SEagm6WRhTYIwCW6fc9tSAtpm?=
 =?us-ascii?Q?UEYg2oGiekO3qO3H2ginupmxcocjBSQpYzkfg1KhMltc2z3gMa4yF6MFvJ0z?=
 =?us-ascii?Q?ZeYMajDynmM6Jnn9Ak1QeXtXlQCXr05SM/8UNod1U8+yDbzc7RyS4ih1dRJz?=
 =?us-ascii?Q?4GcT9wJVTlHN+biMqX3wBldcTMm+QtysElRtb9QrmQEMGidlcRrKKbT/PcOQ?=
 =?us-ascii?Q?GDZPuhQkKCwVdo0ttjoQ+1r0byoTOPXyXMWh/ZkNYsYduzSpRRFihDS9LhVK?=
 =?us-ascii?Q?SFSdy3ZVwkBVexARn53mJgEEF4YT+z4GfsB5ZYKoODqrfS//mYDitvLCz5TQ?=
 =?us-ascii?Q?a38MaTV9tR2BOxn+WXPW4G6vkepid18GO1OOv4VkAbEH1VTiFHEQjAFhsBf6?=
 =?us-ascii?Q?fpfEtqQbbRkOdTe6t8v1sOK/m7a1YFjbKEQDMXEa53JYqiHcvbXVOeoJ/dL+?=
 =?us-ascii?Q?NMGru6vnYae14918Al8P7gxnkgEJ/h3EI1db0yQagn76oklrFjZJeT/2LTFt?=
 =?us-ascii?Q?RTU/auR3mBkaBXWqg71Ukw0xundNqi0DiVAS4CidFzH4bLfqHs9K4xwhy0Vt?=
 =?us-ascii?Q?jQOCY6DrwrWxUpTLyi0SOe/dzaEqnz+kqhWJxF03e+uzUZ08xQvw59O5XMfQ?=
 =?us-ascii?Q?hv75tq1LjyQNXjOYaLdKuTTMFeOqPJOwq+y+Zb0yeLpQHXajCaA2/71n50Yj?=
 =?us-ascii?Q?2RHKo+debzbp6ca8jxzFaqs=3D?=
X-Forefront-Antispam-Report: 
 CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(36860700013)(82310400026);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 OsbTs9mhF55wBxUtKHOLlekRZ2+NFUpStJcV66c31BlajeWsnmK0/mzYd58HDBQtZKQzJRbnNQnu96qu6MfZKqIsFsK8u946jr5INvex4ZBaMK13Bp30OZPc6l9Fo4lCP65Y6sM80Crgr0e4ZJXcMjnAoaiz9m+dbNll22Fimq/wJOGD96benW+mB+eql7j/vIiv/Az8R54lrgtTpUCZwhUuAbBtvNjMJYcZ1HCvh59CscXXyKI1TBqpNVPCxZvfZBF1cIjvFW51NYbO9jnx07j8fI9QYHssNA3RDY0cgAGbv3SCHjzeSc53Ams2luQHPNC3gl325J0egpgltfvUXicT2gf0BfY0ZoFPeP1eJ0MyWeN8JYGGlVZFRUXbaHssSS2JH/vSUjLDc75UEFklN7qmUF9VjId5ZU7uWsKwaBMLn/wuHBZLSFfWIBozZo+j
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Feb 2026 17:09:54.3501
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 26e2c9d8-8ce4-4777-4849-08de64d961c1
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 BN3PEPF0000B370.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB5815
X-ZohoMail-DKIM: pass (identity @amd.com)
X-ZM-MESSAGEID: 1770311430379154100
Content-Type: text/plain; charset="utf-8"

Not a functional change now that cross-vendor guests are not launchable.

Signed-off-by: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
Reviewed-by: Teddy Astie <teddy.astie@vates.tech>
---
v2:
  * Use boot_cpu_data rather than policy vendor.
---
 xen/arch/x86/msr.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index ad75a2e108..d10891dcfc 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arch/x86/msr.c
@@ -169,9 +169,9 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t =
*val)
         break;
=20
     case MSR_IA32_PLATFORM_ID:
-        if ( !(cp->x86_vendor & X86_VENDOR_INTEL) ||
-             !(boot_cpu_data.x86_vendor & X86_VENDOR_INTEL) )
+        if ( boot_cpu_data.vendor !=3D X86_VENDOR_INTEL )
             goto gp_fault;
+
         rdmsrl(MSR_IA32_PLATFORM_ID, *val);
         break;
=20
@@ -189,9 +189,7 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t =
*val)
          * from Xen's last microcode load, which can be forwarded straight=
 to
          * the guest.
          */
-        if ( !(cp->x86_vendor & (X86_VENDOR_INTEL | X86_VENDOR_AMD)) ||
-             !(boot_cpu_data.x86_vendor &
-               (X86_VENDOR_INTEL | X86_VENDOR_AMD)) ||
+        if ( !(boot_cpu_data.vendor & (X86_VENDOR_INTEL | X86_VENDOR_AMD))=
 ||
              rdmsr_safe(MSR_AMD_PATCHLEVEL, val) )
             goto gp_fault;
         break;
--=20
2.43.0
From nobody Sat Feb  7 06:54:26 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass(p=quarantine dis=none)  header.from=amd.com
ARC-Seal: i=2; a=rsa-sha256; t=1770311436; cv=pass;
	d=zohomail.com; s=zohoarc;
	b=ARgtq82MdxjhrCyg8zNmczzg1AYIkoBxJ7ubBTTpxjZ2ZSWKIHFZcwPPMW6MjY4S8fpceviKV8ukJaXFd5IXFRGXPIKK1Dx7eQt44dsv6WY7XaiE852QqLzZh3TybZcOj2xIhhJ5zYaWKQxHeQ+Q/CQU50Lut+VdyiVlCphm0PA=
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1770311436;
 h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=HcmMhNrUvdJLDtdj//oBMXNGmJweY+Izab2C0gA4R0Y=;
	b=FTJmk5921PnV+81h+qoAOZmg98CTsin0dmtVwHXHZpIX0h11pCq7GPX90dloo6qmEo2vyGb29R5kWN+YB+ZATHVN3skN355IEgaADS/URhgfNg5JA0yLtDF/iOcjyjt4woHdiqNxekFewoNXApQ5/NDJaQ9T1RbfSJfJP58vpCo=
ARC-Authentication-Results: i=2; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	arc=pass (i=1 dmarc=pass fromdomain=amd.com);
	dmarc=pass header.from=<alejandro.garciavallejo@amd.com> (p=quarantine
 dis=none)
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 1770311436464110.16524467221382;
 Thu, 5 Feb 2026 09:10:36 -0800 (PST)
Received: from list by lists.xenproject.org with
 outflank-mailman.1222284.1530287 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rk-0003yt-FV; Thu, 05 Feb 2026 17:10:04 +0000
Received: by outflank-mailman (output) from mailman id 1222284.1530287;
 Thu, 05 Feb 2026 17:10:04 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1vo2rk-0003x2-8T; Thu, 05 Feb 2026 17:10:04 +0000
Received: by outflank-mailman (input) for mailman id 1222284;
 Thu, 05 Feb 2026 17:10:03 +0000
Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50]
 helo=se1-gles-flk1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=eiMP=AJ=amd.com=Alejandro.GarciaVallejo@srs-se1.protection.inumbo.net>)
 id 1vo2rj-0003It-4o
 for xen-devel@lists.xenproject.org; Thu, 05 Feb 2026 17:10:03 +0000
Received: from DM5PR21CU001.outbound.protection.outlook.com
 (mail-centralusazlp170110009.outbound.protection.outlook.com
 [2a01:111:f403:c111::9])
 by se1-gles-flk1.inumbo.com (Halon) with ESMTPS
 id 80e8bfec-02b5-11f1-9ccf-f158ae23cfc8;
 Thu, 05 Feb 2026 18:10:01 +0100 (CET)
Received: from BLAPR03CA0125.namprd03.prod.outlook.com (2603:10b6:208:32e::10)
 by CH2PR12MB4325.namprd12.prod.outlook.com (2603:10b6:610:a9::14)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9587.15; Thu, 5 Feb
 2026 17:09:55 +0000
Received: from BN3PEPF0000B372.namprd21.prod.outlook.com
 (2603:10b6:208:32e:cafe::16) by BLAPR03CA0125.outlook.office365.com
 (2603:10b6:208:32e::10) with Microsoft SMTP Server (version=TLS1_3,
 cipher=TLS_AES_256_GCM_SHA384) id 15.20.9587.15 via Frontend Transport; Thu,
 5 Feb 2026 17:09:42 +0000
Received: from satlexmb07.amd.com (165.204.84.17) by
 BN3PEPF0000B372.mail.protection.outlook.com (10.167.243.169) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.9611.0 via Frontend Transport; Thu, 5 Feb 2026 17:09:54 +0000
Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com
 (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Thu, 5 Feb
 2026 11:09:53 -0600
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 80e8bfec-02b5-11f1-9ccf-f158ae23cfc8
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=JXgBWqyV+84jOfyo/IWJmSC8UNj9MDRpz6aOT/Ssecm82I+ejC/chcj/2borBmEw/+5jlRCCvUDQLoiBGun36Gu8HviLz1IQxphuvQpDJrEqQsRviXEWM4r1+uQ47OtM2iF/W9h46BTzgxdUBJQuYZcUikJ9OOwSDL1f5+MXH7N5tV8rVeFFQm3tf04B1lS6Y4B37bUAehONkXmh50TxD0tGyEs4TcuKw5j1w3OqYNUjIZ92uO6OeJI+8VO3IDL4hJAEBf03igN9EZNcKuwI7t7iifm4xYHsU1OFt8Vd2sdhYeR6FzYgOdqksCKWjaTd7cvie+28Ad5o13cKJ1thZw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=HcmMhNrUvdJLDtdj//oBMXNGmJweY+Izab2C0gA4R0Y=;
 b=TqQmm/cpDUC4sCr8TaSHt18y13spQqWA4sdTy5s67nzcZbMmZjJ+gRS33V2Ghk3g0Km3Ei7XAs41JRmS6P7xGgqbQcyVzqQxUxXFyJ/oUupiFN9E8PcsxFvbY4tsitqFb5H5gYCRmOrbZr8JQOZ+KIFxxm5zZmbHEaSfL1bz829cLcutI9sYcENHaTEUxteNukdmCiF2qZIlJaCp/bWtGmiP70cayWuqXX3didADsVJ4kJZPQn9JgNY5zAjdQ6Vv43Jif3oGCVUtCMBa0RTf+8dX1a5SkDkJcjEK/AvUuTebA2bC5hahJ8NXHrCbb7hh5XzcV2iPl6JXvtoxgcloUw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=HcmMhNrUvdJLDtdj//oBMXNGmJweY+Izab2C0gA4R0Y=;
 b=14eiHhnJl9pULr0BQ3Qfq5w3pO4LKCixlbNRkFIE8/yckARPwg/EwPXDb6Um0OX2Erbb5LhhBoRLZgnIdOkVhWQyHCXfOCTxUVFKW85/a8R0YUIMklVv+69ymvMMVJxM+F+ZxRgmURtwNGRTZckRoZ4tfHhCoDBExu50AzkpI0E=
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C
From: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
To: <xen-devel@lists.xenproject.org>
CC: Alejandro Vallejo <alejandro.garciavallejo@amd.com>, Jan Beulich
	<jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>,
	=?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= <roger.pau@citrix.com>, Jason Andryuk
	<jason.andryuk@amd.com>, Teddy Astie <teddy.astie@vates.tech>
Subject: [PATCH v2 4/4] x86/svm: Drop emulation of Intel's SYSENTER behaviour
 on AMD systems
Date: Thu, 5 Feb 2026 18:09:22 +0100
Message-ID: <20260205170923.38425-5-alejandro.garciavallejo@amd.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
References: <20260205170923.38425-1-alejandro.garciavallejo@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: satlexmb08.amd.com (10.181.42.217) To satlexmb07.amd.com
 (10.181.42.216)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BN3PEPF0000B372:EE_|CH2PR12MB4325:EE_
X-MS-Office365-Filtering-Correlation-Id: 444c8db9-69dd-4f62-60ef-08de64d96224
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
 BCL:0;ARA:13230040|36860700013|376014|82310400026|1800799024;
X-Microsoft-Antispam-Message-Info: 
 =?us-ascii?Q?RhIvZhNZYjXfcfj5qm4+eMPXDhrzwS4slTdbiAAGdYKYrfOf7a5briSm3qdn?=
 =?us-ascii?Q?xcg/08FPb4OnCLHQHJwT8HLYra0uTZXliC58Z62d+WVvid24e3lw+ruCPtg+?=
 =?us-ascii?Q?VGwju1gERA8FKvCCUJPnycbJzOTbvG5aMfIO2x/Dzd5WNZ/dE2tZ8A9c4/kD?=
 =?us-ascii?Q?VQgazdYqeWH/g6+lSY7AJNO4MzWS1Zg9tV1btlZiYUi+Lz6VpV0Y0ZRBjC6P?=
 =?us-ascii?Q?1wHRMdA+n5OeIFvCcb+odJodQbUZjQbOK6K5DVe7XZ/Z3alMlKYRcpg7eELG?=
 =?us-ascii?Q?aaMqIWFRnYnKOpTd4TYXvZneJCmPBhhcs+VlBo5fpJp5mRLY6X4N4QKXFe+B?=
 =?us-ascii?Q?jb7Tqkvu7nBNJls3G8i2Q8PnySemKXsPuxvaX4qvZ2ni06LYx2IweIZY4qhV?=
 =?us-ascii?Q?Ni8owPmXHCEkZ3IHoEDhsSpcs/rFBc2OjQnb7/yl2yG7Vgy3BFdptPKys6mS?=
 =?us-ascii?Q?lSqpddR3GX1Dj2C1A8+3XFNmU9DcRRZuIFhrZ0w5IAezQrGgX6lDl6KyG1TV?=
 =?us-ascii?Q?dIVFtaSelP31A3K+jXFhyNru6sw409pIfT1TDnT0dZVnJTw2YRmm8Vmd1Qhw?=
 =?us-ascii?Q?GkHM9GGG8XO4T0SGTgnv1do0CwLtkjm0X1pd5BpTNlsxZEJ3Gt4/L/y2tBr3?=
 =?us-ascii?Q?KLPDQ+KVhSCq5sw72KcQiWqJnSO9eNdFlnVJb1AS5/EQO9LtSNT38n1KkEZs?=
 =?us-ascii?Q?e99BFSZJXIoJu1+AsSCGm/i2g8Dz/NzERXCLLdzs++pCEpx6gqT4xwQWgI72?=
 =?us-ascii?Q?iCUqTVAgseS404BrRj4ignxILHeDt3zqnWh1Tay/A64gg1Im41z4Cs5w1DqI?=
 =?us-ascii?Q?i+3bs71e06ezKmjaLcg4CArU9b19fBpfFWcqXRgmKKF24K3fq8pLSXwVS708?=
 =?us-ascii?Q?EVaU6B0K6zrEK8Zu+zFLTjpnUJcicKWd2rKUQoBIc4Tf0T7cYJjuWmS22fvo?=
 =?us-ascii?Q?SAISTQgh9F6JH4SLiuaHPM2Lr9zaaIOxml+doLqAeP1Esx1JnUW6X+/vQWIn?=
 =?us-ascii?Q?g2RqLuBcx0vS/JgSJXUWkstNBfbDYhbCGP+fcjL60LKo5VlsMFbzioC3niTQ?=
 =?us-ascii?Q?xiyyc74QsFdo/gJBQ+vbjRW8BLxuAnfEBRPyjaYzqkgG6CduRuC1CLPtKxhC?=
 =?us-ascii?Q?lPPjoKGV8hnfDvv8WdBDG9Q/6hiLN/+SLF4CI6sGkLB87EOZXRQwddZow4ul?=
 =?us-ascii?Q?awRO1lYqgmjYPTw+O/GELKXr2HklMbSZC7uV5JvpmiiDcLKZ363e8e3ZYFix?=
 =?us-ascii?Q?P3gO42ugcE+DZAfx6/1psExWGDc1P71oZfkGjXfQD37Wc+nxktzP4OC1hQ1k?=
 =?us-ascii?Q?PVkgA0lgjGegKz7pQlmRo2d95rjobgEyt6UqMb3upH/i2aRCAhApWJy3zEfB?=
 =?us-ascii?Q?N9D3FdBXJXGnoh8do/yTZXkLavzlIwYHOxrh9fNbw1THu9ElvxRLFtvZisoI?=
 =?us-ascii?Q?SZ0amg8MfgUvek0heWdqEYYHLTIeckja+sqPoz94bn6JmeGz70ZeJS0POfY6?=
 =?us-ascii?Q?CIYJHOjugTUfp6c2E6EZyiMuc0Bnu0ZJWTH9HaRi/lD8CsKW9zcXteoF727b?=
 =?us-ascii?Q?DgDNcb/5zGJGJXaaVCh4QjfBPCRna6fqNYNivpWVR8BwuBuGXMrtvVlCN7H5?=
 =?us-ascii?Q?Hg=3D=3D?=
X-Forefront-Antispam-Report: 
 CIP:165.204.84.17;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(376014)(82310400026)(1800799024);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 04LEIklg/Z/DxOBv2rLvrWw9cE7eyA7oUuhcPJcrEAo5HumaeM7rKQG58vn2fWdRa8nOpGrNmNnoL/+a0kOYpMZIkvZcUR1CS3oE7nv8tjdJfXlB6vJw25WTWNL+jjCm3BErDpeRHnztBtn7s3oI2BhKVyyNUcJbEXxTxEdSbJt2gq+ASoXR6qfL7pHbVdtwP5GibEu8Xz8p2sHRu1sEu2y4abyiX82ADbOdXxXyCmp+EgumTzZYOCcGrRi3UIrMDqZ6MNDp+LRitnPKOWoKDR7TLWP27wzXazfJ+A4UrHVkagmdUZz7MKbhDtvQNCVUgIKyAvLHY3euSmJt+XjI/ifg4nZ6eFXcEaNdam6RUR3jVX6x3ki7ePLZZZ/28r9YHqEeRIu3GTGSqecJjRxGJwC8IgnzhjR1O9Ou/ash6eKw9mqDS47bIZKKoFkCxeRz
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Feb 2026 17:09:54.9996
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 444c8db9-69dd-4f62-60ef-08de64d96224
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 BN3PEPF0000B372.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4325
X-ZohoMail-DKIM: pass (identity @amd.com)
X-ZM-MESSAGEID: 1770311436958158500
Content-Type: text/plain; charset="utf-8"

With cross-vendor support gone, it's no longer needed.

AMD CPUs ignore the top 32 bits of the SYSENTER/SYSEXIT MSRs, which is
not how this emulation worked due to the need for cross-vendor support.
Any AMD VMs storing state in the top 32bits of the SEP MSRs will lose
it.

It's very unlikely to affect any production VM because having 64bit width
just isn't how real AMD CPUs behave.

Signed-off-by: Alejandro Vallejo <alejandro.garciavallejo@amd.com>
Reviewed-by: Teddy Astie <teddy.astie@vates.tech>
---
v2:
  * Reworded commit message to mention the loss of the top dword for
    any VM stupid enough to use it.
---
 xen/arch/x86/hvm/svm/svm.c               | 42 +++++++++++-------------
 xen/arch/x86/hvm/svm/vmcb.c              |  3 ++
 xen/arch/x86/include/asm/hvm/svm-types.h | 10 ------
 3 files changed, 22 insertions(+), 33 deletions(-)

diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index 10d1bf350c..329c4446e9 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -401,10 +401,6 @@ static int svm_vmcb_save(struct vcpu *v, struct hvm_hw=
_cpu *c)
 {
     struct vmcb_struct *vmcb =3D v->arch.hvm.svm.vmcb;
=20
-    c->sysenter_cs =3D v->arch.hvm.svm.guest_sysenter_cs;
-    c->sysenter_esp =3D v->arch.hvm.svm.guest_sysenter_esp;
-    c->sysenter_eip =3D v->arch.hvm.svm.guest_sysenter_eip;
-
     if ( vmcb->event_inj.v &&
          hvm_event_needs_reinjection(vmcb->event_inj.type,
                                      vmcb->event_inj.vector) )
@@ -468,11 +464,6 @@ static int svm_vmcb_restore(struct vcpu *v, struct hvm=
_hw_cpu *c)
     svm_update_guest_cr(v, 0, 0);
     svm_update_guest_cr(v, 4, 0);
=20
-    /* Load sysenter MSRs into both VMCB save area and VCPU fields. */
-    vmcb->sysenter_cs =3D v->arch.hvm.svm.guest_sysenter_cs =3D c->sysente=
r_cs;
-    vmcb->sysenter_esp =3D v->arch.hvm.svm.guest_sysenter_esp =3D c->sysen=
ter_esp;
-    vmcb->sysenter_eip =3D v->arch.hvm.svm.guest_sysenter_eip =3D c->sysen=
ter_eip;
-
     if ( paging_mode_hap(v->domain) )
     {
         vmcb_set_np(vmcb, true);
@@ -501,6 +492,9 @@ static void svm_save_cpu_state(struct vcpu *v, struct h=
vm_hw_cpu *data)
 {
     struct vmcb_struct *vmcb =3D v->arch.hvm.svm.vmcb;
=20
+    data->sysenter_cs      =3D vmcb->sysenter_cs;
+    data->sysenter_esp     =3D vmcb->sysenter_esp;
+    data->sysenter_eip     =3D vmcb->sysenter_eip;
     data->shadow_gs        =3D vmcb->kerngsbase;
     data->msr_lstar        =3D vmcb->lstar;
     data->msr_star         =3D vmcb->star;
@@ -512,11 +506,14 @@ static void svm_load_cpu_state(struct vcpu *v, struct=
 hvm_hw_cpu *data)
 {
     struct vmcb_struct *vmcb =3D v->arch.hvm.svm.vmcb;
=20
-    vmcb->kerngsbase =3D data->shadow_gs;
-    vmcb->lstar      =3D data->msr_lstar;
-    vmcb->star       =3D data->msr_star;
-    vmcb->cstar      =3D data->msr_cstar;
-    vmcb->sfmask     =3D data->msr_syscall_mask;
+    vmcb->sysenter_cs  =3D data->sysenter_cs;
+    vmcb->sysenter_esp =3D data->sysenter_esp;
+    vmcb->sysenter_eip =3D data->sysenter_eip;
+    vmcb->kerngsbase   =3D data->shadow_gs;
+    vmcb->lstar        =3D data->msr_lstar;
+    vmcb->star         =3D data->msr_star;
+    vmcb->cstar        =3D data->msr_cstar;
+    vmcb->sfmask       =3D data->msr_syscall_mask;
     v->arch.hvm.guest_efer =3D data->msr_efer;
     svm_update_guest_efer(v);
 }
@@ -1720,12 +1717,9 @@ static int cf_check svm_msr_read_intercept(
=20
     switch ( msr )
     {
-        /*
-         * Sync not needed while the cross-vendor logic is in unilateral e=
ffect.
     case MSR_IA32_SYSENTER_CS:
     case MSR_IA32_SYSENTER_ESP:
     case MSR_IA32_SYSENTER_EIP:
-         */
     case MSR_STAR:
     case MSR_LSTAR:
     case MSR_CSTAR:
@@ -1740,13 +1734,15 @@ static int cf_check svm_msr_read_intercept(
     switch ( msr )
     {
     case MSR_IA32_SYSENTER_CS:
-        *msr_content =3D v->arch.hvm.svm.guest_sysenter_cs;
+        *msr_content =3D vmcb->sysenter_cs;
         break;
+
     case MSR_IA32_SYSENTER_ESP:
-        *msr_content =3D v->arch.hvm.svm.guest_sysenter_esp;
+        *msr_content =3D vmcb->sysenter_esp;
         break;
+
     case MSR_IA32_SYSENTER_EIP:
-        *msr_content =3D v->arch.hvm.svm.guest_sysenter_eip;
+        *msr_content =3D vmcb->sysenter_eip;
         break;
=20
     case MSR_STAR:
@@ -1940,11 +1936,11 @@ static int cf_check svm_msr_write_intercept(
         switch ( msr )
         {
         case MSR_IA32_SYSENTER_ESP:
-            vmcb->sysenter_esp =3D v->arch.hvm.svm.guest_sysenter_esp =3D =
msr_content;
+            vmcb->sysenter_esp =3D msr_content;
             break;
=20
         case MSR_IA32_SYSENTER_EIP:
-            vmcb->sysenter_eip =3D v->arch.hvm.svm.guest_sysenter_eip =3D =
msr_content;
+            vmcb->sysenter_eip =3D msr_content;
             break;
=20
         case MSR_LSTAR:
@@ -1970,7 +1966,7 @@ static int cf_check svm_msr_write_intercept(
         break;
=20
     case MSR_IA32_SYSENTER_CS:
-        vmcb->sysenter_cs =3D v->arch.hvm.svm.guest_sysenter_cs =3D msr_co=
ntent;
+        vmcb->sysenter_cs =3D msr_content;
         break;
=20
     case MSR_STAR:
diff --git a/xen/arch/x86/hvm/svm/vmcb.c b/xen/arch/x86/hvm/svm/vmcb.c
index e583ef8548..76fcaf15c2 100644
--- a/xen/arch/x86/hvm/svm/vmcb.c
+++ b/xen/arch/x86/hvm/svm/vmcb.c
@@ -97,6 +97,9 @@ static int construct_vmcb(struct vcpu *v)
     svm_disable_intercept_for_msr(v, MSR_LSTAR);
     svm_disable_intercept_for_msr(v, MSR_STAR);
     svm_disable_intercept_for_msr(v, MSR_SYSCALL_MASK);
+    svm_disable_intercept_for_msr(v, MSR_IA32_SYSENTER_CS);
+    svm_disable_intercept_for_msr(v, MSR_IA32_SYSENTER_EIP);
+    svm_disable_intercept_for_msr(v, MSR_IA32_SYSENTER_ESP);
=20
     vmcb->_msrpm_base_pa =3D virt_to_maddr(svm->msrpm);
     vmcb->_iopm_base_pa =3D __pa(v->domain->arch.hvm.io_bitmap);
diff --git a/xen/arch/x86/include/asm/hvm/svm-types.h b/xen/arch/x86/includ=
e/asm/hvm/svm-types.h
index 051b235d8f..aaee91b4b6 100644
--- a/xen/arch/x86/include/asm/hvm/svm-types.h
+++ b/xen/arch/x86/include/asm/hvm/svm-types.h
@@ -27,16 +27,6 @@ struct svm_vcpu {
=20
     /* VMCB has a cached instruction from #PF/#NPF Decode Assist? */
     uint8_t cached_insn_len; /* Zero if no cached instruction. */
-
-    /*
-     * Upper four bytes are undefined in the VMCB, therefore we can't use =
the
-     * fields in the VMCB. Write a 64bit value and then read a 64bit value=
 is
-     * fine unless there's a VMRUN/VMEXIT in between which clears the upper
-     * four bytes.
-     */
-    uint64_t guest_sysenter_cs;
-    uint64_t guest_sysenter_esp;
-    uint64_t guest_sysenter_eip;
 };
=20
 struct nestedsvm {
--=20
2.43.0