Ack: [Precise SRU] KVM: nVMX: Fix content of MSR_IA32_VMX_ENTRY/EXIT_CTLS
Kamal Mostafa
kamal at canonical.com
Thu Mar 19 22:00:48 UTC 2015
Straight cherry-pick; We carry it since Trusty; Looks fine to me.
-Kamal
On Thu, 2015-03-19 at 22:50 +0100, Stefan Bader wrote:
> When starting a Linux guest which runs kernel version greater than
> 3.15 on a Linux host running a kernel before 3.10, the guest will
> fail to load the kvm-intel module and by that prevent the guest from
> using kvm acceleration for a 2nd level guest.
> The reason for the module load failure is a change in 3.15
> (KVM: vmx: Allow the guest to run with dirty debug registers) which
> requires an additional feature bit to be present. It turned out that
> this bit would be present since 3.10 when the below patch was added.
>
> The upstream maintainer will be NACKing any patch involving nested
> VMX as he does not think he could sufficiently review backports
> into such old kernels[1].
>
> To me the change looks reasonably safe as a buxfix. And I was able
> to start a Utopic guest on a Precise host which was failing to load
> kvm-intel before the patch and successfully did so after.
>
> Ben, I cc'ed you again here to keep you in the loop. I won't try
> stable for above reasons.
>
> -Stefan
>
> [1] https://lkml.org/lkml/2015/3/19/743
>
> From 8e0eed89514ff5bfc9f251be0cef4852623c42d4 Mon Sep 17 00:00:00 2001
> From: Jan Kiszka <jan.kiszka at siemens.com>
> Date: Wed, 6 Mar 2013 15:44:03 +0100
> Subject: [PATCH] KVM: nVMX: Fix content of MSR_IA32_VMX_ENTRY/EXIT_CTLS
>
> Properly set those bits to 1 that the spec demands in case bit 55 of
> VMX_BASIC is 0 - like in our case.
>
> Reviewed-by: Paolo Bonzini <pbonzini at redhat.com>
> Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
> Signed-off-by: Marcelo Tosatti <mtosatti at redhat.com>
>
> BugLink: http://bugs.launchpad.net/bugs/1431473
>
> (cherry-picked from commit 33fb20c39e98b90813b5ab2d9a0d6faa6300caca)
> Signed-off-by: Stefan Bader <stefan.bader at canonical.com>
> ---
> arch/x86/include/asm/vmx.h | 4 ++++
> arch/x86/kvm/vmx.c | 13 ++++++++++---
> 2 files changed, 14 insertions(+), 3 deletions(-)
>
> diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
> index 36cbe2a..d8db4af 100644
> --- a/arch/x86/include/asm/vmx.h
> +++ b/arch/x86/include/asm/vmx.h
> @@ -76,6 +76,8 @@
> #define VM_EXIT_LOAD_IA32_EFER 0x00200000
> #define VM_EXIT_SAVE_VMX_PREEMPTION_TIMER 0x00400000
>
> +#define VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR 0x00036dff
> +
> #define VM_ENTRY_LOAD_DEBUG_CONTROLS 0x00000002
> #define VM_ENTRY_IA32E_MODE 0x00000200
> #define VM_ENTRY_SMM 0x00000400
> @@ -84,6 +86,8 @@
> #define VM_ENTRY_LOAD_IA32_PAT 0x00004000
> #define VM_ENTRY_LOAD_IA32_EFER 0x00008000
>
> +#define VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR 0x000011ff
> +
> /* VMCS Encodings */
> enum vmcs_field {
> VIRTUAL_PROCESSOR_ID = 0x00000000,
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index d75b098..50ab23e 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -1928,21 +1928,28 @@ static __init void nested_vmx_setup_ctls_msrs(void)
> PIN_BASED_EXT_INTR_MASK | PIN_BASED_NMI_EXITING |
> PIN_BASED_VIRTUAL_NMIS;
>
> - /* exit controls */
> - nested_vmx_exit_ctls_low = 0;
> + /*
> + * Exit controls
> + * If bit 55 of VMX_BASIC is off, bits 0-8 and 10, 11, 13, 14, 16 and
> + * 17 must be 1.
> + */
> + nested_vmx_exit_ctls_low = VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR;
> /* Note that guest use of VM_EXIT_ACK_INTR_ON_EXIT is not supported. */
> #ifdef CONFIG_X86_64
> nested_vmx_exit_ctls_high = VM_EXIT_HOST_ADDR_SPACE_SIZE;
> #else
> nested_vmx_exit_ctls_high = 0;
> #endif
> + nested_vmx_exit_ctls_high |= VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR;
>
> /* entry controls */
> rdmsr(MSR_IA32_VMX_ENTRY_CTLS,
> nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high);
> - nested_vmx_entry_ctls_low = 0;
> + /* If bit 55 of VMX_BASIC is off, bits 0-8 and 12 must be 1. */
> + nested_vmx_entry_ctls_low = VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR;
> nested_vmx_entry_ctls_high &=
> VM_ENTRY_LOAD_IA32_PAT | VM_ENTRY_IA32E_MODE;
> + nested_vmx_entry_ctls_high |= VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR;
>
> /* cpu-based controls */
> rdmsr(MSR_IA32_VMX_PROCBASED_CTLS,
> --
> 1.9.1
>
>
More information about the kernel-team
mailing list