On Fri, Feb 23, 2024, Paolo Bonzini wrote: > Compute the set of features to be stored in the VMSA when KVM is > initialized; move it from there into kvm_sev_info when SEV is initialized, > and then into the initial VMSA. > > The new variable can then be used to return the set of supported features > to userspace, via the KVM_GET_DEVICE_ATTR ioctl. > > Signed-off-by: Paolo Bonzini > Message-Id: <20240209183743.22030-5-pbonzini@redhat.com> Maybe in v3 we'll find out whether or not you can triple-stamp a double-stamp :-) > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c > index f760106c31f8..53e958805ab9 100644 > --- a/arch/x86/kvm/svm/sev.c > +++ b/arch/x86/kvm/svm/sev.c > @@ -59,10 +59,12 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); > /* enable/disable SEV-ES DebugSwap support */ > static bool sev_es_debug_swap_enabled = true; > module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); > +static u64 sev_supported_vmsa_features; > #else > #define sev_enabled false > #define sev_es_enabled false > #define sev_es_debug_swap_enabled false > +#define sev_supported_vmsa_features 0 Ok, I've reached my breaking point. Compiling sev.c for CONFIG_KVM_AMD_SEV=n is getting untenable. Splattering #ifdefs _inside_ SEV specific functions is weird and confusing. And unless dead code elimination isn't as effective as I think it is, we don't even need any stuba since sev_guest() and sev_es_guest() are __always_inline specifically so that useless code can be elided. Or if we want to avoid use of IS_ENABLED(), we could add four stubs, which is still well worth it. Note, I also have a separate series that I will post today (I hope) that gives __svm_sev_es_vcpu_run() similar treatment (the 32-bit "support" in assembly is all kinds of stupid). Attached patches are compile-tested only, though I'll try to take them for a spin on hardware later today.