diff mbox series

[08/15] KVM: SVM: Pass through GHCB MSR if and only if VM is SEV-ES

Message ID 20241127201929.4005605-9-aaronlewis@google.com (mailing list archive)
State New, archived
Headers show
Series Unify MSR intercepts in x86 | expand

Commit Message

Aaron Lewis Nov. 27, 2024, 8:19 p.m. UTC 
From: Sean Christopherson <seanjc@google.com>

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/svm/svm.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Tom Lendacky Dec. 3, 2024, 9:21 p.m. UTC | #1 
On 11/27/24 14:19, Aaron Lewis wrote:
> From: Sean Christopherson <seanjc@google.com>
> 
> Signed-off-by: Sean Christopherson <seanjc@google.com>
> ---
>  arch/x86/kvm/svm/svm.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> index 2380059727168..25d41709a0eaa 100644
> --- a/arch/x86/kvm/svm/svm.c
> +++ b/arch/x86/kvm/svm/svm.c
> @@ -108,7 +108,7 @@ static const struct svm_direct_access_msrs {
>  	{ .index = MSR_IA32_XSS,			.always = false },
>  	{ .index = MSR_EFER,				.always = false },
>  	{ .index = MSR_IA32_CR_PAT,			.always = false },
> -	{ .index = MSR_AMD64_SEV_ES_GHCB,		.always = true  },
> +	{ .index = MSR_AMD64_SEV_ES_GHCB,		.always = false },
>  	{ .index = MSR_TSC_AUX,				.always = false },
>  	{ .index = X2APIC_MSR(APIC_ID),			.always = false },
>  	{ .index = X2APIC_MSR(APIC_LVR),		.always = false },
> @@ -919,6 +919,9 @@ void svm_vcpu_init_msrpm(struct kvm_vcpu *vcpu, unsigned long *msrpm)
>  		svm_disable_intercept_for_msr(vcpu, direct_access_msrs[i].index,
>  					      MSR_TYPE_RW);
>  	}
> +
> +	if (sev_es_guest(vcpu->kvm))
> +		svm_disable_intercept_for_msr(vcpu, MSR_AMD64_SEV_ES_GHCB, MSR_TYPE_RW);

It would probably be better to put this in sev_es_init_vmcb() with the
other MSRs that are removed from interception.

Thanks,
Tom

>  }
>  
>  void svm_set_x2apic_msr_interception(struct vcpu_svm *svm, bool intercept)
diff mbox series

Patch

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 2380059727168..25d41709a0eaa 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -108,7 +108,7 @@  static const struct svm_direct_access_msrs {
 	{ .index = MSR_IA32_XSS,			.always = false },
 	{ .index = MSR_EFER,				.always = false },
 	{ .index = MSR_IA32_CR_PAT,			.always = false },
-	{ .index = MSR_AMD64_SEV_ES_GHCB,		.always = true  },
+	{ .index = MSR_AMD64_SEV_ES_GHCB,		.always = false },
 	{ .index = MSR_TSC_AUX,				.always = false },
 	{ .index = X2APIC_MSR(APIC_ID),			.always = false },
 	{ .index = X2APIC_MSR(APIC_LVR),		.always = false },
@@ -919,6 +919,9 @@  void svm_vcpu_init_msrpm(struct kvm_vcpu *vcpu, unsigned long *msrpm)
 		svm_disable_intercept_for_msr(vcpu, direct_access_msrs[i].index,
 					      MSR_TYPE_RW);
 	}
+
+	if (sev_es_guest(vcpu->kvm))
+		svm_disable_intercept_for_msr(vcpu, MSR_AMD64_SEV_ES_GHCB, MSR_TYPE_RW);
 }
 
 void svm_set_x2apic_msr_interception(struct vcpu_svm *svm, bool intercept)