Re: [PATCH v2 04/11] KVM: SEV: publish supported VMSA features

[Sean Christopherson]

 On Fri, Feb 23, 2024, Paolo Bonzini wrote:
> Compute the set of features to be stored in the VMSA when KVM is
> initialized; move it from there into kvm_sev_info when SEV is initialized,
> and then into the initial VMSA.
> 
> The new variable can then be used to return the set of supported features
> to userspace, via the KVM_GET_DEVICE_ATTR ioctl.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Message-Id: <20240209183743.22030-5-pbonzini@xxxxxxxxxx>

Maybe in v3 we'll find out whether or not you can triple-stamp a double-stamp :-)

> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index f760106c31f8..53e958805ab9 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -59,10 +59,12 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444);
>  /* enable/disable SEV-ES DebugSwap support */
>  static bool sev_es_debug_swap_enabled = true;
>  module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444);
> +static u64 sev_supported_vmsa_features;
>  #else
>  #define sev_enabled false
>  #define sev_es_enabled false
>  #define sev_es_debug_swap_enabled false
> +#define sev_supported_vmsa_features 0

Ok, I've reached my breaking point.  Compiling sev.c for CONFIG_KVM_AMD_SEV=n is
getting untenable.  Splattering #ifdefs _inside_ SEV specific functions is weird
and confusing.

And unless dead code elimination isn't as effective as I think it is, we don't
even need any stuba  since sev_guest() and sev_es_guest() are __always_inline
specifically so that useless code can be elided.  Or if we want to avoid use of
IS_ENABLED(), we could add four stubs, which is still well worth it.

Note, I also have a separate series that I will post today (I hope) that gives
__svm_sev_es_vcpu_run() similar treatment (the 32-bit "support" in assembly is
all kinds of stupid).

Attached patches are compile-tested only, though I'll try to take them for a spin
on hardware later today.