This is a combination of Nikunk's series to enable secure TSC support and to fix the GHCB version issues, along with some code refactorings to move SEV+ setup code into sev.c (we've managed to grow something like 4 flows that all do more or less the same thing). Note, I haven't tested SNP functionality in any way. v11: - Shuffle code around so that snp_is_secure_tsc_enabled() doesn't need to be exposed outside of sev.c. - Explicitly modify the intercept for MSR_AMD64_GUEST_TSC_FREQ (paranoia is cheap in this case). - Trim the changelog for the GHCB version enforcement patch. - Continue on with snp_launch_start() if default_tsc_khz is '0'. AFAICT, continuing on doesn't put the host at (any moer) risk. [Kai] v10: https://lore.kernel.org/all/20250804103751.7760-1-nikunj@xxxxxxx v3 (GHCB): https://lore.kernel.org/all/20250804090945.267199-1-nikunj@xxxxxxx Nikunj A Dadhania (4): KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it KVM: SEV: Enforce minimum GHCB version requirement for SEV-SNP guests x86/cpufeatures: Add SNP Secure TSC KVM: SVM: Enable Secure TSC for SNP guests Sean Christopherson (4): KVM: SVM: Move SEV-ES VMSA allocation to a dedicated sev_vcpu_create() helper KVM: SEV: Move init of SNP guest state into sev_init_vmcb() KVM: SEV: Set RESET GHCB MSR value during sev_es_init_vmcb() KVM: SEV: Fold sev_es_vcpu_reset() into sev_vcpu_create() arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/svm.h | 1 + arch/x86/kvm/svm/sev.c | 108 ++++++++++++++++++++--------- arch/x86/kvm/svm/svm.c | 37 +++------- arch/x86/kvm/svm/svm.h | 7 +- 5 files changed, 92 insertions(+), 62 deletions(-) base-commit: c17b750b3ad9f45f2b6f7e6f7f4679844244f0b9 -- 2.51.0.rc1.167.g924127e9c0-goog
