From ff78e500844429ca1b0c2f8220e4fc263499b1ed Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Fri, 13 Sep 2019 14:45:40 +0100
Subject: [PATCH] x86/msr: Offer CPUID Faulting to PVH control domains

The control domain exclusion for CPUID Faulting predates dom0 PVH, but the
reason for the exclusion (to allow the domain builder to see host CPUID
values) isn't applicable.

The domain builder *is* broken in PVH control domains, and restricting the use
of CPUID Faulting doesn't make it any less broken.  Tweak the logic to only
exclude PV control domains.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Release-acked-by: Juergen Gross <jgross@suse.com>
---
 xen/arch/x86/cpu/common.c | 5 +++--
 xen/arch/x86/msr.c        | 4 ++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c
index 937d8e82a8..4bf852c948 100644
--- a/xen/arch/x86/cpu/common.c
+++ b/xen/arch/x86/cpu/common.c
@@ -169,7 +169,7 @@ void ctxt_switch_levelling(const struct vcpu *next)
 		if (nextd && is_idle_domain(nextd))
 			return;
 		/*
-		 * We *should* be enabling faulting for the control domain.
+		 * We *should* be enabling faulting for PV control domains.
 		 *
 		 * Unfortunately, the domain builder (having only ever been a
 		 * PV guest) expects to be able to see host cpuid state in a
@@ -184,7 +184,8 @@ void ctxt_switch_levelling(const struct vcpu *next)
 		 * generating the maximum full cpuid policy into Xen, at which
 		 * this problem will disappear.
 		 */
-		set_cpuid_faulting(nextd && !is_control_domain(nextd) &&
+		set_cpuid_faulting(nextd && (!is_control_domain(nextd) ||
+					     !is_pv_domain(nextd)) &&
 				   (is_pv_domain(nextd) ||
 				    next->arch.msrs->
 				    misc_features_enables.cpuid_faulting));
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index e65961fccb..a6c8cc7627 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arch/x86/msr.c
@@ -91,8 +91,8 @@ int init_domain_msr_policy(struct domain *d)
     if ( !mp )
         return -ENOMEM;
 
-    /* See comment in intel_ctxt_switch_levelling() */
-    if ( is_control_domain(d) )
+    /* See comment in ctxt_switch_levelling() */
+    if ( is_control_domain(d) && is_pv_domain(d) )
         mp->platform_info.cpuid_faulting = false;
 
     d->arch.msr = mp;
-- 
2.30.2