On 11/22/19 7:46 AM, Paolo Bonzini wrote:
On 22/11/19 14:01, Brijesh Singh wrote:
On 11/21/19 2:33 PM, Peter Gonda wrote:
Only pass through guest relevant CPUID information: Cbit location and
SEV bit. The kernel does not support nested SEV guests so the other data
in this CPUID leaf is unneeded by the guest.
Suggested-by: Jim Mattson <jmattson@xxxxxxxxxx>
Signed-off-by: Peter Gonda <pgonda@xxxxxxxxxx>
Reviewed-by: Jim Mattson <jmattson@xxxxxxxxxx>
---
arch/x86/kvm/cpuid.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 946fa9cb9dd6..6439fb1dbe76 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -780,8 +780,14 @@ static inline int __do_cpuid_func(struct kvm_cpuid_entry2 *entry, u32 function,
break;
/* Support memory encryption cpuid if host supports it */
case 0x8000001F:
- if (!boot_cpu_has(X86_FEATURE_SEV))
+ if (boot_cpu_has(X86_FEATURE_SEV)) {
+ /* Expose only SEV bit and CBit location */
+ entry->eax &= F(SEV);
I know SEV-ES patches are not accepted yet, but can I ask to pass the
SEV-ES bit in eax?
I think it shouldn't be passed, since KVM does not support SEV-ES.
Fair enough.
-Brijesh
