On 11/27/24 14:19, Aaron Lewis wrote:
> From: Sean Christopherson <seanjc@xxxxxxxxxx>
>
> Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
> ---
> arch/x86/kvm/svm/svm.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 2380059727168..25d41709a0eaa 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -108,7 +108,7 @@ static const struct svm_direct_access_msrs {
> { .index = MSR_IA32_XSS, .always = false },
> { .index = MSR_EFER, .always = false },
> { .index = MSR_IA32_CR_PAT, .always = false },
> - { .index = MSR_AMD64_SEV_ES_GHCB, .always = true },
> + { .index = MSR_AMD64_SEV_ES_GHCB, .always = false },
> { .index = MSR_TSC_AUX, .always = false },
> { .index = X2APIC_MSR(APIC_ID), .always = false },
> { .index = X2APIC_MSR(APIC_LVR), .always = false },
> @@ -919,6 +919,9 @@ void svm_vcpu_init_msrpm(struct kvm_vcpu *vcpu, unsigned long *msrpm)
> svm_disable_intercept_for_msr(vcpu, direct_access_msrs[i].index,
> MSR_TYPE_RW);
> }
> +
> + if (sev_es_guest(vcpu->kvm))
> + svm_disable_intercept_for_msr(vcpu, MSR_AMD64_SEV_ES_GHCB, MSR_TYPE_RW);
It would probably be better to put this in sev_es_init_vmcb() with the
other MSRs that are removed from interception.
Thanks,
Tom
> }
>
> void svm_set_x2apic_msr_interception(struct vcpu_svm *svm, bool intercept)
