KVM has never allowed a guest to set EFER.LMSLE when the "nested" module parameter was false. In the past, there was no way for a guest to know whether or not this was a legal EFER bit. Now, we can let the guest know this bit is illegal by reporting X86_FEATURE_NO_LMSLE in KVM_GET_SUPPORTED_CPUID. Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx> --- arch/x86/kvm/svm/svm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 7c4fd594166c..942602d503ad 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4945,6 +4945,8 @@ static __init void svm_set_cpu_caps(void) if (boot_cpu_has(X86_FEATURE_LS_CFG_SSBD) || boot_cpu_has(X86_FEATURE_AMD_SSBD)) kvm_cpu_cap_set(X86_FEATURE_VIRT_SSBD); + if (!nested) + kvm_cpu_cap_set(X86_FEATURE_NO_LMSLE); /* AMD PMU PERFCTR_CORE CPUID */ if (enable_pmu && boot_cpu_has(X86_FEATURE_PERFCTR_CORE)) -- 2.37.3.968.ga6b4b080e4-goog
