From 6347c1b51fb6f734b13282f6ec2aed317ac0c42d Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 16 Jul 2025 09:29:56 +0200
Subject: [PATCH] 6.12-stable patches

added patches:
	kvm-svm-set-synthesized-tsa-cpuid-flags.patch
---
 ...-svm-set-synthesized-tsa-cpuid-flags.patch | 48 +++++++++++++++++++
 queue-6.12/series                             |  1 +
 2 files changed, 49 insertions(+)
 create mode 100644 queue-6.12/kvm-svm-set-synthesized-tsa-cpuid-flags.patch

diff --git a/queue-6.12/kvm-svm-set-synthesized-tsa-cpuid-flags.patch b/queue-6.12/kvm-svm-set-synthesized-tsa-cpuid-flags.patch
new file mode 100644
index 0000000000..955282b328
--- /dev/null
+++ b/queue-6.12/kvm-svm-set-synthesized-tsa-cpuid-flags.patch
@@ -0,0 +1,48 @@
+From bp@kernel.org  Wed Jul 16 09:29:19 2025
+From: Borislav Petkov <bp@kernel.org>
+Date: Tue, 15 Jul 2025 21:24:59 +0200
+Subject: KVM: SVM: Set synthesized TSA CPUID flags
+To: <stable@vger.kernel.org>
+Cc: "Borislav Petkov (AMD)" <bp@alien8.de>, Jinpu Wang <jinpu.wang@ionos.com>
+Message-ID: <20250715192459.21804-1-bp@kernel.org>
+
+
+From: "Borislav Petkov (AMD)" <bp@alien8.de>
+
+VERW_CLEAR is supposed to be set only by the hypervisor to denote TSA
+mitigation support to a guest. SQ_NO and L1_NO are both synthesizable,
+and are going to be set by hw CPUID on future machines.
+
+So keep the kvm_cpu_cap_init_kvm_defined() invocation *and* set them
+when synthesized.
+
+This fix is stable-only.
+
+Co-developed-by: Jinpu Wang <jinpu.wang@ionos.com>
+Signed-off-by: Jinpu Wang <jinpu.wang@ionos.com>
+Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/kvm/cpuid.c |    4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/arch/x86/kvm/cpuid.c
++++ b/arch/x86/kvm/cpuid.c
+@@ -822,6 +822,7 @@ void kvm_set_cpu_caps(void)
+ 	kvm_cpu_cap_check_and_set(X86_FEATURE_SBPB);
+ 	kvm_cpu_cap_check_and_set(X86_FEATURE_IBPB_BRTYPE);
+ 	kvm_cpu_cap_check_and_set(X86_FEATURE_SRSO_NO);
++	kvm_cpu_cap_check_and_set(X86_FEATURE_VERW_CLEAR);
+ 
+ 	kvm_cpu_cap_init_kvm_defined(CPUID_8000_0022_EAX,
+ 		F(PERFMON_V2)
+@@ -831,6 +832,9 @@ void kvm_set_cpu_caps(void)
+ 		F(TSA_SQ_NO) | F(TSA_L1_NO)
+ 	);
+ 
++	kvm_cpu_cap_check_and_set(X86_FEATURE_TSA_SQ_NO);
++	kvm_cpu_cap_check_and_set(X86_FEATURE_TSA_L1_NO);
++
+ 	/*
+ 	 * Synthesize "LFENCE is serializing" into the AMD-defined entry in
+ 	 * KVM's supported CPUID if the feature is reported as supported by the
diff --git a/queue-6.12/series b/queue-6.12/series
index 759fa7b539..b03e1d94a5 100644
--- a/queue-6.12/series
+++ b/queue-6.12/series
@@ -163,3 +163,4 @@ ksmbd-fix-potential-use-after-free-in-oplock-lease-break-ack.patch
 arm64-filter-out-sme-hwcaps-when-feat_sme-isn-t-implemented.patch
 crypto-ecdsa-harden-against-integer-overflows-in-div_round_up.patch
 rseq-fix-segfault-on-registration-when-rseq_cs-is-non-zero.patch
+kvm-svm-set-synthesized-tsa-cpuid-flags.patch
-- 
2.47.2