@@ -594,6 +594,12 @@ static void __init calculate_hvm_max_pol
*/
if ( cpu_has_vmx )
{
+ if ( !cpu_has_vmx_rdtscp )
+ __clear_bit(X86_FEATURE_RDTSCP, fs);
+
+ if ( !cpu_has_vmx_invpcid )
+ __clear_bit(X86_FEATURE_INVPCID, fs);
+
if ( !cpu_has_vmx_mpx )
__clear_bit(X86_FEATURE_MPX, fs);
@@ -299,6 +299,8 @@ extern u64 vmx_ept_vpid_cap;
(vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_EPT)
#define cpu_has_vmx_dt_exiting \
(vmx_secondary_exec_control & SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING)
+#define cpu_has_vmx_rdtscp \
+ (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_RDTSCP)
#define cpu_has_vmx_vpid \
(vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_VPID)
#define cpu_has_monitor_trap_flag \
@@ -314,6 +316,8 @@ extern u64 vmx_ept_vpid_cap;
SECONDARY_EXEC_UNRESTRICTED_GUEST)
#define cpu_has_vmx_ple \
(vmx_secondary_exec_control & SECONDARY_EXEC_PAUSE_LOOP_EXITING)
+#define cpu_has_vmx_invpcid \
+ (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_INVPCID)
#define cpu_has_vmx_apic_reg_virt \
(vmx_secondary_exec_control & SECONDARY_EXEC_APIC_REGISTER_VIRT)
#define cpu_has_vmx_virtual_intr_delivery \
Both have separate enable bits, which are optional. While on real hardware we can perhaps expect these VMX controls to be available if (and only if) the base CPU feature is available, when running virtualized ourselves this may not be the case. Signed-off-by: Jan Beulich <jbeulich@suse.com> --- Afaics we don't ourselves expose the 1-setting of the two enables. (We also don't constrain guests to set only bits we report as available to set; there's a respective TODO comment in set_vvmcs_virtual_safe().)