On Thu, Mar 13, 2025, Jon Kohler wrote: > Extend EVMCS1_SUPPORTED_2NDEXEC to understand MBEC enablement, > otherwise presenting both EVMCS and MBEC at the same time will disable > MBEC presentation into the guest. A brief rundown on any relevant history of eVMCS support for MBEC would be appreciated, if there is any. > Signed-off-by: Jon Kohler <jon@xxxxxxxxxxx> > > --- > arch/x86/kvm/vmx/hyperv.c | 5 ++++- > arch/x86/kvm/vmx/hyperv_evmcs.h | 1 + > 2 files changed, 5 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/vmx/hyperv.c b/arch/x86/kvm/vmx/hyperv.c > index fab6a1ad98dc..941a29c9e667 100644 > --- a/arch/x86/kvm/vmx/hyperv.c > +++ b/arch/x86/kvm/vmx/hyperv.c > @@ -138,7 +138,10 @@ void nested_evmcs_filter_control_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 * > ctl_high &= evmcs_get_supported_ctls(EVMCS_EXEC_CTRL); > break; > case MSR_IA32_VMX_PROCBASED_CTLS2: > - ctl_high &= evmcs_get_supported_ctls(EVMCS_2NDEXEC); > + supported_ctrls = evmcs_get_supported_ctls(EVMCS_2NDEXEC); > + if (!vcpu->arch.pt_guest_exec_control) > + supported_ctrls &= ~SECONDARY_EXEC_MODE_BASED_EPT_EXEC; No idea what you're trying to do, but I don't see how this is necessary in any capacity. > + ctl_high &= supported_ctrls; > break; > case MSR_IA32_VMX_TRUE_PINBASED_CTLS: > case MSR_IA32_VMX_PINBASED_CTLS: > diff --git a/arch/x86/kvm/vmx/hyperv_evmcs.h b/arch/x86/kvm/vmx/hyperv_evmcs.h > index a543fccfc574..930429f376f9 100644 > --- a/arch/x86/kvm/vmx/hyperv_evmcs.h > +++ b/arch/x86/kvm/vmx/hyperv_evmcs.h > @@ -87,6 +87,7 @@ > SECONDARY_EXEC_PT_CONCEAL_VMX | \ > SECONDARY_EXEC_BUS_LOCK_DETECTION | \ > SECONDARY_EXEC_NOTIFY_VM_EXITING | \ > + SECONDARY_EXEC_MODE_BASED_EPT_EXEC | \ > SECONDARY_EXEC_ENCLS_EXITING) > > #define EVMCS1_SUPPORTED_3RDEXEC (0ULL) > -- > 2.43.0 >
