From nobody Sat Feb 14 05:45:19 2026 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E13AF14A097 for ; Fri, 17 May 2024 17:40:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715967622; cv=none; b=lonUc1aFeJnsCj9H26wsCwfC46jXw5ZM0lv64djWrU1XJfSjeISaKF5KbX0BzV/SJELWwww4+gWyp8Wx9zUkHN9nXKoYWJRvoK+6r2eHozEXaVxdXui4i9hMKqtZZRpZcMX8XZgXQvWG73r/bq1U4Z0tua8dXDYrcj4j2l5DUw8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715967622; c=relaxed/simple; bh=WpEfgTqvxMmTqgtRjBGJ9mUo4mMumn0xpoO2FP087q4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ED7SeFLX9s4LYd5cAa/ojAUby2r7VuXosNd8n6Z4hH/ca8y6AehyebmSvnKTJ9iyIktZRtEdRwsyovmKQvBwNGgAuuJ0y/39QHazn46JtFrYa4/spF1hIu+dWMnbnvpcpujuvpvJWcXBbN8nnfgxSQKabylqo7bSsk55qKy8hzU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=X+tL38Fj; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="X+tL38Fj" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-6f467b9e948so8082128b3a.0 for ; Fri, 17 May 2024 10:40:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1715967620; x=1716572420; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=0wWTJWtW4FJprikXgCXBDeS0rSMKlETzXy6OsT3CYpI=; b=X+tL38Fjnp0EAUOwrNdDxdUv2OejlJVUlUn8T5fo1V9Iz/IwIYbFJQhGZStQZPPJ1r rlM5zCjB03QIzgzkIaQqiUtGLI/Vz0wlR9EFGZF6cO3PebdJs7P1pSrITpeks6pbc61o JSa3fjpWGSiFH7iXdHYYVqq8rON4VshHKw/lOWpPR7JambUa7XPuyEVOOM/USGivk/LV 6Jffs+OtmvcPtv3ws8MfRberslR4nwcnuFfNPH07W0qsZ/SVytaeb0oEf7BcGgXg/f/9 dRxURWsbF2nCyZBHlvYr30COLOamLHODU8rz8nedkaqj3HmBRJ0MHK6nGMeMxh18esO0 hE3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715967620; x=1716572420; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0wWTJWtW4FJprikXgCXBDeS0rSMKlETzXy6OsT3CYpI=; b=QlR5/R3ljAYQ1Q/fAXVdqK9w7tjVdlTnqQUA4YbA47K/c5X4BD55uK3p6bmjVWaeAw jBmePhPfh4+dWMg8m1VX3U7cxjZjV0FgUsuRyK5d5OEDrwrLfW5e+p9eJfP+4Fmya2N3 FaEIXfKLquzL8yC2Q8VAIq7SvXTly+kYNabX50JI9VOD3GagWpxvUhdK4/ly52aMVPZ1 uNZaMwpSyEF98qtid4me7Q183CpzoD4Ka2Zl9AK3EnhrpeBE+VXmFb01WGQapubKnJF7 6GM6tgsSY8ZSHLtg4OsldwuGBVIvnKhrOZIHNRbnP9yf7P5tq7X6b6C7D8+8DOxbPz1G RWjA== X-Forwarded-Encrypted: i=1; AJvYcCX+GQdedOg0lHXcPavF9NToTsgiLl063SqVCzEPz2j41fK6sVwo2ASNJOctIDMyPRY0leZ1WLtSqpfDOIErQtTq2eT2YhnjBO6iFsPw X-Gm-Message-State: AOJu0YxROpKnAPxqnwI8EbwSg9c+7x+hxzdZXF5JH04kl5nchhBNcbpL 9qdr3qI7DbTJCd2t4dKJGwrfxdrEIH3yLh/9z9KEUtzRZQsHzhrdLckF9bqBOlRBaVVRerAIwH4 1kg== X-Google-Smtp-Source: AGHT+IGVlkDMu6SgCRXvEPKEGroeOFGxol5oKg2OzOEvQ55LbhOp4rIso0qjuMbugc7tID63+956tNJ52dM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:1144:b0:6f3:ecdc:1b94 with SMTP id d2e1a72fcca58-6f4e03a253amr307893b3a.6.1715967619193; Fri, 17 May 2024 10:40:19 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 17 May 2024 10:38:56 -0700 In-Reply-To: <20240517173926.965351-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240517173926.965351-1-seanjc@google.com> X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog Message-ID: <20240517173926.965351-20-seanjc@google.com> Subject: [PATCH v2 19/49] KVM: x86: Add a macro to init CPUID features that ignore host kernel support From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Hou Wenlong , Kechen Lu , Oliver Upton , Maxim Levitsky , Binbin Wu , Yang Weijiang , Robert Hoo Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a macro for use in kvm_set_cpu_caps() to automagically initialize features that KVM wants to support based solely on the CPU's capabilities, e.g. KVM advertises LA57 support if it's available in hardware, even if the host kernel isn't utilizing 57-bit virtual addresses. Take advantage of the fact that kvm_cpu_cap_mask() adjusts kvm_cpu_caps based on raw CPUID, i.e. will clear features bits that aren't supported in hardware, and simply force-set the capability before applying the mask. Abusing kvm_cpu_cap_set() is a borderline evil shenanigan, but doing so avoid extra CPUID lookups, and a future commit will harden the entire family of *F() macros to assert (at compile time) that every feature being allowed is part of the capability word being processed, i.e. using a macro will bring more advantages in the future. Avoiding CPUID also fixes a largely benign bug where KVM could incorrectly report LA57 support on Intel CPUs whose max supported CPUID is less than 7, i.e. if the max supported leaf (<7) happened to have bit 16 set. In practice, barring a funky virtual machine setup, the bug is benign as all known CPUs that support VMX also support leaf 7. Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/cpuid.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 77625a5477b1..a802c09b50ab 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -70,6 +70,18 @@ u32 xstate_required_size(u64 xstate_bv, bool compacted) (boot_cpu_has(X86_FEATURE_##name) ? F(name) : 0); \ }) =20 +/* + * Raw Feature - For features that KVM supports based purely on raw host C= PUID, + * i.e. that KVM virtualizes even if the host kernel doesn't use the featu= re. + * Simply force set the feature in KVM's capabilities, raw CPUID support w= ill + * be factored in by kvm_cpu_cap_mask(). + */ +#define RAW_F(name) \ +({ \ + kvm_cpu_cap_set(X86_FEATURE_##name); \ + F(name); \ +}) + /* * Magic value used by KVM when querying userspace-provided CPUID entries = and * doesn't care about the CPIUD index because the index of the function in @@ -682,15 +694,12 @@ void kvm_set_cpu_caps(void) F(AVX512VL)); =20 kvm_cpu_cap_mask(CPUID_7_ECX, - F(AVX512VBMI) | F(LA57) | F(PKU) | 0 /*OSPKE*/ | F(RDPID) | + F(AVX512VBMI) | RAW_F(LA57) | F(PKU) | 0 /*OSPKE*/ | F(RDPID) | F(AVX512_VPOPCNTDQ) | F(UMIP) | F(AVX512_VBMI2) | F(GFNI) | F(VAES) | F(VPCLMULQDQ) | F(AVX512_VNNI) | F(AVX512_BITALG) | F(CLDEMOTE) | F(MOVDIRI) | F(MOVDIR64B) | 0 /*WAITPKG*/ | F(SGX_LC) | F(BUS_LOCK_DETECT) ); - /* Set LA57 based on hardware capability. */ - if (cpuid_ecx(7) & F(LA57)) - kvm_cpu_cap_set(X86_FEATURE_LA57); =20 /* * PKU not yet implemented for shadow paging and requires OSPKE --=20 2.45.0.215.g3402c0e53f-goog