Only pass through guest relevant CPUID information: Cbit location and
SEV bit. The kernel does not support nested SEV guests so the other data
in this CPUID leaf is unneeded by the guest.
Suggested-by: Jim Mattson <jmattson@xxxxxxxxxx>
Signed-off-by: Peter Gonda <pgonda@xxxxxxxxxx>
Reviewed-by: Jim Mattson <jmattson@xxxxxxxxxx>
---
arch/x86/kvm/cpuid.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 946fa9cb9dd6..6439fb1dbe76 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -780,8 +780,14 @@ static inline int __do_cpuid_func(struct kvm_cpuid_entry2 *entry, u32 function,
break;
/* Support memory encryption cpuid if host supports it */
case 0x8000001F:
- if (!boot_cpu_has(X86_FEATURE_SEV))
+ if (boot_cpu_has(X86_FEATURE_SEV)) {
+ /* Expose only SEV bit and CBit location */
+ entry->eax &= F(SEV);
+ entry->ebx &= GENMASK(5, 0);
+ entry->edx = entry->ecx = 0;
+ } else {
entry->eax = entry->ebx = entry->ecx = entry->edx = 0;
+ }
break;
/*Add support for Centaur's CPUID instruction*/
case 0xC0000000:
--
2.24.0.432.g9d3f5f5b63-goog
