KVM: nVMX: Prepare to sanitize tertiary execution controls with eVMCS

In preparation to restoring vmcs_conf sanitization for KVM-on-Hyper-V,
(and for completeness) add tertiary VM-execution controls to
'evmcs_supported_ctrls'.

No functional change intended as KVM doesn't yet expose
MSR_IA32_VMX_PROCBASED_CTLS3 to its guests.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20221104144708.435865-4-vkuznets@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/vmx/hyperv.c b/arch/x86/kvm/vmx/hyperv.c
index 77027f6a9b41e1a574ebb1e9131bc12b540b9bcf..a5cbd029c07b22c5af24f1d2cee55c3f89e5d83b 100644 (file)
--- a/arch/x86/kvm/vmx/hyperv.c
+++ b/arch/x86/kvm/vmx/hyperv.c
@@ -363,6 +363,7 @@ enum evmcs_ctrl_type {
        EVMCS_ENTRY_CTRLS,
        EVMCS_EXEC_CTRL,
        EVMCS_2NDEXEC,
+       EVMCS_3RDEXEC,
        EVMCS_PINCTRL,
        EVMCS_VMFUNC,
        NR_EVMCS_CTRLS,
@@ -381,6 +382,9 @@ static const u32 evmcs_supported_ctrls[NR_EVMCS_CTRLS][NR_EVMCS_REVISIONS] = {
        [EVMCS_2NDEXEC] = {
                [EVMCSv1_LEGACY] = EVMCS1_SUPPORTED_2NDEXEC & ~SECONDARY_EXEC_TSC_SCALING,
        },
+       [EVMCS_3RDEXEC] = {
+               [EVMCSv1_LEGACY] = EVMCS1_SUPPORTED_3RDEXEC,
+       },
        [EVMCS_PINCTRL] = {
                [EVMCSv1_LEGACY] = EVMCS1_SUPPORTED_PINCTRL,
        },

diff --git a/arch/x86/kvm/vmx/hyperv.h b/arch/x86/kvm/vmx/hyperv.h
index a9da47c69a2be69e1c52f503405f96f00cd06f75..3edbbd0991dcd61fac818ec1ab3ec880cc68ce41 100644 (file)
--- a/arch/x86/kvm/vmx/hyperv.h
+++ b/arch/x86/kvm/vmx/hyperv.h
@@ -98,6 +98,8 @@ DECLARE_STATIC_KEY_FALSE(enable_evmcs);
         SECONDARY_EXEC_NOTIFY_VM_EXITING |                             \
         SECONDARY_EXEC_ENCLS_EXITING)
 
+#define EVMCS1_SUPPORTED_3RDEXEC (0ULL)
+
 #define EVMCS1_SUPPORTED_VMEXIT_CTRL                                   \
        (VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR |                            \
         VM_EXIT_SAVE_DEBUG_CONTROLS |                                  \