[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 11/15] target/i386: do not set unsupported VMX secondary execution
|
From: |
Paolo Bonzini |
|
Subject: |
[PULL 11/15] target/i386: do not set unsupported VMX secondary execution controls |
|
Date: |
Thu, 2 Apr 2020 15:06:36 -0400 |
From: Vitaly Kuznetsov <address@hidden>
Commit 048c95163b4 ("target/i386: work around KVM_GET_MSRS bug for
secondary execution controls") added a workaround for KVM pre-dating
commit 6defc591846d ("KVM: nVMX: include conditional controls in /dev/kvm
KVM_GET_MSRS") which wasn't setting certain available controls. The
workaround uses generic CPUID feature bits to set missing VMX controls.
It was found that in some cases it is possible to observe hosts which
have certain CPUID features but lack the corresponding VMX control.
In particular, it was reported that Azure VMs have RDSEED but lack
VMX_SECONDARY_EXEC_RDSEED_EXITING; attempts to enable this feature
bit result in QEMU abort.
Resolve the issue but not applying the workaround when we don't have
to. As there is no good way to find out if KVM has the fix itself, use
95c5c7c77c ("KVM: nVMX: list VMX MSRs in KVM_GET_MSR_INDEX_LIST") instead
as these [are supposed to] come together.
Fixes: 048c95163b4 ("target/i386: work around KVM_GET_MSRS bug for secondary
execution controls")
Suggested-by: Paolo Bonzini <address@hidden>
Signed-off-by: Vitaly Kuznetsov <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
---
target/i386/kvm.c | 41 ++++++++++++++++++++++++++---------------
1 file changed, 26 insertions(+), 15 deletions(-)
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index 69eb43d796..4901c6dd74 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -106,6 +106,7 @@ static bool has_msr_arch_capabs;
static bool has_msr_core_capabs;
static bool has_msr_vmx_vmfunc;
static bool has_msr_ucode_rev;
+static bool has_msr_vmx_procbased_ctls2;
static uint32_t has_architectural_pmu_version;
static uint32_t num_architectural_pmu_gp_counters;
@@ -490,21 +491,28 @@ uint64_t kvm_arch_get_supported_msr_feature(KVMState *s,
uint32_t index)
value = msr_data.entries[0].data;
switch (index) {
case MSR_IA32_VMX_PROCBASED_CTLS2:
- /* KVM forgot to add these bits for some time, do this ourselves. */
- if (kvm_arch_get_supported_cpuid(s, 0xD, 1, R_ECX) &
CPUID_XSAVE_XSAVES) {
- value |= (uint64_t)VMX_SECONDARY_EXEC_XSAVES << 32;
- }
- if (kvm_arch_get_supported_cpuid(s, 1, 0, R_ECX) & CPUID_EXT_RDRAND) {
- value |= (uint64_t)VMX_SECONDARY_EXEC_RDRAND_EXITING << 32;
- }
- if (kvm_arch_get_supported_cpuid(s, 7, 0, R_EBX) &
CPUID_7_0_EBX_INVPCID) {
- value |= (uint64_t)VMX_SECONDARY_EXEC_ENABLE_INVPCID << 32;
- }
- if (kvm_arch_get_supported_cpuid(s, 7, 0, R_EBX) &
CPUID_7_0_EBX_RDSEED) {
- value |= (uint64_t)VMX_SECONDARY_EXEC_RDSEED_EXITING << 32;
- }
- if (kvm_arch_get_supported_cpuid(s, 0x80000001, 0, R_EDX) &
CPUID_EXT2_RDTSCP) {
- value |= (uint64_t)VMX_SECONDARY_EXEC_RDTSCP << 32;
+ if (!has_msr_vmx_procbased_ctls2) {
+ /* KVM forgot to add these bits for some time, do this ourselves.
*/
+ if (kvm_arch_get_supported_cpuid(s, 0xD, 1, R_ECX) &
+ CPUID_XSAVE_XSAVES) {
+ value |= (uint64_t)VMX_SECONDARY_EXEC_XSAVES << 32;
+ }
+ if (kvm_arch_get_supported_cpuid(s, 1, 0, R_ECX) &
+ CPUID_EXT_RDRAND) {
+ value |= (uint64_t)VMX_SECONDARY_EXEC_RDRAND_EXITING << 32;
+ }
+ if (kvm_arch_get_supported_cpuid(s, 7, 0, R_EBX) &
+ CPUID_7_0_EBX_INVPCID) {
+ value |= (uint64_t)VMX_SECONDARY_EXEC_ENABLE_INVPCID << 32;
+ }
+ if (kvm_arch_get_supported_cpuid(s, 7, 0, R_EBX) &
+ CPUID_7_0_EBX_RDSEED) {
+ value |= (uint64_t)VMX_SECONDARY_EXEC_RDSEED_EXITING << 32;
+ }
+ if (kvm_arch_get_supported_cpuid(s, 0x80000001, 0, R_EDX) &
+ CPUID_EXT2_RDTSCP) {
+ value |= (uint64_t)VMX_SECONDARY_EXEC_RDTSCP << 32;
+ }
}
/* fall through */
case MSR_IA32_VMX_TRUE_PINBASED_CTLS:
@@ -2060,6 +2068,9 @@ static int kvm_get_supported_msrs(KVMState *s)
case MSR_IA32_UCODE_REV:
has_msr_ucode_rev = true;
break;
+ case MSR_IA32_VMX_PROCBASED_CTLS2:
+ has_msr_vmx_procbased_ctls2 = true;
+ break;
}
}
}
--
2.18.2
- [PULL 00/15] Misc patches for 5.0-rc2, Paolo Bonzini, 2020/04/02
- [PULL 02/15] hw/isa/superio: Correct the license text, Paolo Bonzini, 2020/04/02
- [PULL 01/15] hw/scsi/vmw_pvscsi: Remove assertion for kick after reset, Paolo Bonzini, 2020/04/02
- [PULL 03/15] virtio-iommu: depend on PCI, Paolo Bonzini, 2020/04/02
- [PULL 04/15] softmmu: fix crash with invalid -M memory-backend=, Paolo Bonzini, 2020/04/02
- [PULL 06/15] util/bufferiszero: assign length_to_accel value for each accelerator case, Paolo Bonzini, 2020/04/02
- [PULL 07/15] util/bufferiszero: improve avx2 accelerator, Paolo Bonzini, 2020/04/02
- [PULL 08/15] vl: fix broken IPA range for ARM -M virt with KVM enabled, Paolo Bonzini, 2020/04/02
- [PULL 11/15] target/i386: do not set unsupported VMX secondary execution controls,
Paolo Bonzini <=
- [PULL 12/15] migration: fix cleanup_bh leak on resume, Paolo Bonzini, 2020/04/02
- [PULL 09/15] i386: hvf: Reset IRQ inhibition after moving RIP, Paolo Bonzini, 2020/04/02
- [PULL 14/15] object-add: don't create return value if failed, Paolo Bonzini, 2020/04/02
- [PULL 05/15] MAINTAINERS: Add an entry for the HVF accelerator, Paolo Bonzini, 2020/04/02
- [PULL 13/15] qmp: fix leak on callbacks that return both value and error, Paolo Bonzini, 2020/04/02
- [PULL 10/15] serial: Fix double migration data, Paolo Bonzini, 2020/04/02
- [PULL 15/15] xen: fixup RAM memory region initialization, Paolo Bonzini, 2020/04/02
- Re: [PULL 00/15] Misc patches for 5.0-rc2, no-reply, 2020/04/02
- Re: [PULL 00/15] Misc patches for 5.0-rc2, no-reply, 2020/04/02
- Re: [PULL 00/15] Misc patches for 5.0-rc2, no-reply, 2020/04/02