[v9] Enable FRED with KVM VMX

[PATCH v9 15/22] KVM: x86: Mark CR4.FRED as not reserved

Posted by Xin Li (Intel) 1 month, 2 weeks ago

From: Xin Li <xin3.li@intel.com>

The CR4.FRED bit, i.e., CR4[32], is no longer a reserved bit when
guest cpu cap has FRED, i.e.,
  1) All of FRED KVM support is in place.
  2) Guest enumerates FRED.

Otherwise it is still a reserved bit.

Signed-off-by: Xin Li <xin3.li@intel.com>
Signed-off-by: Xin Li (Intel) <xin@zytor.com>
Tested-by: Shan Kang <shan.kang@intel.com>
Tested-by: Xuelian Guo <xuelian.guo@intel.com>
---

Change in v5:
* Add TB from Xuelian Guo.

Change in v4:
* Rebase on top of "guest_cpu_cap".

Change in v3:
* Don't allow CR4.FRED=1 before all of FRED KVM support is in place
  (Sean Christopherson).
---
 arch/x86/include/asm/kvm_host.h | 2 +-
 arch/x86/kvm/x86.h              | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 5fff22d837aa..558f260a1afd 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -142,7 +142,7 @@
 			  | X86_CR4_OSXSAVE | X86_CR4_SMEP | X86_CR4_FSGSBASE \
 			  | X86_CR4_OSXMMEXCPT | X86_CR4_LA57 | X86_CR4_VMXE \
 			  | X86_CR4_SMAP | X86_CR4_PKE | X86_CR4_UMIP \
-			  | X86_CR4_LAM_SUP | X86_CR4_CET))
+			  | X86_CR4_LAM_SUP | X86_CR4_CET | X86_CR4_FRED))
 
 #define CR8_RESERVED_BITS (~(unsigned long)X86_CR8_TPR)
 
diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index 4f5d12d7136e..e9c6f304b02e 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -687,6 +687,8 @@ static inline bool __kvm_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 	if (!__cpu_has(__c, X86_FEATURE_SHSTK) &&       \
 	    !__cpu_has(__c, X86_FEATURE_IBT))           \
 		__reserved_bits |= X86_CR4_CET;         \
+	if (!__cpu_has(__c, X86_FEATURE_FRED))          \
+		__reserved_bits |= X86_CR4_FRED;        \
 	__reserved_bits;                                \
 })
 
-- 
2.51.0

Re: [PATCH v9 15/22] KVM: x86: Mark CR4.FRED as not reserved

Posted by Chao Gao 3 weeks, 4 days ago

On Sun, Oct 26, 2025 at 01:19:03PM -0700, Xin Li (Intel) wrote:
>From: Xin Li <xin3.li@intel.com>
>
>The CR4.FRED bit, i.e., CR4[32], is no longer a reserved bit when
>guest cpu cap has FRED, i.e.,
>  1) All of FRED KVM support is in place.
>  2) Guest enumerates FRED.
>
>Otherwise it is still a reserved bit.
>
>Signed-off-by: Xin Li <xin3.li@intel.com>
>Signed-off-by: Xin Li (Intel) <xin@zytor.com>
>Tested-by: Shan Kang <shan.kang@intel.com>
>Tested-by: Xuelian Guo <xuelian.guo@intel.com>

I am not sure about two things regarding CR4.FRED and emulator code:

1. Should kvm_set_cr4() reject setting CR4.FRED when the vCPU isn't in long
   mode? The concern is that emulator code may call kvm_set_cr4(). This could
   cause VM-entry failure if CR4.FRED is set in other modes.

2. mk_cr_64() drops the high 32 bits of the new CR4 value. So, CR4.FRED is always
   dropped. This may need an update.


This patch itself looks good, so:

Reviewed-by: Chao Gao <chao.gao@intel.com>

>---
>
>Change in v5:
>* Add TB from Xuelian Guo.
>
>Change in v4:
>* Rebase on top of "guest_cpu_cap".
>
>Change in v3:
>* Don't allow CR4.FRED=1 before all of FRED KVM support is in place
>  (Sean Christopherson).
>---
> arch/x86/include/asm/kvm_host.h | 2 +-
> arch/x86/kvm/x86.h              | 2 ++
> 2 files changed, 3 insertions(+), 1 deletion(-)
>
>diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
>index 5fff22d837aa..558f260a1afd 100644
>--- a/arch/x86/include/asm/kvm_host.h
>+++ b/arch/x86/include/asm/kvm_host.h
>@@ -142,7 +142,7 @@
> 			  | X86_CR4_OSXSAVE | X86_CR4_SMEP | X86_CR4_FSGSBASE \
> 			  | X86_CR4_OSXMMEXCPT | X86_CR4_LA57 | X86_CR4_VMXE \
> 			  | X86_CR4_SMAP | X86_CR4_PKE | X86_CR4_UMIP \
>-			  | X86_CR4_LAM_SUP | X86_CR4_CET))
>+			  | X86_CR4_LAM_SUP | X86_CR4_CET | X86_CR4_FRED))
> 
> #define CR8_RESERVED_BITS (~(unsigned long)X86_CR8_TPR)
> 
>diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
>index 4f5d12d7136e..e9c6f304b02e 100644
>--- a/arch/x86/kvm/x86.h
>+++ b/arch/x86/kvm/x86.h
>@@ -687,6 +687,8 @@ static inline bool __kvm_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
> 	if (!__cpu_has(__c, X86_FEATURE_SHSTK) &&       \
> 	    !__cpu_has(__c, X86_FEATURE_IBT))           \
> 		__reserved_bits |= X86_CR4_CET;         \
>+	if (!__cpu_has(__c, X86_FEATURE_FRED))          \
>+		__reserved_bits |= X86_CR4_FRED;        \
> 	__reserved_bits;                                \
> })
> 
>-- 
>2.51.0
>