diff options
| author | Paolo Bonzini <[email protected]> | 2025-07-28 15:13:57 +0000 |
|---|---|---|
| committer | Paolo Bonzini <[email protected]> | 2025-07-29 12:36:43 +0000 |
| commit | 1a14928e2e91a098c6117ba52b06327e3fc5072c (patch) | |
| tree | 62092d38056c86b639deeb180ea1fe53acc2796b /arch/x86/kvm/cpuid.c | |
| parent | Merge tag 'kvm-x86-no_assignment-6.17' of https://github.com/kvm-x86/linux in... (diff) | |
| parent | KVM: x86: Reject KVM_SET_TSC_KHZ VM ioctl when vCPUs have been created (diff) | |
| download | kernel-1a14928e2e91a098c6117ba52b06327e3fc5072c.tar.gz kernel-1a14928e2e91a098c6117ba52b06327e3fc5072c.zip | |
Merge tag 'kvm-x86-misc-6.17' of https://github.com/kvm-x86/linux into HEAD
KVM x86 misc changes for 6.17
- Prevert the host's DEBUGCTL.FREEZE_IN_SMM (Intel only) when running the
guest. Failure to honor FREEZE_IN_SMM can bleed host state into the guest.
- Explicitly check vmcs12.GUEST_DEBUGCTL on nested VM-Enter (Intel only) to
prevent L1 from running L2 with features that KVM doesn't support, e.g. BTF.
- Intercept SPEC_CTRL on AMD if the MSR shouldn't exist according to the
vCPU's CPUID model.
- Rework the MSR interception code so that the SVM and VMX APIs are more or
less identical.
- Recalculate all MSR intercepts from the "source" on MSR filter changes, and
drop the dedicated "shadow" bitmaps (and their awful "max" size defines).
- WARN and reject loading kvm-amd.ko instead of panicking the kernel if the
nested SVM MSRPM offsets tracker can't handle an MSR.
- Advertise support for LKGS (Load Kernel GS base), a new instruction that's
loosely related to FRED, but is supported and enumerated independently.
- Fix a user-triggerable WARN that syzkaller found by stuffing INIT_RECEIVED,
a.k.a. WFS, and then putting the vCPU into VMX Root Mode (post-VMXON). Use
the same approach KVM uses for dealing with "impossible" emulation when
running a !URG guest, and simply wait until KVM_RUN to detect that the vCPU
has architecturally impossible state.
- Add KVM_X86_DISABLE_EXITS_APERFMPERF to allow disabling interception of
APERF/MPERF reads, so that a "properly" configured VM can "virtualize"
APERF/MPERF (with many caveats).
- Reject KVM_SET_TSC_KHZ if vCPUs have been created, as changing the "default"
frequency is unsupported for VMs with a "secure" TSC, and there's no known
use case for changing the default frequency for other VM types.
Diffstat (limited to 'arch/x86/kvm/cpuid.c')
| -rw-r--r-- | arch/x86/kvm/cpuid.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index f84bc0569c9c..e2836a255b16 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -979,6 +979,7 @@ void kvm_set_cpu_caps(void) F(FSRS), F(FSRC), F(WRMSRNS), + X86_64_F(LKGS), F(AMX_FP16), F(AVX_IFMA), F(LAM), |