On Fri, Aug 29, 2025 at 03:05:01PM +0800, Xiaoyao Li wrote:
>On 8/21/2025 9:30 PM, Chao Gao wrote:
>> From: Yang Weijiang <weijiang.yang@xxxxxxxxx>
>>
>> Set original kvm_caps.supported_xss to (host_xss & KVM_SUPPORTED_XSS) if
>> XSAVES is supported. host_xss contains the host supported xstate feature
>> bits for thread FPU context switch, KVM_SUPPORTED_XSS includes all KVM
>> enabled XSS feature bits, the resulting value represents the supervisor
>> xstates that are available to guest and are backed by host FPU framework
>> for swapping {guest,host} XSAVE-managed registers/MSRs.
>>
>> Signed-off-by: Yang Weijiang <weijiang.yang@xxxxxxxxx>
>> Reviewed-by: Maxim Levitsky <mlevitsk@xxxxxxxxxx>
>> Reviewed-by: Chao Gao <chao.gao@xxxxxxxxx>
>> Tested-by: Mathias Krause <minipli@xxxxxxxxxxxxxx>
>> Tested-by: John Allen <john.allen@xxxxxxx>
>> Tested-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
>> Signed-off-by: Chao Gao <chao.gao@xxxxxxxxx>
>> ---
>> arch/x86/kvm/x86.c | 11 ++++++++---
>> 1 file changed, 8 insertions(+), 3 deletions(-)
>>
>> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
>> index 75b7a29721bb..6b01c6e9330e 100644
>> --- a/arch/x86/kvm/x86.c
>> +++ b/arch/x86/kvm/x86.c
>> @@ -220,6 +220,8 @@ static struct kvm_user_return_msrs __percpu *user_return_msrs;
>> | XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 \
>> | XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE)
>> +#define KVM_SUPPORTED_XSS 0
>> +
>> bool __read_mostly allow_smaller_maxphyaddr = 0;
>> EXPORT_SYMBOL_GPL(allow_smaller_maxphyaddr);
>> @@ -9793,14 +9795,17 @@ int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
>> kvm_host.xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK);
>> kvm_caps.supported_xcr0 = kvm_host.xcr0 & KVM_SUPPORTED_XCR0;
>> }
>> +
>> + if (boot_cpu_has(X86_FEATURE_XSAVES)) {
>> + rdmsrq(MSR_IA32_XSS, kvm_host.xss);
>> + kvm_caps.supported_xss = kvm_host.xss & KVM_SUPPORTED_XSS;
>> + }
>
>Reviewed-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
>
>Btw, since we now have KVM_SUPPORTED_XSS to cap the supported bits, it seems
>we can remove the
>
> kvm_caps.supported_xss = 0;
>
>in both vmx_set_cpu_caps() and svm_set_cpu_caps().
This will enable SHSTK for SVM before SVM's CET series is merged.
>
>> kvm_caps.supported_quirks = KVM_X86_VALID_QUIRKS;
>> kvm_caps.inapplicable_quirks = KVM_X86_CONDITIONAL_QUIRKS;
>> rdmsrq_safe(MSR_EFER, &kvm_host.efer);
>> - if (boot_cpu_has(X86_FEATURE_XSAVES))
>> - rdmsrq(MSR_IA32_XSS, kvm_host.xss);
>> -
>> kvm_init_pmu_capability(ops->pmu_ops);
>> if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES))
>
