[Precise SRU] KVM: nVMX: Fix content of MSR_IA32_VMX_ENTRY/EXIT_CTLS
Stefan Bader
stefan.bader at canonical.com
Thu Mar 19 21:50:34 UTC 2015
When starting a Linux guest which runs kernel version greater than
3.15 on a Linux host running a kernel before 3.10, the guest will
fail to load the kvm-intel module and by that prevent the guest from
using kvm acceleration for a 2nd level guest.
The reason for the module load failure is a change in 3.15
(KVM: vmx: Allow the guest to run with dirty debug registers) which
requires an additional feature bit to be present. It turned out that
this bit would be present since 3.10 when the below patch was added.
The upstream maintainer will be NACKing any patch involving nested
VMX as he does not think he could sufficiently review backports
into such old kernels[1].
To me the change looks reasonably safe as a buxfix. And I was able
to start a Utopic guest on a Precise host which was failing to load
kvm-intel before the patch and successfully did so after.
Ben, I cc'ed you again here to keep you in the loop. I won't try
stable for above reasons.
-Stefan
[1] https://lkml.org/lkml/2015/3/19/743
>From 8e0eed89514ff5bfc9f251be0cef4852623c42d4 Mon Sep 17 00:00:00 2001
From: Jan Kiszka <jan.kiszka at siemens.com>
Date: Wed, 6 Mar 2013 15:44:03 +0100
Subject: [PATCH] KVM: nVMX: Fix content of MSR_IA32_VMX_ENTRY/EXIT_CTLS
Properly set those bits to 1 that the spec demands in case bit 55 of
VMX_BASIC is 0 - like in our case.
Reviewed-by: Paolo Bonzini <pbonzini at redhat.com>
Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti at redhat.com>
BugLink: http://bugs.launchpad.net/bugs/1431473
(cherry-picked from commit 33fb20c39e98b90813b5ab2d9a0d6faa6300caca)
Signed-off-by: Stefan Bader <stefan.bader at canonical.com>
---
arch/x86/include/asm/vmx.h | 4 ++++
arch/x86/kvm/vmx.c | 13 ++++++++++---
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
index 36cbe2a..d8db4af 100644
--- a/arch/x86/include/asm/vmx.h
+++ b/arch/x86/include/asm/vmx.h
@@ -76,6 +76,8 @@
#define VM_EXIT_LOAD_IA32_EFER 0x00200000
#define VM_EXIT_SAVE_VMX_PREEMPTION_TIMER 0x00400000
+#define VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR 0x00036dff
+
#define VM_ENTRY_LOAD_DEBUG_CONTROLS 0x00000002
#define VM_ENTRY_IA32E_MODE 0x00000200
#define VM_ENTRY_SMM 0x00000400
@@ -84,6 +86,8 @@
#define VM_ENTRY_LOAD_IA32_PAT 0x00004000
#define VM_ENTRY_LOAD_IA32_EFER 0x00008000
+#define VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR 0x000011ff
+
/* VMCS Encodings */
enum vmcs_field {
VIRTUAL_PROCESSOR_ID = 0x00000000,
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index d75b098..50ab23e 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1928,21 +1928,28 @@ static __init void nested_vmx_setup_ctls_msrs(void)
PIN_BASED_EXT_INTR_MASK | PIN_BASED_NMI_EXITING |
PIN_BASED_VIRTUAL_NMIS;
- /* exit controls */
- nested_vmx_exit_ctls_low = 0;
+ /*
+ * Exit controls
+ * If bit 55 of VMX_BASIC is off, bits 0-8 and 10, 11, 13, 14, 16 and
+ * 17 must be 1.
+ */
+ nested_vmx_exit_ctls_low = VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR;
/* Note that guest use of VM_EXIT_ACK_INTR_ON_EXIT is not supported. */
#ifdef CONFIG_X86_64
nested_vmx_exit_ctls_high = VM_EXIT_HOST_ADDR_SPACE_SIZE;
#else
nested_vmx_exit_ctls_high = 0;
#endif
+ nested_vmx_exit_ctls_high |= VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR;
/* entry controls */
rdmsr(MSR_IA32_VMX_ENTRY_CTLS,
nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high);
- nested_vmx_entry_ctls_low = 0;
+ /* If bit 55 of VMX_BASIC is off, bits 0-8 and 12 must be 1. */
+ nested_vmx_entry_ctls_low = VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR;
nested_vmx_entry_ctls_high &=
VM_ENTRY_LOAD_IA32_PAT | VM_ENTRY_IA32E_MODE;
+ nested_vmx_entry_ctls_high |= VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR;
/* cpu-based controls */
rdmsr(MSR_IA32_VMX_PROCBASED_CTLS,
--
1.9.1
More information about the kernel-team
mailing list