On 1/9/2026 12:15 PM, Sean Christopherson wrote:
> Move the call to nested_vmx_setup_ctls_msrs() from vmx_hardware_setup() to
> nested_vmx_hardware_setup() so that the nested code can deal with ordering
> dependencies without having to straddle vmx_hardware_setup() and
> nested_vmx_hardware_setup(). Specifically, an upcoming change will
> sanitize the vmcs12 fields based on hardware support, and that code needs
> to run _before_ the MSRs are configured, because the lovely vmcs_enum MSR
> depends on the max support vmcs12 field.
>
> No functional change intended.
>
> Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
> ---
> arch/x86/kvm/vmx/nested.c | 2 ++
> arch/x86/kvm/vmx/vmx.c | 2 --
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
> index 6137e5307d0f..61113ead3d7b 100644
> --- a/arch/x86/kvm/vmx/nested.c
> +++ b/arch/x86/kvm/vmx/nested.c
> @@ -7407,6 +7407,8 @@ __init int nested_vmx_hardware_setup(int (*exit_handlers[])(struct kvm_vcpu *))
> {
> int i;
>
> + nested_vmx_setup_ctls_msrs(&vmcs_config, vmx_capability.ept);
> +
> if (!cpu_has_vmx_shadow_vmcs())
> enable_shadow_vmcs = 0;
> if (enable_shadow_vmcs) {
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index 6b96f7aea20b..5bb67566e43a 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -8670,8 +8670,6 @@ __init int vmx_hardware_setup(void)
> * can hide/show features based on kvm_cpu_cap_has().
> */
> if (nested) {
> - nested_vmx_setup_ctls_msrs(&vmcs_config, vmx_capability.ept);
> -
> r = nested_vmx_hardware_setup(kvm_vmx_exit_handlers);
> if (r)
> return r;