[PATCH v11 03/23] KVM: x86: Manually clear MPX state only on INIT

From: Chao Gao
Date: Fri Jul 04 2025 - 04:53:17 EST

Next message: Chao Gao: "[PATCH v11 02/23] KVM: x86: Add kvm_msr_{read,write}() helpers"
Previous message: David Hildenbrand: "Re: [PATCH v2 5/5] vfio/type1: optimize vfio_unpin_pages_remote()"
In reply to: Chao Gao: "[PATCH v11 00/23] Enable CET Virtualization"
Next in thread: Chao Gao: "[PATCH v11 02/23] KVM: x86: Add kvm_msr_{read,write}() helpers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sean Christopherson <seanjc@xxxxxxxxxx>

Don't manually clear/zero MPX state on RESET, as the guest FPU state is
zero allocated and KVM only does RESET during vCPU creation, i.e. the
relevant state is guaranteed to be all zeroes.

Opportunistically move the relevant code into a helper in anticipation of
adding support for CET shadow stacks, which also has state that is zeroed
on INIT.

Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
Signed-off-by: Yang Weijiang <weijiang.yang@xxxxxxxxx>
Signed-off-by: Chao Gao <chao.gao@xxxxxxxxx>
---
arch/x86/kvm/x86.c | 46 ++++++++++++++++++++++++++++++----------------
1 file changed, 30 insertions(+), 16 deletions(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 51b37492142c..c956b36314fb 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -12517,6 +12517,35 @@ void kvm_arch_vcpu_destroy(struct kvm_vcpu *vcpu)
kvfree(vcpu->arch.cpuid_entries);
}

+static void kvm_xstate_reset(struct kvm_vcpu *vcpu, bool init_event)
+{
+ struct fpstate *fpstate = vcpu->arch.guest_fpu.fpstate;
+
+ /*
+ * Guest FPU state is zero allocated and so doesn't need to be manually
+ * cleared on RESET, i.e. during vCPU creation.
+ */
+ if (!init_event || !fpstate)
+ return;
+
+ /*
+ * On INIT, only select XSTATE components are zeroed, most components
+ * are unchanged. Currently, the only components that are zeroed and
+ * supported by KVM are MPX related.
+ */
+ if (!kvm_mpx_supported())
+ return;
+
+ /*
+ * All paths that lead to INIT are required to load the guest's FPU
+ * state (because most paths are buried in KVM_RUN).
+ */
+ kvm_put_guest_fpu(vcpu);
+ fpstate_clear_xstate_component(fpstate, XFEATURE_BNDREGS);
+ fpstate_clear_xstate_component(fpstate, XFEATURE_BNDCSR);
+ kvm_load_guest_fpu(vcpu);
+}
+
void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
{
struct kvm_cpuid_entry2 *cpuid_0x1;
@@ -12574,22 +12603,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
kvm_async_pf_hash_reset(vcpu);
vcpu->arch.apf.halted = false;

- if (vcpu->arch.guest_fpu.fpstate && kvm_mpx_supported()) {
- struct fpstate *fpstate = vcpu->arch.guest_fpu.fpstate;
-
- /*
- * All paths that lead to INIT are required to load the guest's
- * FPU state (because most paths are buried in KVM_RUN).
- */
- if (init_event)
- kvm_put_guest_fpu(vcpu);
-
- fpstate_clear_xstate_component(fpstate, XFEATURE_BNDREGS);
- fpstate_clear_xstate_component(fpstate, XFEATURE_BNDCSR);
-
- if (init_event)
- kvm_load_guest_fpu(vcpu);
- }
+ kvm_xstate_reset(vcpu, init_event);

if (!init_event) {
vcpu->arch.smbase = 0x30000;
--
2.47.1

Next message: Chao Gao: "[PATCH v11 02/23] KVM: x86: Add kvm_msr_{read,write}() helpers"
Previous message: David Hildenbrand: "Re: [PATCH v2 5/5] vfio/type1: optimize vfio_unpin_pages_remote()"
In reply to: Chao Gao: "[PATCH v11 00/23] Enable CET Virtualization"
Next in thread: Chao Gao: "[PATCH v11 02/23] KVM: x86: Add kvm_msr_{read,write}() helpers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]