From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 27 May 2025 16:15:49 +0000 (-0400)
Subject: Merge tag 'kvm-x86-svm-6.16' of https://github.com/kvm-x86/linux into HEAD
X-Git-Tag: v6.16-rc1~78^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4e02d4f9734fa55e3eb18be9b759cd42d93497ec;p=thirdparty%2Flinux.git

Merge tag 'kvm-x86-svm-6.16' of https://github.com/kvm-x86/linux into HEAD

KVM SVM changes for 6.16:

 - Wait for target vCPU to acknowledge KVM_REQ_UPDATE_PROTECTED_GUEST_STATE to
   fix a race between AP destroy and VMRUN.

 - Decrypt and dump the VMSA in dump_vmcb() if debugging enabled for the VM.

 - Add support for ALLOWED_SEV_FEATURES.

 - Add #VMGEXIT to the set of handlers special cased for CONFIG_RETPOLINE=y.

 - Treat DEBUGCTL[5:2] as reserved to pave the way for virtualizing features
   that utilize those bits.

 - Don't account temporary allocations in sev_send_update_data().

 - Add support for KVM_CAP_X86_BUS_LOCK_EXIT on SVM, via Bus Lock Threshold.
---

4e02d4f9734fa55e3eb18be9b759cd42d93497ec
diff --cc arch/x86/kvm/svm/nested.c
index 6cd2cf7f6f68d,6221a341f500f..8427a48b8b7ad
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@@ -1039,10 -1066,15 +1066,17 @@@ int nested_svm_vmexit(struct vcpu_svm *
  
  	}
  
+ 	/*
+ 	 * Invalidate bus_lock_rip unless KVM is still waiting for the guest
+ 	 * to make forward progress before re-enabling bus lock detection.
+ 	 */
+ 	if (!vmcb02->control.bus_lock_counter)
+ 		svm->nested.ctl.bus_lock_rip = INVALID_GPA;
+ 
  	nested_svm_copy_common_state(svm->nested.vmcb02.ptr, svm->vmcb01.ptr);
  
 +	kvm_nested_vmexit_handle_ibrs(vcpu);
 +
  	svm_switch_vmcb(svm, &svm->vmcb01);
  
  	/*