From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B14ED1632DD for ; Tue, 3 Mar 2026 00:35:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772498101; cv=none; b=WQ/uvLBXceV9QqKtYiiQWv57C6YZjNZzFZEV+AXNLGAuX3ZbsKSKJ1jbyYunDNFFU8RqEXh9OYjPLpPHVVFTx1SThrvK05zeZR4c4RR8rUFnKa1COEz7d0F8KNtffrPIIeggt5g2WJhbSjgv7zGK0YFWy+U/B9Q0wICPxLOaQDc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772498101; c=relaxed/simple; bh=2SXId4ZTQ02esREDxKS8Gi63uX+2hOVPZ9qKUmge0Ng=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=g/yDJy4MuK4nK5jsB9Ii2PBhYay5Ow3VU9HtH5jW7nXIUthYG0ayojAcha99w5DjXXF0JO3jR1frTtBTY+1HQ2YTbk8rIOapt2afJmYKFnarvDPpakdzO8i5Pz6EQOsaCVB4GL4j/PISGyGDmyCE51/ko6Se9Wyw/QmcG0kehGc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=zEKK1Sv2; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="zEKK1Sv2" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2ae415b68b1so25600655ad.2 for ; Mon, 02 Mar 2026 16:35:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1772498100; x=1773102900; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=1OhjXzoDILwKrg8TJ6fjwsIjTmjTK8ClLKwqFV0gNH4=; b=zEKK1Sv2rktGdlq5tojWwSV5OnAJRfXfEo9T+UUNTlxyieR6tICnX5EfKzaGTdCWAM noyqx8SbSod/mKPDOVPanPx1F5R0y+mw4jVjUnzR7hyFYXDXNiizx3GnNxw9+B0EnO3t sHx9LOSi62+qeqgMm025JiKqYdsluIwolu0YvsPjMIA55Aa3Vn183TR6eWhSSwhZuDw3 AxTbhMtSRejB1xNkPwuhJV3HbaVe3AECC+PqO6gGo4tbB6skdMGgE0rYzraDucuPh+Lh jGNKk+c9j6y8kPGDKtq5HnywHT10+vlZE8rIHX0hZqzmSmgyhgX6i2xZrk2NpetZMyIV r6Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772498100; x=1773102900; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=1OhjXzoDILwKrg8TJ6fjwsIjTmjTK8ClLKwqFV0gNH4=; b=ia+VSJPuj4P0217wCiiiwNy866I00bVf/0DB9K92KbQKmRrk7IYeGKE55puMapvajJ W3SY52vk7RzsqPqGSGTSeQ+L/hB2mVwr5an1GB/8zeB4QOpbEmGtJ3WJ7MxgdhzXfdos Mxr6SEpux7kmbNYcEyABxMMaR9Xk2XhQuY2g5+I0MRxjeoBGClV/5ZNcm0glAgCkIZnW sP7poDsA1x3rP/TYk/Y7hkFp+oxvLxoJfrEMxhar39DnhKHydJYEGPjOUK2m3to2PIY/ 39r7mfxswcB7EA8iME1BclUBsIw8IdiQujBCEIJT9Ew8EsHW2RJz8EzwhObm+kKOjn9P BdJQ== X-Forwarded-Encrypted: i=1; AJvYcCUme+7LTrY0X4h4x4OXG30KTSTXUGWwN110cQzdamByBYFX7v6WtyrWp6g4u0JVcCiEWv3SVoOTgYyqHYA=@vger.kernel.org X-Gm-Message-State: AOJu0Yzzeu9sXEFA3sJq7RFY3JnCUdp2bGJlup2Ois1bqPukE3oXv7yO ap8psvr9itYHKmJ/8IDJMT8D4tWGtE5YbsaXgYp5o+mm72IFqNYMcJ4DmTL+A8RSXaE9Bz0tl4g 9ImP1vA== X-Received: from plgd14.prod.google.com ([2002:a17:902:cece:b0:2ae:3b07:ebc4]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:d591:b0:29f:2b8a:d3d with SMTP id d9443c01a7336-2ae2e3ce596mr127608505ad.4.1772498099794; Mon, 02 Mar 2026 16:34:59 -0800 (PST) Date: Mon, 2 Mar 2026 16:34:58 -0800 In-Reply-To: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260228033328.2285047-1-chengkev@google.com> Message-ID: Subject: Re: [PATCH V4 0/4] Align SVM with APM defined behaviors From: Sean Christopherson To: Yosry Ahmed Cc: Kevin Cheng , pbonzini@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="us-ascii" On Mon, Mar 02, 2026, Sean Christopherson wrote: > On Mon, Mar 02, 2026, Sean Christopherson wrote: > > On Mon, Mar 02, 2026, Yosry Ahmed wrote: > > > Also taking a step back, I am not really sure what's the right thing > > > to do for Intel-compatible guests here. It also seems like even if we > > > set the intercept, svm_set_gif() will clear the STGI intercept, even > > > on Intel-compatible guests. > > > > > > Maybe we should leave that can of worms alone, go back to removing > > > initializing the CLGI/STGI intercepts in init_vmcb(), and in > > > svm_recalc_instruction_intercepts() set/clear these intercepts based > > > on EFER.SVME alone, irrespective of Intel-compatibility? > > > > Ya, guest_cpuid_is_intel_compatible() should only be applied to VMLOAD/VMSAVE. > > KVM intercepts VMLOAD/VMSAVE to fixup SYSENTER MSRs, not to inject #UD. I.e. KVM > > is handling (the absoutely absurd) case that FMS reports an Intel CPU, but the > > guest enables and uses SVM. > > > > /* > > * Intercept VMLOAD if the vCPU model is Intel in order to emulate that > > * VMLOAD drops bits 63:32 of SYSENTER (ignoring the fact that exposing > > * SVM on Intel is bonkers and extremely unlikely to work). > > */ > > if (guest_cpuid_is_intel_compatible(vcpu)) > > guest_cpu_cap_clear(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); > > > > Sorry for not catching this in previous versions. > > Because I got all kinds of confused trying to recall what was different between > v3 and v4, I went ahead and spliced them together. > > Does the below look right? If so, I'll formally post just patches 1 and 3 as v5. > I'll take 2 and 4 directly from here; I want to switch the ordering anyways so > that the vgif movement immediately precedes the Recalc "instructions" patch. Actually, I partially take that back. I'm going to send a separate v5 for patch 4, as there are additional cleanups that can be done related to Hyper-V stubs. P.S. This is a good example of why bundling unrelated patches into series is discouraged.