From nobody Sun Feb  8 05:28:36 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2820D2561A2
	for <linux-kernel@vger.kernel.org>; Fri,  9 Jan 2026 04:15:28 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1767932132; cv=none;
 b=BOm585qo+oo4NfywkSGaq/1Ix+9PbljHgWGMrFMdeP4Bq1VUbnIembjscgayRtVuye4mPtQSy6s8fUQOQLpR+mXYPrkm1Vyd3g+6YXJdaVDE//kWh1ttZQGpywbQSJeaS+a8YvGUh+TYFbEZhFrouCzv9teoJNiMyWlAsxIzLI0=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1767932132; c=relaxed/simple;
	bh=ttBmpLMWidEdkz97YFQ/9Dt2bR+bS4sY/4Xw7P8Aaf0=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=cySDeovnJUY84O2KqpTYVbzrS4azHMtp+rYDc7sRsogLH9LaAwr797IVkwurLgn7rikLqELy10Wu4fpR8vwJ4YpMTws4Qv3fBNijO/z9S2p5KdI/9V9DRv6cMcpP7SKFmaQOo7U18x2SctQsuDkXK6d4rv4RSo0F8kMn09ODIeE=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=lZ3EZbbG; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="lZ3EZbbG"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-34c5d203988so7316695a91.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 08 Jan 2026 20:15:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1767932127; x=1768536927;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=3GHidu0ea60roJ0gGQhZj+Z1e5++0YYDkHwGtRpk6Cs=;
        b=lZ3EZbbGnlnNKGvXt4vemw06Jbefhh7SYvVKOaed4AS0qp9QZSZRCh7r0d2JPW9taK
         2rX0S3jbkRBhxxiuLVtIk5418B6hPp/g8G0GR24RvUlHd4RQFCv9oyJilGdzgaLaTdKO
         6ii/nwIqLF5NBbZvVGvlgK23L0z0AljAHNoRHP2Vy2ImgjP76DHfSpZST2FSxL2qaTd/
         8CKQSkBkCqok03z0N51BAGPgUZO2Et+TD4eWjM2V9C8BiWoUFnnwMiv/5EnOz6NE4Yci
         9jbdH3+V53JDidksnoCpwDckmJzowyt4wGpoqOYp5esYIF1kB07zUGmQIYyOYN1W9RXP
         ZQ1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1767932127; x=1768536927;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=3GHidu0ea60roJ0gGQhZj+Z1e5++0YYDkHwGtRpk6Cs=;
        b=UdCznmJQKw7I9AXej4YJzHx4beh9WU2uJcD2HLd5D6I1FRED2Z9xnNVAVqv17U38gq
         32MQxpkJxvxddSfw+SktkqeAxmcSwZ/H4h5gdfGX6tvgQZDuucFFbzEEqmuqt2i4Pumv
         L83ZiLYPfMUyi31wIK9JK5n8KsgCYJf1CfBZjkYC/E5h01cb4m/LLTG+Tnk6OFvgVjNI
         0hEWOPbUVET22p2IhMdG8qYEgpNxOvaPLUiiTBqqc5X9XZxRKMl6CyqVOzqCrnZozIJ9
         jemeEhcWwNinTKMMOtSO6MdF+DtPcqHu3CUB29XiUJR6LZPIbsX4R8O3U/pp4Qo9BTdY
         Uxew==
X-Forwarded-Encrypted: i=1;
 AJvYcCVQGN+Ph92AdAWwJ7EkuNPqqEeKZBKuc+z9qDKb9kCzyYKC43IXual79d09+ln71o1prfvyxCaLY3IOc7Q=@vger.kernel.org
X-Gm-Message-State: AOJu0YzLpoaYdG0QLU6Y44WPf4kP+ulTeRNEXbi7MRNKTDQwHJ+oKB2b
	9GVX3MQpCmnqC3dI9CJfKw0UCmzaeRP8IFpbDBMxxliNRimehrLDMvWM7iSHzgFv8TYgMmNBIqD
	mrp8o3Q==
X-Google-Smtp-Source: 
 AGHT+IHgD01Kakv5duDK42eGXuAPcJ3NtDZS3hrl9d7PTOlzUyB8ND722Ru9FIyz63vVI3/ImvorWbJHbZA=
X-Received: from pjbml23.prod.google.com
 ([2002:a17:90b:3617:b0:339:ae3b:2bc7])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:72a0:b0:364:13aa:a526
 with SMTP id adf61e73a8af0-3898f9bde7emr7933220637.60.1767932127537; Thu, 08
 Jan 2026 20:15:27 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  8 Jan 2026 20:15:20 -0800
In-Reply-To: <20260109041523.1027323-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260109041523.1027323-1-seanjc@google.com>
X-Mailer: git-send-email 2.52.0.457.g6b5491de43-goog
Message-ID: <20260109041523.1027323-2-seanjc@google.com>
Subject: [PATCH v3 1/4] KVM: nVMX: Setup VMX MSRs on loading CPU during
 nested_vmx_hardware_setup()
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Xiaoyao Li <xiaoyao.li@intel.com>, Chao Gao <chao.gao@intel.com>,
 Xin Li <xin@zytor.com>,
	Yosry Ahmed <yosry.ahmed@linux.dev>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Move the call to nested_vmx_setup_ctls_msrs() from vmx_hardware_setup() to
nested_vmx_hardware_setup() so that the nested code can deal with ordering
dependencies without having to straddle vmx_hardware_setup() and
nested_vmx_hardware_setup().  Specifically, an upcoming change will
sanitize the vmcs12 fields based on hardware support, and that code needs
to run _before_ the MSRs are configured, because the lovely vmcs_enum MSR
depends on the max support vmcs12 field.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 arch/x86/kvm/vmx/nested.c | 2 ++
 arch/x86/kvm/vmx/vmx.c    | 2 --
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 6137e5307d0f..61113ead3d7b 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -7407,6 +7407,8 @@ __init int nested_vmx_hardware_setup(int (*exit_handl=
ers[])(struct kvm_vcpu *))
 {
 	int i;
=20
+	nested_vmx_setup_ctls_msrs(&vmcs_config, vmx_capability.ept);
+
 	if (!cpu_has_vmx_shadow_vmcs())
 		enable_shadow_vmcs =3D 0;
 	if (enable_shadow_vmcs) {
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 6b96f7aea20b..5bb67566e43a 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -8670,8 +8670,6 @@ __init int vmx_hardware_setup(void)
 	 * can hide/show features based on kvm_cpu_cap_has().
 	 */
 	if (nested) {
-		nested_vmx_setup_ctls_msrs(&vmcs_config, vmx_capability.ept);
-
 		r =3D nested_vmx_hardware_setup(kvm_vmx_exit_handlers);
 		if (r)
 			return r;
--=20
2.52.0.457.g6b5491de43-goog
From nobody Sun Feb  8 05:28:36 2026
Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id BCFE620F09C
	for <linux-kernel@vger.kernel.org>; Fri,  9 Jan 2026 04:15:29 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1767932131; cv=none;
 b=fOi3DWZASBXJ5LwZYPxdkot3dncpiel86gcfe+oNbGuqb+1dUOgNB6zd3fhRBedviRe7EKKnG7D5do7rP4gXkjtFxY4KCl7Ft9EGmVtO3IZlt4ZP9ijJBilCiyGeSdMly7l8DXpuAN09S2WHfPmBepNSsa0fvVzaOlZGBpu4jFY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1767932131; c=relaxed/simple;
	bh=kutvPVpGW1qMm04do3HzbiiZ2IvYSjCH0GrT8VkCSqM=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=EaUgJ3NC/3K8advEe9hjj7h9SHPGLLOc9vUtmDEK5nFelG0KH876cgiLoStTsIojhYsY7jE/Wn0kazNF4TCCJD57yoXdzPwLUdNOLDwmLgGkschXiQeuJax1rdaY7ZX+ls5SEafFqM/apyn0RdwDB2nrQyhCnm72MW/YxS15Qpg=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=VL9nLZoY; arc=none smtp.client-ip=209.85.215.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="VL9nLZoY"
Received: by mail-pg1-f202.google.com with SMTP id
 41be03b00d2f7-b630753cc38so6195669a12.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 08 Jan 2026 20:15:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1767932129; x=1768536929;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=YPXOVSPbX1KMczdihtegDFRKVfMczfCw6F1GzpMT+wo=;
        b=VL9nLZoYee9PN0/ZHs6d3UZmHBK4QOrInGtmiGYW6KqEkdjYd/DHDA8s7SsG+3BPXv
         fbThJt3cVIn4TRBsuSFDCGjxteutNxLDHI7WOJd5aCHo5KYEGIDx/xjgWLOV0HghPjXW
         0IJi19O/3aEru69jXCYfiA+tG8OHXdmkYDQ0gsCKCaTFBNxQFrHT6yUI7rv7BBoAqqR+
         6OOYYfYJLAYJ1+f6liqAnw5bGJGQgj4Fo3OgoYfKb/cvsNqagS739lAclNYBPE0k5fUb
         TPLsUqcPN0AEDnU9WXMJoamIXvim2FQAzxEw2nnf+bb/oAC8RhBt9t+9LNKF1+WCFCTG
         +Pkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1767932129; x=1768536929;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=YPXOVSPbX1KMczdihtegDFRKVfMczfCw6F1GzpMT+wo=;
        b=HAxkKthSEvyItF8QnlcRi2MSyCDIbEMnJIcOuYZaSOMvG0+pV7CUv5dQX+KvyZeN1d
         vTUzFPkRgrnooLmOylsVgkTQQgxwvZ+nGPUfdYQIWxcn31XQRlWfLqC9jJhjX2bjkNXa
         dCSH4OqOXaAjSX17xicGJXuBu6giWIiWhcCvRCKg/OIqnye5+H477rjMv8/rgh34pFf3
         qQ/WfA2o6Fs/+mQCY6LTPiKIdvYoxYlQBQjfS38kYiKb4mbW4G+Va7mAYo3Ryk43n/+a
         Bs1CuMPIM+WgYC7Jy7Oeh+RyXqb64svnpX0dYZRkF4UJPIn3M9XIJWCyeNhmKFSas5OR
         sJOw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWdS6/R9t/ZFyEEbSg6Iyp0iCHBaQle/tReLCQX9meEdgQjzdVlrMy6D/TusJxdX0icXFncEj3q2thZo3g=@vger.kernel.org
X-Gm-Message-State: AOJu0Yyy3WfMF8l+SMpWLeAgud2VsOONDYGxUcWKWkiQxJgaRYvAFbZr
	khNRTxZoqoXDCbCbelMbG8x4RoNYAt1y1+RUf76cKb+fjvOV49ovo+/LRXY47XDF00Jk/3fw/X7
	BGBti6Q==
X-Google-Smtp-Source: 
 AGHT+IHnin/GN2aGtA/W6NbZpdY5OGBSyLo+1lHdwYvWWp/+UX/8sVL48S7ML4NamcEADhn3bWaWGCYtAnk=
X-Received: from pjsf4.prod.google.com ([2002:a17:90a:6544:b0:34c:e69b:d74f])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:9184:b0:371:d67d:e56a
 with SMTP id adf61e73a8af0-3898f9bde10mr8453753637.57.1767932129105; Thu, 08
 Jan 2026 20:15:29 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  8 Jan 2026 20:15:21 -0800
In-Reply-To: <20260109041523.1027323-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260109041523.1027323-1-seanjc@google.com>
X-Mailer: git-send-email 2.52.0.457.g6b5491de43-goog
Message-ID: <20260109041523.1027323-3-seanjc@google.com>
Subject: [PATCH v3 2/4] KVM: VMX: Add a wrapper around ROL16() to get a vmcs12
 from a field encoding
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Xiaoyao Li <xiaoyao.li@intel.com>, Chao Gao <chao.gao@intel.com>,
 Xin Li <xin@zytor.com>,
	Yosry Ahmed <yosry.ahmed@linux.dev>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add a wrapper macro, ENC_TO_VMCS12_IDX(), to get a vmcs12 index given a
field encoding in anticipation of add a macro to get from a vmcs12 index
back to the field encoding.  And because open coding ROL16(n, 6) everywhere
is gross.

No functional change intended.

Suggested-by: Xiaoyao Li <xiaoyao.li@intel.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 arch/x86/kvm/vmx/hyperv_evmcs.c | 2 +-
 arch/x86/kvm/vmx/hyperv_evmcs.h | 2 +-
 arch/x86/kvm/vmx/vmcs.h         | 1 +
 arch/x86/kvm/vmx/vmcs12.c       | 4 ++--
 arch/x86/kvm/vmx/vmcs12.h       | 2 +-
 5 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/arch/x86/kvm/vmx/hyperv_evmcs.c b/arch/x86/kvm/vmx/hyperv_evmc=
s.c
index 904bfcd1519b..cc728c9a3de5 100644
--- a/arch/x86/kvm/vmx/hyperv_evmcs.c
+++ b/arch/x86/kvm/vmx/hyperv_evmcs.c
@@ -7,7 +7,7 @@
 #include "hyperv_evmcs.h"
=20
 #define EVMCS1_OFFSET(x) offsetof(struct hv_enlightened_vmcs, x)
-#define EVMCS1_FIELD(number, name, clean_field)[ROL16(number, 6)] =3D \
+#define EVMCS1_FIELD(number, name, clean_field)[ENC_TO_VMCS12_IDX(number)]=
 =3D \
 		{EVMCS1_OFFSET(name), clean_field}
=20
 const struct evmcs_field vmcs_field_to_evmcs_1[] =3D {
diff --git a/arch/x86/kvm/vmx/hyperv_evmcs.h b/arch/x86/kvm/vmx/hyperv_evmc=
s.h
index 6536290f4274..fc7c4e7bd1bf 100644
--- a/arch/x86/kvm/vmx/hyperv_evmcs.h
+++ b/arch/x86/kvm/vmx/hyperv_evmcs.h
@@ -130,7 +130,7 @@ static __always_inline int evmcs_field_offset(unsigned =
long field,
 					      u16 *clean_field)
 {
 	const struct evmcs_field *evmcs_field;
-	unsigned int index =3D ROL16(field, 6);
+	unsigned int index =3D ENC_TO_VMCS12_IDX(field);
=20
 	if (unlikely(index >=3D nr_evmcs_1_fields))
 		return -ENOENT;
diff --git a/arch/x86/kvm/vmx/vmcs.h b/arch/x86/kvm/vmx/vmcs.h
index b25625314658..9aa204c87661 100644
--- a/arch/x86/kvm/vmx/vmcs.h
+++ b/arch/x86/kvm/vmx/vmcs.h
@@ -12,6 +12,7 @@
 #include "capabilities.h"
=20
 #define ROL16(val, n) ((u16)(((u16)(val) << (n)) | ((u16)(val) >> (16 - (n=
)))))
+#define ENC_TO_VMCS12_IDX(enc) ROL16(enc, 6)
=20
 struct vmcs_hdr {
 	u32 revision_id:31;
diff --git a/arch/x86/kvm/vmx/vmcs12.c b/arch/x86/kvm/vmx/vmcs12.c
index 4233b5ca9461..c2ac9e1a50b3 100644
--- a/arch/x86/kvm/vmx/vmcs12.c
+++ b/arch/x86/kvm/vmx/vmcs12.c
@@ -4,10 +4,10 @@
 #include "vmcs12.h"
=20
 #define VMCS12_OFFSET(x) offsetof(struct vmcs12, x)
-#define FIELD(number, name)	[ROL16(number, 6)] =3D VMCS12_OFFSET(name)
+#define FIELD(number, name)	[ENC_TO_VMCS12_IDX(number)] =3D VMCS12_OFFSET(=
name)
 #define FIELD64(number, name)						\
 	FIELD(number, name),						\
-	[ROL16(number##_HIGH, 6)] =3D VMCS12_OFFSET(name) + sizeof(u32)
+	[ENC_TO_VMCS12_IDX(number##_HIGH)] =3D VMCS12_OFFSET(name) + sizeof(u32)
=20
 const unsigned short vmcs12_field_offsets[] =3D {
 	FIELD(VIRTUAL_PROCESSOR_ID, virtual_processor_id),
diff --git a/arch/x86/kvm/vmx/vmcs12.h b/arch/x86/kvm/vmx/vmcs12.h
index 4ad6b16525b9..7a5fdd9b27ba 100644
--- a/arch/x86/kvm/vmx/vmcs12.h
+++ b/arch/x86/kvm/vmx/vmcs12.h
@@ -385,7 +385,7 @@ static inline short get_vmcs12_field_offset(unsigned lo=
ng field)
 	if (field >> 15)
 		return -ENOENT;
=20
-	index =3D ROL16(field, 6);
+	index =3D ENC_TO_VMCS12_IDX(field);
 	if (index >=3D nr_vmcs12_fields)
 		return -ENOENT;
=20
--=20
2.52.0.457.g6b5491de43-goog
From nobody Sun Feb  8 05:28:36 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id BFCDD2C11ED
	for <linux-kernel@vger.kernel.org>; Fri,  9 Jan 2026 04:15:31 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1767932137; cv=none;
 b=YtWDxCcCa7qlC9Q6T9Sc9zGWR7dzo0/EAQvgL2XpSL1CnD8Dh0hMwDkcWOY3WGkRCTrztrqXx21iXC0J/lu5wqcYskw8guWg3ynbRuXJygtn3/4Few5r8/Yt8/a4RNBB62FX8WmfTJaLfTCOGBgpN1wBXy1FpCGBhrQ8ASkjJnk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1767932137; c=relaxed/simple;
	bh=dSjYIOKofd36YGyci8KZb4cwxfXwGl54yOm/gRvzkpM=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=S1JPyprlIguBJ+pID+3h2ZPvD7Dv3ftM3s7yWQtyNJTjUJZasbPjz9Bb3XufIrAkIIITzefBI3ux6q+eQMqNBo9DnSe4om9tm0m2LNkUy+mRqRETH5TAwtlYSYqxnVM7wEEhwqzaVQDJ953y6UD9IZ4GwQo0I5z4jFGRnyz0GYM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=uxgrCk27; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="uxgrCk27"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-34c3501d784so4111587a91.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 08 Jan 2026 20:15:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1767932131; x=1768536931;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=UrqaA4srvEY3o9khi6jh7CcKrviRSf24OaZfPNUv3DE=;
        b=uxgrCk27GrsH+ge+NpVdzoUiOQvR2AR1USBuzE2FmLeqbgsaWfICZfX8SGKqqTSbZ4
         b/e3kjo4ZNWN+LNE8ccLyVCeK/CRsGJ3Okq4TY43asDzSYVOAf9ycM1yLyFXJ+Ry71b4
         bumzxbE3EOm16Vgl7gRnxF/uaTd33f+cWktlLw1eU4VAksurNIZbiSFY5rSLq5woiKgw
         txWFQUzRIC5v4gIEuiPpgEERiFGm5Q8b+jap0dmFXgrNkAU18r82dwE7Tw5ReGuslmi1
         3R4CVcSabqgdtZETtWCmn12Fa+J1vYBOkXGVnLx333I9BPdjoJW/T/B/rq66G8zlRG+B
         Wl/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1767932131; x=1768536931;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=UrqaA4srvEY3o9khi6jh7CcKrviRSf24OaZfPNUv3DE=;
        b=UxjYrwpO18OswsDY6r2o5pqtp/3+eTgNowMkhqZ+2nBqeA4OyCyt5v/0I9U2/5qVCU
         cl7hkEJ2ZC/hJ0dsa2gwhRW2QVmeWoABLrpr+wwI9khB9YZjT+ZAmeO2pTBgV1lMQ0Qt
         bQXtVfwOL7YSkkGxGSz3ZoFo4jZVEPssVG8KpUAqUDzlUGLCODGhNqbSJwdtep5UQwU9
         Y1II21/jz68Oi2nK2MT6d3PABIcPuyvchRu3mB+sqVtfld4Lgb0rT53AMRelmxYMXEVA
         2r5zqvLuQ3mquo3PKdvT6Ofy7Gv0IEpAocqg9YgXcSxAP2hqp1zdHk2G/cZvzgYBgdYs
         fCQw==
X-Forwarded-Encrypted: i=1;
 AJvYcCW5p7CBymMSgLMbjWc+4XhJwFbz8N/+Zzuvu/c/55zzYbNZvoCJrFtsvdXIHyr9Ill43H1PgdZDl+pDHrc=@vger.kernel.org
X-Gm-Message-State: AOJu0YzhRObST0xer+JBN/HvcrXqn1T2ZGrYfIB4V2kxrghIG1HV0UdJ
	tW0F3jBHXP0kbb54JRpqg5M51DZI8Xc0umMscP/2Jduimhqthl2qf05DqQrMTpOgn8OIdhMlwSq
	ircRUpQ==
X-Google-Smtp-Source: 
 AGHT+IFE/67yba6hPA+b8vLirH7hId58WfEp5916YRvDTSOyjQ2NfnsTDXh1javTa5MMXSzGv8biAwA4laI=
X-Received: from pjbiq12.prod.google.com
 ([2002:a17:90a:fb4c:b0:34e:9b4f:a5a6])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:5287:b0:343:7714:4caa
 with SMTP id 98e67ed59e1d1-34f68b4c72dmr7671978a91.3.1767932130761; Thu, 08
 Jan 2026 20:15:30 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  8 Jan 2026 20:15:22 -0800
In-Reply-To: <20260109041523.1027323-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260109041523.1027323-1-seanjc@google.com>
X-Mailer: git-send-email 2.52.0.457.g6b5491de43-goog
Message-ID: <20260109041523.1027323-4-seanjc@google.com>
Subject: [PATCH v3 3/4] KVM: nVMX: Disallow access to vmcs12 fields that
 aren't supported by "hardware"
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Xiaoyao Li <xiaoyao.li@intel.com>, Chao Gao <chao.gao@intel.com>,
 Xin Li <xin@zytor.com>,
	Yosry Ahmed <yosry.ahmed@linux.dev>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Disallow access (VMREAD/VMWRITE), both emulated and via a shadow VMCS, to
VMCS fields that the loaded incarnation of KVM doesn't support, e.g. due
to lack of hardware support, as a middle ground between allowing access to
any vmcs12 field defined by KVM (current behavior) and gating access based
on the userspace-defined vCPU model (the most functionally correct, but
very costly, implementation).

Disallowing access to unsupported fields helps a tiny bit in terms of
closing the virtualization hole (see below), but the main motivation is to
avoid having to weed out unsupported fields when synchronizing between
vmcs12 and a shadow VMCS.  Because shadow VMCS accesses are done via
VMREAD and VMWRITE, KVM _must_ filter out unsupported fields (or eat
VMREAD/VMWRITE failures), and filtering out just shadow VMCS fields is
about the same amount of effort, and arguably much more confusing.

As a bonus, this also fixes a KVM-Unit-Test failure bug when running on
_hardware_ without support for TSC Scaling, which fails with the same
signature as the bug fixed by commit ba1f82456ba8 ("KVM: nVMX: Dynamically
compute max VMCS index for vmcs12"):

  FAIL: VMX_VMCS_ENUM.MAX_INDEX expected: 19, actual: 17

Dynamically computing the max VMCS index only resolved the issue where KVM
was hardcoding max index, but for CPUs with TSC Scaling, that was "good
enough".

Reviewed-by: Chao Gao <chao.gao@intel.com>
Reviewed-by: Xin Li <xin@zytor.com
Cc: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: Yosry Ahmed <yosry.ahmed@linux.dev>
Link: https://lore.kernel.org/all/20251026201911.505204-22-xin@zytor.com
Link: https://lore.kernel.org/all/YR2Tf9WPNEzrE7Xg@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/nested.c | 15 +++++----
 arch/x86/kvm/vmx/vmcs.h   |  8 +++++
 arch/x86/kvm/vmx/vmcs12.c | 70 +++++++++++++++++++++++++++++++++++++--
 arch/x86/kvm/vmx/vmcs12.h |  6 ++--
 4 files changed, 89 insertions(+), 10 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 61113ead3d7b..ac7a17560c8f 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -111,6 +111,9 @@ static void init_vmcs_shadow_fields(void)
 			  field <=3D GUEST_TR_AR_BYTES,
 			  "Update vmcs12_write_any() to drop reserved bits from AR_BYTES");
=20
+		if (get_vmcs12_field_offset(field) < 0)
+			continue;
+
 		/*
 		 * PML and the preemption timer can be emulated, but the
 		 * processor cannot vmwrite to fields that don't exist
@@ -7074,12 +7077,6 @@ void nested_vmx_set_vmcs_shadowing_bitmap(void)
 	}
 }
=20
-/*
- * Indexing into the vmcs12 uses the VMCS encoding rotated left by 6.  Undo
- * that madness to get the encoding for comparison.
- */
-#define VMCS12_IDX_TO_ENC(idx) ((u16)(((u16)(idx) >> 6) | ((u16)(idx) << 1=
0)))
-
 static u64 nested_vmx_calc_vmcs_enum_msr(void)
 {
 	/*
@@ -7407,6 +7404,12 @@ __init int nested_vmx_hardware_setup(int (*exit_hand=
lers[])(struct kvm_vcpu *))
 {
 	int i;
=20
+	/*
+	 * Note!  The set of supported vmcs12 fields is consumed by both VMX
+	 * MSR and shadow VMCS setup.
+	 */
+	nested_vmx_setup_vmcs12_fields();
+
 	nested_vmx_setup_ctls_msrs(&vmcs_config, vmx_capability.ept);
=20
 	if (!cpu_has_vmx_shadow_vmcs())
diff --git a/arch/x86/kvm/vmx/vmcs.h b/arch/x86/kvm/vmx/vmcs.h
index 9aa204c87661..66d747e265b1 100644
--- a/arch/x86/kvm/vmx/vmcs.h
+++ b/arch/x86/kvm/vmx/vmcs.h
@@ -11,7 +11,15 @@
=20
 #include "capabilities.h"
=20
+/*
+ * Indexing into the vmcs12 uses the VMCS encoding rotated left by 6 as a =
very
+ * rudimentary compression of the range of indices.  The compression ratio=
 is
+ * good enough to allow KVM to use a (very sparsely populated) array witho=
ut
+ * wasting too much memory, while the "algorithm" is fast enough to be use=
d to
+ * lookup vmcs12 fields on-demand, e.g. for emulation.
+ */
 #define ROL16(val, n) ((u16)(((u16)(val) << (n)) | ((u16)(val) >> (16 - (n=
)))))
+#define VMCS12_IDX_TO_ENC(idx) ROL16(idx, 10)
 #define ENC_TO_VMCS12_IDX(enc) ROL16(enc, 6)
=20
 struct vmcs_hdr {
diff --git a/arch/x86/kvm/vmx/vmcs12.c b/arch/x86/kvm/vmx/vmcs12.c
index c2ac9e1a50b3..1ebe67c384ad 100644
--- a/arch/x86/kvm/vmx/vmcs12.c
+++ b/arch/x86/kvm/vmx/vmcs12.c
@@ -9,7 +9,7 @@
 	FIELD(number, name),						\
 	[ENC_TO_VMCS12_IDX(number##_HIGH)] =3D VMCS12_OFFSET(name) + sizeof(u32)
=20
-const unsigned short vmcs12_field_offsets[] =3D {
+static const u16 kvm_supported_vmcs12_field_offsets[] __initconst =3D {
 	FIELD(VIRTUAL_PROCESSOR_ID, virtual_processor_id),
 	FIELD(POSTED_INTR_NV, posted_intr_nv),
 	FIELD(GUEST_ES_SELECTOR, guest_es_selector),
@@ -158,4 +158,70 @@ const unsigned short vmcs12_field_offsets[] =3D {
 	FIELD(HOST_SSP, host_ssp),
 	FIELD(HOST_INTR_SSP_TABLE, host_ssp_tbl),
 };
-const unsigned int nr_vmcs12_fields =3D ARRAY_SIZE(vmcs12_field_offsets);
+
+u16 vmcs12_field_offsets[ARRAY_SIZE(kvm_supported_vmcs12_field_offsets)] _=
_ro_after_init;
+unsigned int nr_vmcs12_fields __ro_after_init;
+
+#define VMCS12_CASE64(enc) case enc##_HIGH: case enc
+
+static __init bool cpu_has_vmcs12_field(unsigned int idx)
+{
+	switch (VMCS12_IDX_TO_ENC(idx)) {
+	case VIRTUAL_PROCESSOR_ID:
+		return cpu_has_vmx_vpid();
+	case POSTED_INTR_NV:
+		return cpu_has_vmx_posted_intr();
+	VMCS12_CASE64(TSC_MULTIPLIER):
+		return cpu_has_vmx_tsc_scaling();
+	case TPR_THRESHOLD:
+	VMCS12_CASE64(VIRTUAL_APIC_PAGE_ADDR):
+		return cpu_has_vmx_tpr_shadow();
+	VMCS12_CASE64(APIC_ACCESS_ADDR):
+		return cpu_has_vmx_virtualize_apic_accesses();
+	VMCS12_CASE64(POSTED_INTR_DESC_ADDR):
+		return cpu_has_vmx_posted_intr();
+	case GUEST_INTR_STATUS:
+		return cpu_has_vmx_virtual_intr_delivery();
+	VMCS12_CASE64(VM_FUNCTION_CONTROL):
+	VMCS12_CASE64(EPTP_LIST_ADDRESS):
+		return cpu_has_vmx_vmfunc();
+	VMCS12_CASE64(EPT_POINTER):
+		return cpu_has_vmx_ept();
+	VMCS12_CASE64(XSS_EXIT_BITMAP):
+		return cpu_has_vmx_xsaves();
+	VMCS12_CASE64(ENCLS_EXITING_BITMAP):
+		return cpu_has_vmx_encls_vmexit();
+	VMCS12_CASE64(GUEST_IA32_PERF_GLOBAL_CTRL):
+	VMCS12_CASE64(HOST_IA32_PERF_GLOBAL_CTRL):
+		return cpu_has_load_perf_global_ctrl();
+	case SECONDARY_VM_EXEC_CONTROL:
+		return cpu_has_secondary_exec_ctrls();
+	case GUEST_S_CET:
+	case GUEST_SSP:
+	case GUEST_INTR_SSP_TABLE:
+	case HOST_S_CET:
+	case HOST_SSP:
+	case HOST_INTR_SSP_TABLE:
+		return cpu_has_load_cet_ctrl();
+
+	/* KVM always emulates PML and the VMX preemption timer in software. */
+	case GUEST_PML_INDEX:
+	case VMX_PREEMPTION_TIMER_VALUE:
+	default:
+		return true;
+	}
+}
+
+void __init nested_vmx_setup_vmcs12_fields(void)
+{
+	unsigned int i;
+
+	for (i =3D 0; i < ARRAY_SIZE(kvm_supported_vmcs12_field_offsets); i++) {
+		if (!kvm_supported_vmcs12_field_offsets[i] ||
+		    !cpu_has_vmcs12_field(i))
+			continue;
+
+		vmcs12_field_offsets[i] =3D kvm_supported_vmcs12_field_offsets[i];
+		nr_vmcs12_fields =3D i + 1;
+	}
+}
diff --git a/arch/x86/kvm/vmx/vmcs12.h b/arch/x86/kvm/vmx/vmcs12.h
index 7a5fdd9b27ba..21cd1b75e4fd 100644
--- a/arch/x86/kvm/vmx/vmcs12.h
+++ b/arch/x86/kvm/vmx/vmcs12.h
@@ -374,8 +374,10 @@ static inline void vmx_check_vmcs12_offsets(void)
 	CHECK_OFFSET(guest_pml_index, 996);
 }
=20
-extern const unsigned short vmcs12_field_offsets[];
-extern const unsigned int nr_vmcs12_fields;
+extern u16 vmcs12_field_offsets[] __ro_after_init;
+extern unsigned int nr_vmcs12_fields __ro_after_init;
+
+void __init nested_vmx_setup_vmcs12_fields(void);
=20
 static inline short get_vmcs12_field_offset(unsigned long field)
 {
--=20
2.52.0.457.g6b5491de43-goog
From nobody Sun Feb  8 05:28:36 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0EB5827B32B
	for <linux-kernel@vger.kernel.org>; Fri,  9 Jan 2026 04:15:32 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1767932136; cv=none;
 b=aw6bPqIasGxYPFwMZtQrKMIACJ1ueMpMG1cxUfGS4aRsr6GM3hYUcHAzbx53YlfPn0NQMe27zLkr3Ed7kYSLZtwPzl3VDrbmEykcCjGOckQzohuf9h7/y+FDY+z2/ShacnCW9I7cvQp+qFQ7nNrkwBM14G7qFUg5kV5/+aGJbgc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1767932136; c=relaxed/simple;
	bh=DZZWXNB3UFwK8BGeGJyRTp3Xu6hRuIS0kH1Hk2lrhes=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=ITjr/StBsHr3DSKFCocgn3BbL0VRFvrSzIS/Cd6Eep1fGalMakraOGrNzpxgpbnp9P3+eSCIepuOoiPYQ7tKwe5oksqh2PXaNloSa3UcrIbfu3IXTsVMVCE6uqMbs7YO96j2oSQmnezXuFgWzMR1aFIiW/mR5ifg+xj/psdrCVw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=GSgoaCUi; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="GSgoaCUi"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-34cc88eca7eso4801191a91.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 08 Jan 2026 20:15:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1767932132; x=1768536932;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=Ov/rDMP3kxGlRWYyyDh1VhkYmedXXlvI3JsrhuQsaKs=;
        b=GSgoaCUiw87ZtIV16uyAseR+M0ZCxfkQqXM6Frm55RL460mtYG+9+Oh4nHYIOH1x5/
         TJQb6rrNyyUsQkx29ArEUsKF7k/UvpCJYs/6Sed/mzfNvs7tK3ZMcTCiT0EdrZUzd5hI
         1ayVYojURnr9qJ+7rJRwLO8Tl1YY94MkQ146cjqo3poStqa8kwkv7C9MKvKO9+LEIP9/
         ux1MigM0y7c/OuxVrAqCD9zh2wszPP9bA3xcNhWavv5JIDMeOHAppD2yl4BUlzksWW1Q
         2a3PVe1gj673pMoG6BXYQAUziu1S9WiPqNnrkuWiNLl2uCNBqCrZK/9RmejNIbbMULWg
         XiIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1767932132; x=1768536932;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Ov/rDMP3kxGlRWYyyDh1VhkYmedXXlvI3JsrhuQsaKs=;
        b=Oc4n7aJc1h602byGaOs7Csxbe9yIvYGyplWZqBTpKC9cm6IuTFhZRTKW8+8hnWnTAs
         TmgYn/iEiX+LRcefPoeC1DUJYjOQ8dZYFh++3AFwpxm0V2MDbqUVqOK+QkPIgO8Xlhq0
         /HqOSJy/zxt5U7qb21RLUuPjo7clc/5oqNGeFZ5XIWdV9VsDk2KLDYFMlDKsc8rKbQd9
         K76aPGnRAs5j41bQdSDsYZfIZ1NdsThQFUplkoeXHlGXFmfyc70INaUAvNzm/09xIz3T
         21dchrwv085uGir4zltbcfUtXSMqPWkkcOnzZ8Xi2KylEYZg/N7IhPpXFJgjv3t+5NLd
         H7Hw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWnDR4AVj8xafFl4vzOjadf7eKKcttePSxh0sVAx/LTpbVErPciPn0rJ1KSuLvbo7An7Qurq6kaJVAXeRU=@vger.kernel.org
X-Gm-Message-State: AOJu0Yy7jdto255TburV8F+Ccbqfvgtf/f5y4zlwc9XYgHUevjzMCwax
	zJQ13/7tk4QT5zEq5pp26HnximV1D1sCMWl+UduWcIn/qM5hkVi60h2j3zxVoMT2oNSnmlQluI5
	a+AR/tA==
X-Google-Smtp-Source: 
 AGHT+IGwhjd/Tdp+duDHCNNRqDKJScvXuyyuKTZj+2tNhsQ5tHaL89ELrFF1rUILoaCEzOilT74jxEfvxLM=
X-Received: from pjzj18.prod.google.com ([2002:a17:90a:eb12:b0:34c:c510:f186])
 (user=seanjc job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:1c05:b0:340:bb51:17eb
 with SMTP id 98e67ed59e1d1-34f68c286c8mr8384781a91.15.1767932132325; Thu, 08
 Jan 2026 20:15:32 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu,  8 Jan 2026 20:15:23 -0800
In-Reply-To: <20260109041523.1027323-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260109041523.1027323-1-seanjc@google.com>
X-Mailer: git-send-email 2.52.0.457.g6b5491de43-goog
Message-ID: <20260109041523.1027323-5-seanjc@google.com>
Subject: [PATCH v3 4/4] KVM: nVMX: Remove explicit filtering of
 GUEST_INTR_STATUS from shadow VMCS fields
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	Xiaoyao Li <xiaoyao.li@intel.com>, Chao Gao <chao.gao@intel.com>,
 Xin Li <xin@zytor.com>,
	Yosry Ahmed <yosry.ahmed@linux.dev>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Drop KVM's filtering of GUEST_INTR_STATUS when generating the shadow VMCS
bitmap now that KVM drops GUEST_INTR_STATUS from the set of supported
vmcs12 fields if the field isn't supported by hardware, and initialization
of the shadow VMCS fields omits unsupported vmcs12 fields.

Note, there is technically a small functional change here, as the vmcs12
filtering only requires support for Virtual Interrupt Delivery, whereas
the shadow VMCS code being removed required "full" APICv support, i.e.
required Virtual Interrupt Delivery *and* APIC Register Virtualizaton *and*
Posted Interrupt support.

Opportunistically tweak the comment to more precisely explain why the
PML and VMX preemption timer fields need to be explicitly checked.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/nested.c | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index ac7a17560c8f..3ef4d7ab5723 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -115,9 +115,10 @@ static void init_vmcs_shadow_fields(void)
 			continue;
=20
 		/*
-		 * PML and the preemption timer can be emulated, but the
-		 * processor cannot vmwrite to fields that don't exist
-		 * on bare metal.
+		 * KVM emulates PML and the VMX preemption timer irrespective
+		 * of hardware support, but shadowing their related VMCS fields
+		 * requires hardware support as the CPU will reject VMWRITEs to
+		 * fields that don't exist.
 		 */
 		switch (field) {
 		case GUEST_PML_INDEX:
@@ -128,10 +129,6 @@ static void init_vmcs_shadow_fields(void)
 			if (!cpu_has_vmx_preemption_timer())
 				continue;
 			break;
-		case GUEST_INTR_STATUS:
-			if (!cpu_has_vmx_apicv())
-				continue;
-			break;
 		default:
 			break;
 		}
--=20
2.52.0.457.g6b5491de43-goog