From: Sean Christopherson Date: Tue, 10 Jun 2025 22:57:06 +0000 (-0700) Subject: KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=674ffc65035119be0ea2664684d1e8d004409ae1;p=thirdparty%2Flinux.git KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest Disable interception of SPEC_CTRL when the CPU virtualizes (i.e. context switches) SPEC_CTRL if and only if the MSR exists according to the vCPU's CPUID model. Letting the guest access SPEC_CTRL is generally benign, but the guest would see inconsistent behavior if KVM happened to emulate an access to the MSR. Fixes: d00b99c514b3 ("KVM: SVM: Add support for Virtual SPEC_CTRL") Reported-by: Chao Gao Link: https://lore.kernel.org/r/20250610225737.156318-2-seanjc@google.com Signed-off-by: Sean Christopherson --- diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index be8c43049f4d3..9c6ec5e881411 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1356,11 +1356,14 @@ static void init_vmcb(struct kvm_vcpu *vcpu) svm_recalc_instruction_intercepts(vcpu, svm); /* - * If the host supports V_SPEC_CTRL then disable the interception - * of MSR_IA32_SPEC_CTRL. + * If the CPU virtualizes MSR_IA32_SPEC_CTRL, i.e. KVM doesn't need to + * manually context switch the MSR, immediately configure interception + * of SPEC_CTRL, without waiting for the guest to access the MSR. */ if (boot_cpu_has(X86_FEATURE_V_SPEC_CTRL)) - set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SPEC_CTRL, 1, 1); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SPEC_CTRL, + guest_has_spec_ctrl_msr(vcpu), + guest_has_spec_ctrl_msr(vcpu)); if (kvm_vcpu_apicv_active(vcpu)) avic_init_vmcb(svm, vmcb);