Commit 9e55269b authored by Kai Huang's avatar Kai Huang Committed by Zhiquan Li
Browse files

KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled 

mainline inclusion
from mainline-v6.8-rc1
commit 7efb4d8a392a18e37fcdb5e77c111af6e9a9e2f2
category: bugfix
bugzilla: https://gitee.com/openeuler/intel-kernel/issues/IB21Q3
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7efb4d8a392a18e37fcdb5e77c111af6e9a9e2f2



--------------------------------

When SGX EDECCSSA support was added to KVM in commit 16a7fe37
("KVM/VMX: Allow exposing EDECCSSA user leaf function to KVM guest"), it
forgot to clear the X86_FEATURE_SGX_EDECCSSA bit in KVM CPU caps when
KVM SGX is disabled.  Fix it.

Fixes: 16a7fe37 ("KVM/VMX: Allow exposing EDECCSSA user leaf function to KVM guest")
Signed-off-by: default avatarKai Huang <kai.huang@intel.com>
Link: https://lore.kernel.org/r/20240905120837.579102-1-kai.huang@intel.com


Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
[ Zhiquan Li: amend commit log ]
Signed-off-by: default avatarZhiquan Li <zhiquan1.li@intel.com>
parent 7435f796

arch/x86/kvm/vmx/vmx.c

+1 −0
Original line number Diff line number Diff line
@@ -7814,6 +7814,7 @@ static __init void vmx_set_cpu_caps(void) 
		kvm_cpu_cap_clear(X86_FEATURE_SGX_LC);

		kvm_cpu_cap_clear(X86_FEATURE_SGX1);

		kvm_cpu_cap_clear(X86_FEATURE_SGX2);

		kvm_cpu_cap_clear(X86_FEATURE_SGX_EDECCSSA);

	}



	if (vmx_umip_emulated())