On 10/9/2024 12:45 AM, Borislav Petkov wrote: > On Fri, Sep 13, 2024 at 05:06:52PM +0530, Neeraj Upadhyay wrote: >> diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c >> index cd44e120fe53..ec038be0a048 100644 >> --- a/arch/x86/boot/compressed/sev.c >> +++ b/arch/x86/boot/compressed/sev.c >> @@ -394,6 +394,7 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) >> MSR_AMD64_SNP_VMSA_REG_PROT | \ >> MSR_AMD64_SNP_RESERVED_BIT13 | \ >> MSR_AMD64_SNP_RESERVED_BIT15 | \ >> + MSR_AMD64_SNP_SECURE_AVIC_ENABLED | \ >> MSR_AMD64_SNP_RESERVED_MASK) >> >> /* > > Shouldn't this hunk be in the last patch of the series, after all the sAVIC > enablement has happened? > As SECURE_AVIC feature is not supported (as reported by snp_get_unsupported_features()) by guest at this patch in the series, it is added to SNP_FEATURES_IMPL_REQ here. The bit value within SNP_FEATURES_IMPL_REQ hasn't changed with this change as the same bit pos was part of MSR_AMD64_SNP_RESERVED_MASK before this patch. In patch 14 SECURE_AVIC guest support is indicated by guest. - Neeraj
