Stop adjusting the guest's CPUID info for the allowed XFRM (a.k.a. XCR0) for SGX enclaves. Past me didn't understand the roles and responsibilities between userspace and KVM with respect to CPUID leafs, i.e. I thought I was being helpful by having KVM adjust the entries. This is clearly an ABI change, but QEMU does the right thing and AFAIK no other VMMs support SGX (yet), so I'm hopeful/confident that we can excise the ugly before userspace starts depending on the bad behavior. v2: - Collect reviews/testing. [Kai] - Require FP+SSE to always be set in XFRM, and exempt them from the XFRM vs. XCR0 check. [Kai] v1: https://lore.kernel.org/all/20230405005911.423699-1-seanjc@xxxxxxxxxx Sean Christopherson (3): KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE KVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM) KVM: x86: Open code supported XCR0 calculation in kvm_vcpu_after_set_cpuid() arch/x86/kvm/cpuid.c | 43 ++++++++++-------------------------------- arch/x86/kvm/vmx/sgx.c | 11 +++++++++-- 2 files changed, 19 insertions(+), 35 deletions(-) base-commit: 5c291b93e5d665380dbecc6944973583f9565ee5 -- 2.40.1.495.gc816e09b53d-goog
