On 11/21/19 2:33 PM, Peter Gonda wrote:
> Only pass through guest relevant CPUID information: Cbit location and
> SEV bit. The kernel does not support nested SEV guests so the other data
> in this CPUID leaf is unneeded by the guest.
>
> Suggested-by: Jim Mattson <jmattson@xxxxxxxxxx>
> Signed-off-by: Peter Gonda <pgonda@xxxxxxxxxx>
> Reviewed-by: Jim Mattson <jmattson@xxxxxxxxxx>
> ---
> arch/x86/kvm/cpuid.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 946fa9cb9dd6..6439fb1dbe76 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -780,8 +780,14 @@ static inline int __do_cpuid_func(struct kvm_cpuid_entry2 *entry, u32 function,
> break;
> /* Support memory encryption cpuid if host supports it */
> case 0x8000001F:
> - if (!boot_cpu_has(X86_FEATURE_SEV))
> + if (boot_cpu_has(X86_FEATURE_SEV)) {
> + /* Expose only SEV bit and CBit location */
> + entry->eax &= F(SEV);
I know SEV-ES patches are not accepted yet, but can I ask to pass the
SEV-ES bit in eax?
> + entry->ebx &= GENMASK(5, 0);
> + entry->edx = entry->ecx = 0;
> + } else {
> entry->eax = entry->ebx = entry->ecx = entry->edx = 0;
> + }
> break;
> /*Add support for Centaur's CPUID instruction*/
> case 0xC0000000:
