AMD 2nd generation EPYC processors support UMIP (User-Mode Instruction Prevention) feature. Emulate and enable the UMIP feature if bare metal supports it. Emulation of UMIP instructions (sgdt, sidt, sldt, smsw and str) requires the hypervisor to read and write the guest memory. Guest memory is encrypted on SEV guest. Hypervisor cannot successfully read or write the guest memory. So disable emulation on SEV guest. Enable the emulation only on non SEV guest. Tested on EPYC/EPYC-Rome VMs and works as expected. Please review. Babu Moger (4): kvm: x86: Dont set UMIP feature bit unconditionally kvm: svm: Enable UMIP feature on AMD kvm: svm: Emulate UMIP instructions on non SEV guest x86/Kconfig: Rename UMIP config parameter arch/x86/Kconfig | 8 +++---- arch/x86/include/asm/disabled-features.h | 2 +- arch/x86/include/asm/umip.h | 4 ++-- arch/x86/kernel/Makefile | 2 +- arch/x86/kvm/cpuid.c | 2 +- arch/x86/kvm/svm.c | 30 ++++++++++++++++++++---- 6 files changed, 34 insertions(+), 14 deletions(-) -- 2.20.1
