On 10/12/2024 23:43, Sean Christopherson wrote: > Unless you (Tom) disagree, I vote to simply drop the offending code, i.e. make > all supported bits fully writable from the guest. KVM is firmly in the wrong here, > and I can't think of any reason to disallow the guest from clearing LFENCE_SERIALIZE. > > diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c > index 6a350cee2f6c..5a82ead3bf0f 100644 > --- a/arch/x86/kvm/svm/svm.c > +++ b/arch/x86/kvm/svm/svm.c > @@ -3201,15 +3201,6 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) > if (data & ~supported_de_cfg) > return 1; > > - /* > - * Don't let the guest change the host-programmed value. The > - * MSR is very model specific, i.e. contains multiple bits that > - * are completely unknown to KVM, and the one bit known to KVM > - * is simply a reflection of hardware capabilities. > - */ > - if (!msr->host_initiated && data != svm->msr_decfg) > - return 1; > - > svm->msr_decfg = data; > break; > } > This also produces a good kernel.
