Linux starting with 2.6.36 uses the XSAVEOPT instruction and has
certain code paths that look only at the feature bit reported through
CPUID leaf 0xd sub-leaf 1 (i.e. without qualifying the check with one
evaluating leaf 4 output). Consequently the hypervisor ought to mimic
actual hardware in clearing leaf 0xd output when not supporting xsave.

(Note that this is only a minimal fix. It may be necessary, e.g. for
LWP, to also adjust sub-leaf 0's bit masks and perhaps zap output of
sub-leaves > 1 when the respective bit in sub-leaf 0 is getting
cleared.)

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>

--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -836,6 +836,10 @@ static void pv_cpuid(struct cpu_user_reg
         __clear_bit(X86_FEATURE_NODEID_MSR % 32, &c);
         __clear_bit(X86_FEATURE_TOPOEXT % 32, &c);
         break;
+    case 0xd: /* XSAVE */
+        if ( xsave_enabled(current) )
+            break;
+        /* fall through */
     case 5: /* MONITOR/MWAIT */
     case 0xa: /* Architectural Performance Monitor Features */
     case 0x8000000a: /* SVM revision and features */