> > - if (_vmexit_control & VM_EXIT_ACTIVATE_SECONDARY_CONTROLS)
> > + if (_vmexit_control & VM_EXIT_ACTIVATE_SECONDARY_CONTROLS) {
> > _secondary_vmexit_control =
> >
> adjust_vmx_controls64(KVM_OPTIONAL_VMX_SECONDARY_VM_EXIT_CO
> NTROLS,
> > MSR_IA32_VMX_EXIT_CTLS2);
> > + if (cpu_feature_enabled(X86_FEATURE_FRED) &&
> > + !(_secondary_vmexit_control &
> SECONDARY_VM_EXIT_SAVE_IA32_FRED &&
> > + _secondary_vmexit_control &
> SECONDARY_VM_EXIT_LOAD_IA32_FRED)) {
>
> Can those checks actually trigger? I.e if FEATURE_FRED is set it means
> the CPU implements the FRED spec. According to the spec it's guaranteed
> that VMX_EXIT_CTLS2 will contain those bits set to 1. So aren't those
> checks superfluous?
Such checks are for nVMX FRED.
> > + if (cpu_feature_enabled(X86_FEATURE_FRED) &&
> > + !(_vmentry_control & VM_ENTRY_LOAD_IA32_FRED)) {
> DITTO
>
> <snip>
