KVM: x86/mmu: Set CR4.PKE/LA57 in MMU role iff long mode is active

Don't set cr4_pke or cr4_la57 in the MMU role if long mode isn't active,
which is required for protection keys and 5-level paging to be fully
enabled.  Ignoring the bit avoids unnecessary reconfiguration on reuse,
and also means consumers of mmu_role don't need to manually check for
long mode.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20210622175739.3610207-28-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index b109ea1..eb80d8a 100644 (file)
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -4574,8 +4574,10 @@ static union kvm_mmu_extended_role kvm_calc_mmu_role_ext(struct kvm_vcpu *vcpu,
                ext.cr4_smep = ____is_cr4_smep(regs);
                ext.cr4_smap = ____is_cr4_smap(regs);
                ext.cr4_pse = ____is_cr4_pse(regs);
-               ext.cr4_pke = ____is_cr4_pke(regs);
-               ext.cr4_la57 = ____is_cr4_la57(regs);
+
+               /* PKEY and LA57 are active iff long mode is active. */
+               ext.cr4_pke = ____is_efer_lma(regs) && ____is_cr4_pke(regs);
+               ext.cr4_la57 = ____is_efer_lma(regs) && ____is_cr4_la57(regs);
        }
 
        ext.valid = 1;