Re: [RFC PATCH v2 4/4] KVM: x86: TDX: Report CORE_CAPABILITIES as supported

[Binbin Wu <binbin.wu@linux.intel.com>]

On 6/4/2026 1:32 PM, Binbin Wu wrote:
> 
> 
> On 6/4/2026 10:51 AM, sashiko-bot@kernel.org wrote:
>> Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
>> - [High] Missing handling of MSR_IA32_CORE_CAPS in tdx_set_msr() causes KVM_SET_MSRS to fail, breaking VM initialization and live migration.
>> --
>>
>> commit 217a78047d73d2be68ef27e206470a6c237db79a
>> Author: Binbin Wu <binbin.wu@linux.intel.com>
>>
>> KVM: x86: TDX: Report CORE_CAPABILITIES as supported
>>
>> This commit adds CORE_CAPABILITIES to the TDX configurable CPUID allowlist
>> to accommodate legacy TDX module behavior. It also modifies tdx_get_msr()
>> to return 0 for MSR_IA32_CORE_CAPS.
>>
>>> diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
>>> index 26a5ad59a5694..b7661ba98a8d4 100644
>>> --- a/arch/x86/kvm/vmx/tdx.c
>>> +++ b/arch/x86/kvm/vmx/tdx.c
>>
>> [ ... ]
>>
>>> @@ -2319,6 +2319,14 @@ int tdx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
>>>  			return 1;
>>>  		msr->data = vcpu->arch.mcg_ext_ctl;
>>>  		return 0;
>>> +	case MSR_IA32_CORE_CAPS:
>>> +		/*
>>> +		 * KVM doesn't support MSR_IA32_CORE_CAPS, however, in some old
>>> +		 * TDX modules, CPUID.0x7.0.EDX[30] is fixed-1. As a workaround,
>>> +		 * just return 0 for this MSR.
>>> +		 */
>>> +		msr->data = 0;
>>> +		return 0;
>>
>> [Severity: High]
>> Since MSR_IA32_CORE_CAPS is now exposed to userspace via tdx_get_msr(), does
> MSR_IA32_CORE_CAPS is not exposed to userspace via KVM_GET_MSR_INDEX_LIST.
> I suppose userspace should retrieve the supported MSRs via KVM_GET_MSR_INDEX_LIST

or KVM_GET_MSR_FEATURE_INDEX_LIST

> before KVM_GET_MSRS/KVM_SET_MSRS?
> 
> 
> Had a second thought, this MSR code could be dropped.
> In Linux kernel, MSR_IA32_CORE_CAPS is either read by the safe version or skipped
> when it's running in virtualized environment. Also, there was no complain about
> the access of this MSR in any guest so far.
> 
> We can just report CORE_CAPABILITIES as a TDX configurable CPUID bit to userspace.
> Userspace can do some change to remove any bit that reported as configurable from
> fixed1 bits. Since KVM doesn't support CORE_CAPABILITIES via KVM_GET_CPUID2,
> userspace then should not enable CORE_CAPABILITIES bit for TDX guests.
> 
> 
>> tdx_set_msr() need a corresponding update to accept host-initiated writes?
>>
>> During VM migration or state restore, userspace typically reads MSRs on the
>> source and writes them to the destination. If tdx_set_msr() doesn't handle
>> MSR_IA32_CORE_CAPS, the KVM_SET_MSRS ioctl will fall through to the default
>> case.
>>
>> Because tdx_has_emulated_msr() does not include MSR_IA32_CORE_CAPS, won't
>> tdx_set_msr() return an error and immediately abort the migration?
>>
>>>  	default:
>>>  		if (!tdx_has_emulated_msr(msr->index))
>>>  			return 1;
>>
> 
> 
> 
> 
>