KVM: SVM: Treat DEBUGCTL[5:2] as reserved

Stop ignoring DEBUGCTL[5:2] on AMD CPUs and instead treat them as reserved.
KVM has never properly virtualized AMD's legacy PBi bits, but did allow
the guest (and host userspace) to set the bits.  To avoid breaking guests
when running on CPUs with BusLockTrap, which redefined bit 2 to BLCKDB and
made bits 5:3 reserved, a previous KVM change ignored bits 5:3, e.g. so
that legacy guest software wouldn't inadvertently enable BusLockTrap or
hit a VMRUN failure due to setting reserved.

To allow for virtualizing BusLockTrap and whatever future features may use
bits 5:3, treat bits 5:2 as reserved (and hope that doing so doesn't break
any existing guests).

Reviewed-and-tested-by: Ravi Bangoria <ravi.bangoria@amd.com>
Link: https://lore.kernel.org/r/20250227222411.3490595-7-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index dca87d9e585021f3ca55bab9c6736b07aea74acf..1ed5aa76e06cdd3d869df70ed9177cc24c707581 100644 (file)
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3176,17 +3176,6 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
                        break;
                }
 
-               /*
-                * AMD changed the architectural behavior of bits 5:2.  On CPUs
-                * without BusLockTrap, bits 5:2 control "external pins", but
-                * on CPUs that support BusLockDetect, bit 2 enables BusLockTrap
-                * and bits 5:3 are reserved-to-zero.  Sadly, old KVM allowed
-                * the guest to set bits 5:2 despite not actually virtualizing
-                * Performance-Monitoring/Breakpoint external pins.  Drop bits
-                * 5:2 for backwards compatibility.
-                */
-               data &= ~GENMASK(5, 2);
-
                /*
                 * Suppress BTF as KVM doesn't virtualize BTF, but there's no
                 * way to communicate lack of support to the guest.