Re: [PATCH v3 1/4] KVM: x86: Consolidate CPUID fault handling for emulator and interception logic

[Binbin Wu <binbin.wu@linux.intel.com>]

On 5/14/2026 6:46 AM, Jim Mattson wrote:
> From: Sean Christopherson <seanjc@google.com>
> 
> Extract the logic for emulating CPUID faulting (where CPUID #GPs at CPL>0
> outside of SMM) into a dedicated helper and use the helper for both the
> full emulator and the intercepted-CPUID paths.
> 
> Opportunistically drop kvm_require_cpl(), as kvm_require_cpl() was the one
                                                     ^
Typo:

kvm_require_cpl() -> kvm_emulate_cpuid()

> and only user.
> 
> No functional change intended.
> 
> Signed-off-by: Sean Christopherson <seanjc@google.com>
> Signed-off-by: Jim Mattson <jmattson@google.com>

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>

> ---
>  arch/x86/include/asm/kvm_host.h |  1 -
>  arch/x86/kvm/cpuid.c            |  5 +++--
>  arch/x86/kvm/cpuid.h            |  8 ++++++++
>  arch/x86/kvm/emulate.c          |  6 +-----
>  arch/x86/kvm/kvm_emulate.h      |  1 +
>  arch/x86/kvm/x86.c              | 18 ++++++------------
>  6 files changed, 19 insertions(+), 20 deletions(-)
> 
> diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
> index c470e40a00aa..a9005c61619b 100644
> --- a/arch/x86/include/asm/kvm_host.h
> +++ b/arch/x86/include/asm/kvm_host.h
> @@ -2285,7 +2285,6 @@ void kvm_requeue_exception(struct kvm_vcpu *vcpu, unsigned int nr,
>  void kvm_inject_page_fault(struct kvm_vcpu *vcpu, struct x86_exception *fault);
>  void kvm_inject_emulated_page_fault(struct kvm_vcpu *vcpu,
>  				    struct x86_exception *fault);
> -bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl);
>  bool kvm_require_dr(struct kvm_vcpu *vcpu, int dr);
>  
>  static inline int __kvm_irq_line_state(unsigned long *irq_state,
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index e69156b54cff..1c95d1fa3ead 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -2161,9 +2161,10 @@ int kvm_emulate_cpuid(struct kvm_vcpu *vcpu)
>  {
>  	u32 eax, ebx, ecx, edx;
>  
> -	if (!is_smm(vcpu) && cpuid_fault_enabled(vcpu) &&
> -	    !kvm_require_cpl(vcpu, 0))
> +	if (!kvm_is_cpuid_allowed(vcpu)) {
> +		kvm_queue_exception_e(vcpu, GP_VECTOR, 0);
>  		return 1;
> +	}
>  
>  	eax = kvm_rax_read(vcpu);
>  	ecx = kvm_rcx_read(vcpu);
> diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h
> index 039b8e6f40ba..bc4a8428b836 100644
> --- a/arch/x86/kvm/cpuid.h
> +++ b/arch/x86/kvm/cpuid.h
> @@ -7,6 +7,8 @@
>  #include <asm/processor.h>
>  #include <uapi/asm/kvm_para.h>
>  
> +#include "smm.h"
> +
>  extern u32 kvm_cpu_caps[NR_KVM_CPU_CAPS] __read_mostly;
>  extern bool kvm_is_configuring_cpu_caps __read_mostly;
>  
> @@ -192,6 +194,12 @@ static inline bool cpuid_fault_enabled(struct kvm_vcpu *vcpu)
>  		  MSR_MISC_FEATURES_ENABLES_CPUID_FAULT;
>  }
>  
> +static inline bool kvm_is_cpuid_allowed(struct kvm_vcpu *vcpu)
> +{
> +	return !cpuid_fault_enabled(vcpu) || is_smm(vcpu) ||
> +	       !kvm_x86_call(get_cpl)(vcpu);
> +}
> +
>  static __always_inline void kvm_cpu_cap_clear(unsigned int x86_feature)
>  {
>  	unsigned int x86_leaf = __feature_leaf(x86_feature);
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index c8c6cc0406d6..3ba09093b5ab 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -3593,12 +3593,8 @@ static int em_sti(struct x86_emulate_ctxt *ctxt)
>  static int em_cpuid(struct x86_emulate_ctxt *ctxt)
>  {
>  	u32 eax, ebx, ecx, edx;
> -	u64 msr = 0;
>  
> -	ctxt->ops->get_msr(ctxt, MSR_MISC_FEATURES_ENABLES, &msr);
> -	if (!ctxt->ops->is_smm(ctxt) &&
> -	    (msr & MSR_MISC_FEATURES_ENABLES_CPUID_FAULT) &&
> -	    ctxt->ops->cpl(ctxt))
> +	if (!ctxt->ops->is_cpuid_allowed(ctxt))
>  		return emulate_gp(ctxt, 0);
>  
>  	eax = reg_read(ctxt, VCPU_REGS_RAX);
> diff --git a/arch/x86/kvm/kvm_emulate.h b/arch/x86/kvm/kvm_emulate.h
> index 0abff36d0994..45d4a03b202e 100644
> --- a/arch/x86/kvm/kvm_emulate.h
> +++ b/arch/x86/kvm/kvm_emulate.h
> @@ -225,6 +225,7 @@ struct x86_emulate_ops {
>  			 struct x86_instruction_info *info,
>  			 enum x86_intercept_stage stage);
>  
> +	bool (*is_cpuid_allowed)(struct x86_emulate_ctxt *ctxt);
>  	bool (*get_cpuid)(struct x86_emulate_ctxt *ctxt, u32 *eax, u32 *ebx,
>  			  u32 *ecx, u32 *edx, bool exact_only);
>  	bool (*guest_has_movbe)(struct x86_emulate_ctxt *ctxt);
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 0a1b63c63d1a..01c6b18d1fe5 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -1021,18 +1021,6 @@ void kvm_queue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code)
>  }
>  EXPORT_SYMBOL_FOR_KVM_INTERNAL(kvm_queue_exception_e);
>  
> -/*
> - * Checks if cpl <= required_cpl; if true, return true.  Otherwise queue
> - * a #GP and return false.
> - */
> -bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl)
> -{
> -	if (kvm_x86_call(get_cpl)(vcpu) <= required_cpl)
> -		return true;
> -	kvm_queue_exception_e(vcpu, GP_VECTOR, 0);
> -	return false;
> -}
> -
>  bool kvm_require_dr(struct kvm_vcpu *vcpu, int dr)
>  {
>  	if ((dr != 4 && dr != 5) || !kvm_is_cr4_bit_set(vcpu, X86_CR4_DE))
> @@ -8819,6 +8807,11 @@ static int emulator_intercept(struct x86_emulate_ctxt *ctxt,
>  					     &ctxt->exception);
>  }
>  
> +static bool emulator_is_cpuid_allowed(struct x86_emulate_ctxt *ctxt)
> +{
> +	return kvm_is_cpuid_allowed(emul_to_vcpu(ctxt));
> +}
> +
>  static bool emulator_get_cpuid(struct x86_emulate_ctxt *ctxt,
>  			      u32 *eax, u32 *ebx, u32 *ecx, u32 *edx,
>  			      bool exact_only)
> @@ -8955,6 +8948,7 @@ static const struct x86_emulate_ops emulate_ops = {
>  	.wbinvd              = emulator_wbinvd,
>  	.fix_hypercall       = emulator_fix_hypercall,
>  	.intercept           = emulator_intercept,
> +	.is_cpuid_allowed    = emulator_is_cpuid_allowed,
>  	.get_cpuid           = emulator_get_cpuid,
>  	.guest_has_movbe     = emulator_guest_has_movbe,
>  	.guest_has_fxsr      = emulator_guest_has_fxsr,