When a system is not affected by the BHI bug then KVM should configure guests with BHI_NO to ensure they won't enable any BHI mitigation. Signed-off-by: Alexandre Chartre <alexandre.chartre@xxxxxxxxxx> --- arch/x86/kvm/x86.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 984ea2089efc..f43d3c15a6b7 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1678,6 +1678,9 @@ static u64 kvm_get_arch_capabilities(void) if (!boot_cpu_has_bug(X86_BUG_GDS) || gds_ucode_mitigated()) data |= ARCH_CAP_GDS_NO; + if (!boot_cpu_has_bug(X86_BUG_BHI)) + data |= ARCH_CAP_BHI_NO; + return data; } -- 2.39.3
