From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 9 Feb 2026 17:53:47 +0000 (+0100)
Subject: Merge tag 'kvm-x86-misc-6.20' of https://github.com/kvm-x86/linux into HEAD
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9e03b7caf4e65f5a5841dfed540fdcc3ff061734;p=thirdparty%2Flinux.git

Merge tag 'kvm-x86-misc-6.20' of https://github.com/kvm-x86/linux into HEAD

KVM x86 misc changes for 6.20

 - Disallow changing the virtual CPU model if L2 is active, for all the same
   reasons KVM disallows change the model after the first KVM_RUN.

 - Fix a bug where KVM would incorrectly reject host accesses to PV MSRs that
   were advertised as supported to userspace when running with
   KVM_CAP_ENFORCE_PV_FEATURE_CPUID enabled.

 - Fix a bug where KVM would attempt to read protect guest state (CR3) when
   configuring an async #PF entry.

 - Fail the build if EXPORT_SYMBOL_GPL or EXPORT_SYMBOL is used in KVM (for x86
   only) to enforce usage of EXPORT_SYMBOL_FOR_KVM_INTERNAL.  Explicitly allow
   the few exports that are intended for external usage.

 - Ignore -EBUSY when checking nested events after a vCPU exits blocking as
   the WARN is user-triggerable, and because exiting to userspace on -EBUSY
   does more harm than good in pretty much every situation.

 - Throw in the towel and drop the WARN on INIT/SIPI being blocked when vCPU is
   in Wait-For-SIPI, as playing whack-a-mole with syzkaller turned out to be an
   unwinnable game.

 - Add support for new Intel instructions that don't require anything beyond
   enumerating feature flags to userspace.

 - Grab SRCU when reading PDPTRs in KVM_GET_SREGS2.

 - Add WARNs to guard against modifying KVM's CPU caps outside of the intended
   setup flow, as nested VMX in particular is sensitive to unexpected changes
   in KVM's golden configuration.

 - Add a quirk to allow userspace to opt-in to actually suppress EOI broadcasts
   when the suppression feature is enabled by the guest (currently limited to
   split IRQCHIP, i.e. userspace I/O APIC).  Sadly, simply fixing KVM to honor
   Suppress EOI Broadcasts isn't an option as some userspaces have come to rely
   on KVM's buggy behavior (KVM advertises Supress EOI Broadcast irrespective
   of whether or not userspace I/O APIC supports Directed EOIs).

 - Minor cleanups.
---

9e03b7caf4e65f5a5841dfed540fdcc3ff061734
diff --cc arch/x86/kvm/svm/svm.c
index 8b0ac67becae1,8cf1a47304dfd..9ee74c57bd51b
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@@ -5342,7 -5285,7 +5342,8 @@@ static __init void svm_set_cpu_caps(voi
  	kvm_cpu_cap_clear(X86_FEATURE_BUS_LOCK_DETECT);
  	kvm_cpu_cap_clear(X86_FEATURE_MSR_IMM);
  
 +	kvm_setup_xss_caps();
+ 	kvm_finalize_cpu_caps();
  }
  
  static __init int svm_hardware_setup(void)
diff --cc arch/x86/kvm/vmx/vmx.c
index 530981a42c962,30fa20f8b72d0..edf12bf585788
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@@ -8097,7 -8052,7 +8097,8 @@@ static __init void vmx_set_cpu_caps(voi
  		kvm_cpu_cap_clear(X86_FEATURE_IBT);
  	}
  
 +	kvm_setup_xss_caps();
+ 	kvm_finalize_cpu_caps();
  }
  
  static bool vmx_is_io_intercepted(struct kvm_vcpu *vcpu,