From nobody Sat Feb  7 12:40:59 2026
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 479DD26F2A7
	for <linux-kernel@vger.kernel.org>; Tue, 30 Dec 2025 22:02:24 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1767132146; cv=none;
 b=Lmw35+nH4pMiJlzlt2Ms6J1lU/CL20YvqM0K3lW8AXnmhnzaIBCuROP0iNkuE4tMra+nPzANUenaHyqxhzXL6ly//TbZn/aknrFck6SNzBj+fUm5GIYWX3KlfyK3bqb5ao7+qoRtUIGmNHjNPph3Fvx5x2cxkT1Qm5BwIRGDjJ4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1767132146; c=relaxed/simple;
	bh=WWL/w6RT2JkkWpyg3EZm702erNzC6TrlEvJkAF/LmuU=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=gXK2kmmVzId7GMK9ND0il2SmPfIvZCvexg+o+HQdI1kKORSR3HEpM5CozduhDX+JwwdlbJ7taCOKRK5RALXyiM7QKIbHy2a0hmimLWzIZaeZIxbb1TcOb5kH5EZRdBXfjgEnWaf+1VLoy8dIcFsOtiOePh0XxvJYEwN61Qk3UNI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=TpI51X4U; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="TpI51X4U"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-34ac814f308so23292707a91.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 30 Dec 2025 14:02:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1767132143; x=1767736943;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=wcRfBb9W6yvyXNQTpVEcHYDm8hBSVDaYL06kjIq2By4=;
        b=TpI51X4Uo4Bp3MTemFLeJfrcMItvgThP/Zc7geX4UKTaYLZgaHmUahDzKqZJd4Caaw
         pGL+sHzlVJ+HkPV1+9aLoviamPh2aLheRrRvnaCCm/GD4tknAs+7j96yMCbj7PZSX5bi
         KtEDGETCYLGua5ZuOXlCJh7rNH+01CHIx+m2vwtRE6wQ+MW/b20ZLAO48LRF3uDLRNfm
         bWm9Nw0PV1RvaUgMGG5+w3P+75jC1z7hheNbGC3qFpjGN7GmocUMbYHZG8ZLhlhGjwxH
         R2uBjCzF0P16/3w5xr4u1aBpnzhTMpY5RirgFOWwl6R6g21yhk+NpQWDeIYwhmoRcERc
         0kmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1767132143; x=1767736943;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=wcRfBb9W6yvyXNQTpVEcHYDm8hBSVDaYL06kjIq2By4=;
        b=wa21ILF6x4/Ad7uopGj0yTNldl3gKL4sib9673dTZxZnQ+zdgdjUgz7LYef7hxMkRo
         ZcDR6C3v+zsloRYkU7l109DJw1lkwpPKpDSih2wxMPBBRfYZRP6XMxRPlIRQAzx/tUnb
         UdyK7uoo/0CtHvCw+tLX+Mc+k0OQsF1nwGbEeynAnKQD5Yx2vdIukIE5vyBPLnC9UQIf
         YkF8goLGZCqle2dpg92XarZwjv8aL9EB/R4fGq0xttj+4iSKBJ0b9t5Fm6FYHjK4HbQq
         FMpNcenV7INc8gkZvuNX7x0qfKZxzdbb9qeOgsrAVcfB+xoiN7OxhewUoKFiOkwS6OOl
         GIIQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVUX02koMYHArv6GIuOkiRng/iGZbMxgVqa6bf4pD0PsIFfRkDP3EHGOO3lrq1fJET0wjaPwLYkpIwbsS8=@vger.kernel.org
X-Gm-Message-State: AOJu0YzU0hTRzb//5g6l9z/RpTIEEW2io99CBciyYkxvHBXg/rLsZtzd
	b4UILU54PfS63N9e5Q65NIlpdJMD5rt0LYqmSl9LQNlGZneLbf4srXGzGv6XAMFppG0rToepGFM
	xcb/THw==
X-Google-Smtp-Source: 
 AGHT+IFFdSVlY5BAR2ku8/C5vcryzYOtzMxDvehbH4Ylp8NjYHfwhkDx88S5as59IpdQrhZjTLceh5U+SwM=
X-Received: from pjxx11.prod.google.com ([2002:a17:90b:58cb:b0:349:a1a3:75fb])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:5607:b0:340:e517:4e05
 with SMTP id 98e67ed59e1d1-34e92139901mr34187249a91.12.1767132143642; Tue, 30
 Dec 2025 14:02:23 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 30 Dec 2025 14:02:19 -0800
In-Reply-To: <20251230220220.4122282-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251230220220.4122282-1-seanjc@google.com>
X-Mailer: git-send-email 2.52.0.351.gbe84eed79e-goog
Message-ID: <20251230220220.4122282-2-seanjc@google.com>
Subject: [PATCH v2 1/2] KVM: nVMX: Disallow access to vmcs12 fields that
 aren't supported by "hardware"
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Xin Li <xin@zytor.com>,
	Chao Gao <chao.gao@intel.com>, Yosry Ahmed <yosry.ahmed@linux.dev>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Disallow access (VMREAD/VMWRITE) to fields that the loaded incarnation of
KVM doesn't support, e.g. due to lack of hardware support, as a middle
ground between allowing access to any vmcs12 field defined by KVM (current
behavior) and gating access based on the userspace-defined vCPU model (the
most correct, but costly, implementation).

Disallowing access to unsupported fields helps a tiny bit in terms of
closing the virtualization hole (see below), but the main motivation is to
avoid having to weed out unsupported fields when synchronizing between
vmcs12 and a shadow VMCS.  Because shadow VMCS accesses are done via
VMREAD and VMWRITE, KVM _must_ filter out unsupported fields (or eat
VMREAD/VMWRITE failures), and filtering out just shadow VMCS fields is
about the same amount of effort, and arguably much more confusing.

As a bonus, this also fixes a KVM-Unit-Test failure bug when running on
_hardware_ without support for TSC Scaling, which fails with the same
signature as the bug fixed by commit ba1f82456ba8 ("KVM: nVMX: Dynamically
compute max VMCS index for vmcs12"):

  FAIL: VMX_VMCS_ENUM.MAX_INDEX expected: 19, actual: 17

Dynamically computing the max VMCS index only resolved the issue where KVM
was hardcoding max index, but for CPUs with TSC Scaling, that was "good
enough".

Cc: Xin Li <xin@zytor.com>
Cc: Chao Gao <chao.gao@intel.com>
Cc: Yosry Ahmed <yosry.ahmed@linux.dev>
Link: https://lore.kernel.org/all/20251026201911.505204-22-xin@zytor.com
Link: https://lore.kernel.org/all/YR2Tf9WPNEzrE7Xg@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Chao Gao <chao.gao@intel.com>
Reviewed-by: Xin Li <xin@zytor.com <mailto:xin@zytor.com>>
---
 arch/x86/kvm/vmx/nested.c |  6 ----
 arch/x86/kvm/vmx/vmcs.h   |  8 +++++
 arch/x86/kvm/vmx/vmcs12.c | 70 +++++++++++++++++++++++++++++++++++++--
 arch/x86/kvm/vmx/vmcs12.h |  6 ++--
 arch/x86/kvm/vmx/vmx.c    |  2 ++
 5 files changed, 82 insertions(+), 10 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 6137e5307d0f..9d8f84e3f2da 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -7074,12 +7074,6 @@ void nested_vmx_set_vmcs_shadowing_bitmap(void)
 	}
 }
=20
-/*
- * Indexing into the vmcs12 uses the VMCS encoding rotated left by 6.  Undo
- * that madness to get the encoding for comparison.
- */
-#define VMCS12_IDX_TO_ENC(idx) ((u16)(((u16)(idx) >> 6) | ((u16)(idx) << 1=
0)))
-
 static u64 nested_vmx_calc_vmcs_enum_msr(void)
 {
 	/*
diff --git a/arch/x86/kvm/vmx/vmcs.h b/arch/x86/kvm/vmx/vmcs.h
index b25625314658..98281e019e38 100644
--- a/arch/x86/kvm/vmx/vmcs.h
+++ b/arch/x86/kvm/vmx/vmcs.h
@@ -11,7 +11,15 @@
=20
 #include "capabilities.h"
=20
+/*
+ * Indexing into the vmcs12 uses the VMCS encoding rotated left by 6 as a =
very
+ * rudimentary compression of the range of indices.  The compression ratio=
 is
+ * good enough to allow KVM to use a (very sparsely populated) array witho=
ut
+ * wasting too much memory, while the "algorithm" is fast enough to be use=
d to
+ * lookup vmcs12 fields on-demand, e.g. for emulation.
+ */
 #define ROL16(val, n) ((u16)(((u16)(val) << (n)) | ((u16)(val) >> (16 - (n=
)))))
+#define VMCS12_IDX_TO_ENC(idx) ((u16)(((u16)(idx) >> 6) | ((u16)(idx) << 1=
0)))
=20
 struct vmcs_hdr {
 	u32 revision_id:31;
diff --git a/arch/x86/kvm/vmx/vmcs12.c b/arch/x86/kvm/vmx/vmcs12.c
index 4233b5ca9461..b92db4768346 100644
--- a/arch/x86/kvm/vmx/vmcs12.c
+++ b/arch/x86/kvm/vmx/vmcs12.c
@@ -9,7 +9,7 @@
 	FIELD(number, name),						\
 	[ROL16(number##_HIGH, 6)] =3D VMCS12_OFFSET(name) + sizeof(u32)
=20
-const unsigned short vmcs12_field_offsets[] =3D {
+static const u16 kvm_supported_vmcs12_field_offsets[] __initconst =3D {
 	FIELD(VIRTUAL_PROCESSOR_ID, virtual_processor_id),
 	FIELD(POSTED_INTR_NV, posted_intr_nv),
 	FIELD(GUEST_ES_SELECTOR, guest_es_selector),
@@ -158,4 +158,70 @@ const unsigned short vmcs12_field_offsets[] =3D {
 	FIELD(HOST_SSP, host_ssp),
 	FIELD(HOST_INTR_SSP_TABLE, host_ssp_tbl),
 };
-const unsigned int nr_vmcs12_fields =3D ARRAY_SIZE(vmcs12_field_offsets);
+
+u16 vmcs12_field_offsets[ARRAY_SIZE(kvm_supported_vmcs12_field_offsets)] _=
_ro_after_init;
+unsigned int nr_vmcs12_fields __ro_after_init;
+
+#define VMCS12_CASE64(enc) case enc##_HIGH: case enc
+
+static __init bool cpu_has_vmcs12_field(unsigned int idx)
+{
+	switch (VMCS12_IDX_TO_ENC(idx)) {
+	case VIRTUAL_PROCESSOR_ID:
+		return cpu_has_vmx_vpid();
+	case POSTED_INTR_NV:
+		return cpu_has_vmx_posted_intr();
+	VMCS12_CASE64(TSC_MULTIPLIER):
+		return cpu_has_vmx_tsc_scaling();
+	case TPR_THRESHOLD:
+	VMCS12_CASE64(VIRTUAL_APIC_PAGE_ADDR):
+		return cpu_has_vmx_tpr_shadow();
+	VMCS12_CASE64(APIC_ACCESS_ADDR):
+		return cpu_has_vmx_virtualize_apic_accesses();
+	VMCS12_CASE64(POSTED_INTR_DESC_ADDR):
+		return cpu_has_vmx_posted_intr();
+	case GUEST_INTR_STATUS:
+		return cpu_has_vmx_virtual_intr_delivery();
+	VMCS12_CASE64(VM_FUNCTION_CONTROL):
+	VMCS12_CASE64(EPTP_LIST_ADDRESS):
+		return cpu_has_vmx_vmfunc();
+	VMCS12_CASE64(EPT_POINTER):
+		return cpu_has_vmx_ept();
+	VMCS12_CASE64(XSS_EXIT_BITMAP):
+		return cpu_has_vmx_xsaves();
+	VMCS12_CASE64(ENCLS_EXITING_BITMAP):
+		return cpu_has_vmx_encls_vmexit();
+	VMCS12_CASE64(GUEST_IA32_PERF_GLOBAL_CTRL):
+	VMCS12_CASE64(HOST_IA32_PERF_GLOBAL_CTRL):
+		return cpu_has_load_perf_global_ctrl();
+	case SECONDARY_VM_EXEC_CONTROL:
+		return cpu_has_secondary_exec_ctrls();
+	case GUEST_S_CET:
+	case GUEST_SSP:
+	case GUEST_INTR_SSP_TABLE:
+	case HOST_S_CET:
+	case HOST_SSP:
+	case HOST_INTR_SSP_TABLE:
+		return cpu_has_load_cet_ctrl();
+
+	/* KVM always emulates PML and the VMX preemption timer in software. */
+	case GUEST_PML_INDEX:
+	case VMX_PREEMPTION_TIMER_VALUE:
+	default:
+		return true;
+	}
+}
+
+void __init nested_vmx_setup_vmcs12_fields(void)
+{
+	unsigned int i;
+
+	for (i =3D 0; i < ARRAY_SIZE(kvm_supported_vmcs12_field_offsets); i++) {
+		if (!kvm_supported_vmcs12_field_offsets[i] ||
+		    !cpu_has_vmcs12_field(i))
+			continue;
+
+		vmcs12_field_offsets[i] =3D kvm_supported_vmcs12_field_offsets[i];
+		nr_vmcs12_fields =3D i + 1;
+	}
+}
diff --git a/arch/x86/kvm/vmx/vmcs12.h b/arch/x86/kvm/vmx/vmcs12.h
index 4ad6b16525b9..f2c0721fe3e2 100644
--- a/arch/x86/kvm/vmx/vmcs12.h
+++ b/arch/x86/kvm/vmx/vmcs12.h
@@ -374,8 +374,10 @@ static inline void vmx_check_vmcs12_offsets(void)
 	CHECK_OFFSET(guest_pml_index, 996);
 }
=20
-extern const unsigned short vmcs12_field_offsets[];
-extern const unsigned int nr_vmcs12_fields;
+extern u16 vmcs12_field_offsets[] __ro_after_init;
+extern unsigned int nr_vmcs12_fields __ro_after_init;
+
+void __init nested_vmx_setup_vmcs12_fields(void);
=20
 static inline short get_vmcs12_field_offset(unsigned long field)
 {
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 6b96f7aea20b..e5ad3853f51d 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -8670,6 +8670,8 @@ __init int vmx_hardware_setup(void)
 	 * can hide/show features based on kvm_cpu_cap_has().
 	 */
 	if (nested) {
+		nested_vmx_setup_vmcs12_fields();
+
 		nested_vmx_setup_ctls_msrs(&vmcs_config, vmx_capability.ept);
=20
 		r =3D nested_vmx_hardware_setup(kvm_vmx_exit_handlers);
--=20
2.52.0.351.gbe84eed79e-goog
From nobody Sat Feb  7 12:40:59 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4EFF82C0297
	for <linux-kernel@vger.kernel.org>; Tue, 30 Dec 2025 22:02:26 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1767132147; cv=none;
 b=RZmwoM4Ikmn/+pSmYBw/6AysG6m9X3Ot8OCajXnLKRvD1CIJf3+iXKJ3E6CuHvhY3ZXq3QnuBJkxt44EIHIZoTTmHc/54CUHKGp/5KWj2uG3pOxQ7Od+7ikrpWxSIxcO5RVSDVqNdycD4umOD6HcEV5Nli9ShH84vREDTVCT4Qo=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1767132147; c=relaxed/simple;
	bh=Ol8Q1P2DspwmDzNsce460hRFuWrj2m2NNQOvDXhcsas=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=i4oQw9yoY5pk0VPOx11BCF9n8K3Ymn/T+ImRZFy5cijtNfS1cG5LN763ojBKmF4sE+4H0sKvliQfzWEc0smnztX6xS3s4MWyM6UMILqimvoRjgNLtAnFyXtjh4QXHLjuF6zTQNtoKq/usXUlE2n+MM9QS7p9NYQaFSGF2VJQzS8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=JhWCyteI; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="JhWCyteI"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-34eff656256so7476792a91.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 30 Dec 2025 14:02:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1767132145; x=1767736945;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=jNWfhcrdkoHWZkKVPidQfqfKWfFIUQ2ZGPzX3rKucVM=;
        b=JhWCyteIIoQ+DfsEJ6vAIGUvQGh67+OJapqgPeHyLzUHHqJr9f1XJaa24GRMA1SUV0
         U24JBBdbYPQIYadJMlzGv7Odct+162y0cBz3Jy0J1WNPZlrMC3e2sNSKe8QMxh3s1TzE
         KY9WJi7fW9R6q4nXm2Ezld4Pxk59j19kGuJtFsmup/kTcHYA5r+MYfci2ITMTR0KfDGM
         oIeHsC9pF4GDvwIVaPNhrikC1hzkiQa6r/0li9EdVBxdT/F7+mNMlwccW9V1VTJ7cRpu
         wqdtCPQ7yFJh+VSI4me3RQqoj6BJS+zIUrxE0ZE2lKrZl+m/+fzrYPlL01fdh68Q9Uei
         T0kg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1767132145; x=1767736945;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=jNWfhcrdkoHWZkKVPidQfqfKWfFIUQ2ZGPzX3rKucVM=;
        b=VyBqivgwE94URI0FgST2OYxpMj5jqQah3ROqDxyypziMMbTCOpmqZXpfQaz9qTO+vv
         7r8Nf1cdcujHFTKglKGMc6/Kfpt/QG5Dza8lJLp6faBU31HARcT2BIwqClhzAL7Md1g4
         feyBLTAf0v4sjRgH0B26VgPK/GH6OGb3cxc4WGs8LcMS7ZGH2keiwhr2gpQxt+10q4hK
         cAoJyq/idTiJzYkKHm9GrN6T9nrwXprfxXrmPylvY+GVZbe2jYcd2+Z/TWaKR3ba2UZF
         dGAkEaC1l9cJFkwBpkwCCHXQ045Q3/L5wq7PEu4YAJkt99HwRnsKPOkAr9wSxfNUN6Rk
         t2Pg==
X-Forwarded-Encrypted: i=1;
 AJvYcCU+e9HSQjbOfxdtS5CSERXyRrQWvIg8KDx99uOWIjzaCDV2azpyVU6sgKIIs+/2160lE1ZFmD+b5EOiNtY=@vger.kernel.org
X-Gm-Message-State: AOJu0YwenIwZPVFylbqYOjsGKhzbuBZhuV7JZiZZ4cCUBn2yDkUU/hOJ
	npw7hwxa3BYPP5IT75h4BLID1WjZzy3mxJef3ugTxY7vDvTJKSdYn7LxQGW6sUodgbx6J6mIYkJ
	3hhTvAg==
X-Google-Smtp-Source: 
 AGHT+IHN1J89n4cMOgQCEej01IxvUanktN/Lpxev8oNAKJoKAIUKOTfCKourZVIb+utPYAPKKtYErWGIBRc=
X-Received: from pjj16.prod.google.com ([2002:a17:90b:5550:b0:34c:37db:8f1b])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:1e42:b0:341:6164:c27d
 with SMTP id 98e67ed59e1d1-34e92137f6fmr27146295a91.3.1767132145556; Tue, 30
 Dec 2025 14:02:25 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Tue, 30 Dec 2025 14:02:20 -0800
In-Reply-To: <20251230220220.4122282-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251230220220.4122282-1-seanjc@google.com>
X-Mailer: git-send-email 2.52.0.351.gbe84eed79e-goog
Message-ID: <20251230220220.4122282-3-seanjc@google.com>
Subject: [PATCH v2 2/2] KVM: nVMX: Remove explicit filtering of
 GUEST_INTR_STATUS from shadow VMCS fields
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Xin Li <xin@zytor.com>,
	Chao Gao <chao.gao@intel.com>, Yosry Ahmed <yosry.ahmed@linux.dev>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Drop KVM's filtering of GUEST_INTR_STATUS when generating the shadow VMCS
bitmap now that KVM drops GUEST_INTR_STATUS from the set of supported
vmcs12 fields if the field isn't supported by hardware.

Note, there is technically a small functional change here, as the vmcs12
filtering only requires support for Virtual Interrupt Delivery, whereas
the shadow VMCS code being removed required "full" APICv support, i.e.
required Virtual Interrupt Delivery *and* APIC Register Virtualizaton *and*
Posted Interrupt support.

Opportunistically tweak the comment to more precisely explain why the
PML and VMX preemption timer fields need to be explicitly checked.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/nested.c | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 9d8f84e3f2da..f50d21a6a2d7 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -112,9 +112,10 @@ static void init_vmcs_shadow_fields(void)
 			  "Update vmcs12_write_any() to drop reserved bits from AR_BYTES");
=20
 		/*
-		 * PML and the preemption timer can be emulated, but the
-		 * processor cannot vmwrite to fields that don't exist
-		 * on bare metal.
+		 * KVM emulates PML and the VMX preemption timer irrespective
+		 * of hardware support, but shadowing their related VMCS fields
+		 * requires hardware support as the CPU will reject VMWRITEs to
+		 * fields that don't exist.
 		 */
 		switch (field) {
 		case GUEST_PML_INDEX:
@@ -125,10 +126,6 @@ static void init_vmcs_shadow_fields(void)
 			if (!cpu_has_vmx_preemption_timer())
 				continue;
 			break;
-		case GUEST_INTR_STATUS:
-			if (!cpu_has_vmx_apicv())
-				continue;
-			break;
 		default:
 			break;
 		}
--=20
2.52.0.351.gbe84eed79e-goog