KVM: SNP: Fix LBR Virtualization for SNP guest

SEV-ES and thus SNP guest mandates LBR Virtualization to be _always_ ON.
Although commit b7e4be0a224f ("KVM: SEV-ES: Delegate LBR virtualization
to the processor") did the correct change for SEV-ES guests, it missed
the SNP. Fix it.

Reported-by: Srikanth Aithal <sraithal@amd.com>
Fixes: b7e4be0a224f ("KVM: SEV-ES: Delegate LBR virtualization to the processor")
Signed-off-by: Ravi Bangoria <ravi.bangoria@amd.com>
Message-ID: <20240605114810.1304-1-ravi.bangoria@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 113243daa3d6b872841a2f804b5be9bc34a26b95..df881875969826ecfbcf7afa64768f0d7112bcf7 100644 (file)
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2402,6 +2402,14 @@ static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp)
                }
 
                svm->vcpu.arch.guest_state_protected = true;
+               /*
+                * SEV-ES (and thus SNP) guest mandates LBR Virtualization to
+                * be _always_ ON. Enable it only after setting
+                * guest_state_protected because KVM_SET_MSRS allows dynamic
+                * toggling of LBRV (for performance reason) on write access to
+                * MSR_IA32_DEBUGCTLMSR when guest_state_protected is not set.
+                */
+               svm_enable_lbrv(vcpu);
        }
 
        return 0;