Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull kvm fixes from Paolo Bonzini:
 "ARM:

   - Large set of fixes for vector handling, especially in the
     interactions between host and guest state.

     This fixes a number of bugs affecting actual deployments, and
     greatly simplifies the FP/SIMD/SVE handling. Thanks to Mark Rutland
     for dealing with this thankless task.

   - Fix an ugly race between vcpu and vgic creation/init, resulting in
     unexpected behaviours

   - Fix use of kernel VAs at EL2 when emulating timers with nVHE

   - Small set of pKVM improvements and cleanups

  x86:

   - Fix broken SNP support with KVM module built-in, ensuring the PSP
     module is initialized before KVM even when the module
     infrastructure cannot be used to order initcalls

   - Reject Hyper-V SEND_IPI hypercalls if the local APIC isn't being
     emulated by KVM to fix a NULL pointer dereference

   - Enter guest mode (L2) from KVM's perspective before initializing
     the vCPU's nested NPT MMU so that the MMU is properly tagged for
     L2, not L1

   - Load the guest's DR6 outside of the innermost .vcpu_run() loop, as
     the guest's value may be stale if a VM-Exit is handled in the
     fastpath"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (25 commits)
  x86/sev: Fix broken SNP support with KVM module built-in
  KVM: SVM: Ensure PSP module is initialized if KVM module is built-in
  crypto: ccp: Add external API interface for PSP module initialization
  KVM: arm64: vgic: Hoist SGI/PPI alloc from vgic_init() to kvm_create_vgic()
  KVM: arm64: timer: Drop warning on failed interrupt signalling
  KVM: arm64: Fix alignment of kvm_hyp_memcache allocations
  KVM: arm64: Convert timer offset VA when accessed in HYP code
  KVM: arm64: Simplify warning in kvm_arch_vcpu_load_fp()
  KVM: arm64: Eagerly switch ZCR_EL{1,2}
  KVM: arm64: Mark some header functions as inline
  KVM: arm64: Refactor exit handlers
  KVM: arm64: Refactor CPTR trap deactivation
  KVM: arm64: Remove VHE host restore of CPACR_EL1.SMEN
  KVM: arm64: Remove VHE host restore of CPACR_EL1.ZEN
  KVM: arm64: Remove host FPSIMD saving for non-protected KVM
  KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state
  KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop
  KVM: nSVM: Enter guest mode before initializing nested NPT MMU
  KVM: selftests: Add CPUID tests for Hyper-V features that need in-kernel APIC
  KVM: selftests: Manage CPUID array in Hyper-V CPUID test's core helper
  ...

diff --combined drivers/iommu/amd/init.c
index 438848b0682fe9fdd5acb3d6f9f4076ee16c2067,2fecfed75e5437a86dd546670a89dd3f4644365d..cb536d372b12ef26c609b5b20d0cb8145f10f932
--- 1/drivers/iommu/amd/init.c
--- 2/drivers/iommu/amd/init.c
+++ b/drivers/iommu/amd/init.c
@@@ -2653,10 -2653,6 +2653,10 @@@ static void iommu_init_flags(struct amd
  
        /* Set IOTLB invalidation timeout to 1s */
        iommu_set_inv_tlb_timeout(iommu, CTRL_INV_TO_1S);
 +
 +      /* Enable Enhanced Peripheral Page Request Handling */
 +      if (check_feature(FEATURE_EPHSUP))
 +              iommu_feature_enable(iommu, CONTROL_EPH_EN);
  }
  
  static void iommu_apply_resume_quirks(struct amd_iommu *iommu)
@@@ -3198,7 -3194,7 +3198,7 @@@ out
        return true;
  }
  
- static void iommu_snp_enable(void)
+ static __init void iommu_snp_enable(void)
  {
  #ifdef CONFIG_KVM_AMD_SEV
        if (!cc_platform_has(CC_ATTR_HOST_SEV_SNP))
@@@ -3223,6 -3219,14 +3223,14 @@@
                goto disable_snp;
        }
  
+       /*
+        * Enable host SNP support once SNP support is checked on IOMMU.
+        */
+       if (snp_rmptable_init()) {
+               pr_warn("SNP: RMP initialization failed, SNP cannot be supported.\n");
+               goto disable_snp;
+       }
+ 
        pr_info("IOMMU SNP support enabled.\n");
        return;
  
@@@ -3322,6 -3326,19 +3330,19 @@@ static int __init iommu_go_to_state(enu
                ret = state_next();
        }
  
+       /*
+        * SNP platform initilazation requires IOMMUs to be fully configured.
+        * If the SNP support on IOMMUs has NOT been checked, simply mark SNP
+        * as unsupported. If the SNP support on IOMMUs has been checked and
+        * host SNP support enabled but RMP enforcement has not been enabled
+        * in IOMMUs, then the system is in a half-baked state, but can limp
+        * along as all memory should be Hypervisor-Owned in the RMP. WARN,
+        * but leave SNP as "supported" to avoid confusing the kernel.
+        */
+       if (ret && cc_platform_has(CC_ATTR_HOST_SEV_SNP) &&
+           !WARN_ON_ONCE(amd_iommu_snp_en))
+               cc_platform_clear(CC_ATTR_HOST_SEV_SNP);
+ 
        return ret;
  }
  
@@@ -3430,18 -3447,23 +3451,23 @@@ void __init amd_iommu_detect(void
        int ret;
  
        if (no_iommu || (iommu_detected && !gart_iommu_aperture))
-               return;
+               goto disable_snp;
  
        if (!amd_iommu_sme_check())
-               return;
+               goto disable_snp;
  
        ret = iommu_go_to_state(IOMMU_IVRS_DETECTED);
        if (ret)
-               return;
+               goto disable_snp;
  
        amd_iommu_detected = true;
        iommu_detected = 1;
        x86_init.iommu.iommu_init = amd_iommu_init;
+       return;
+ 
+ disable_snp:
+       if (cc_platform_has(CC_ATTR_HOST_SEV_SNP))
+               cc_platform_clear(CC_ATTR_HOST_SEV_SNP);
  }
  
  /****************************************************************************