ACK: [Precise SRU] KVM: nVMX: Fix content of MSR_IA32_VMX_ENTRY/EXIT_CTLS

Chris J Arges chris.j.arges at canonical.com
Fri Mar 20 13:25:25 UTC 2015 

Acked-by: Chris J Arges <chris.j.arges at canonical.com>

Clean cherry-pick and fixes the problem.

My main concern was highlighted here regarding adding additional bits to
the MSR and their effect on operation.
http://www.spinics.net/lists/kvm/msg87216.html

Reading through the spec it seems like the patch does follow the bits in
appendix G.1, G.2.

So I still ACK this patch as an SRU.

--chris j arges

On 03/19/2015 04:50 PM, Stefan Bader wrote:
> When starting a Linux guest which runs kernel version greater than
> 3.15 on a Linux host running a kernel before 3.10, the guest will
> fail to load the kvm-intel module and by that prevent the guest from
> using kvm acceleration for a 2nd level guest.
> The reason for the module load failure is a change in 3.15
> (KVM: vmx: Allow the guest to run with dirty debug registers) which
> requires an additional feature bit to be present. It turned out that
> this bit would be present since 3.10 when the below patch was added.
> 
> The upstream maintainer will be NACKing any patch involving nested
> VMX as he does not think he could sufficiently review backports
> into such old kernels[1].
> 
> To me the change looks reasonably safe as a buxfix. And I was able
> to start a Utopic guest on a Precise host which was failing to load
> kvm-intel before the patch and successfully did so after.
> 
> Ben, I cc'ed you again here to keep you in the loop. I won't try
> stable for above reasons.
> 
> -Stefan
> 
> [1] https://lkml.org/lkml/2015/3/19/743
> 
> From 8e0eed89514ff5bfc9f251be0cef4852623c42d4 Mon Sep 17 00:00:00 2001
> From: Jan Kiszka <jan.kiszka at siemens.com>
> Date: Wed, 6 Mar 2013 15:44:03 +0100
> Subject: [PATCH] KVM: nVMX: Fix content of MSR_IA32_VMX_ENTRY/EXIT_CTLS
> 
> Properly set those bits to 1 that the spec demands in case bit 55 of
> VMX_BASIC is 0 - like in our case.
> 
> Reviewed-by: Paolo Bonzini <pbonzini at redhat.com>
> Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
> Signed-off-by: Marcelo Tosatti <mtosatti at redhat.com>
> 
> BugLink: http://bugs.launchpad.net/bugs/1431473
> 
> (cherry-picked from commit 33fb20c39e98b90813b5ab2d9a0d6faa6300caca)
> Signed-off-by: Stefan Bader <stefan.bader at canonical.com>
> ---
>  arch/x86/include/asm/vmx.h |  4 ++++
>  arch/x86/kvm/vmx.c         | 13 ++++++++++---
>  2 files changed, 14 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
> index 36cbe2a..d8db4af 100644
> --- a/arch/x86/include/asm/vmx.h
> +++ b/arch/x86/include/asm/vmx.h
> @@ -76,6 +76,8 @@
>  #define VM_EXIT_LOAD_IA32_EFER                  0x00200000
>  #define VM_EXIT_SAVE_VMX_PREEMPTION_TIMER       0x00400000
>  
> +#define VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR	0x00036dff
> +
>  #define VM_ENTRY_LOAD_DEBUG_CONTROLS            0x00000002
>  #define VM_ENTRY_IA32E_MODE                     0x00000200
>  #define VM_ENTRY_SMM                            0x00000400
> @@ -84,6 +86,8 @@
>  #define VM_ENTRY_LOAD_IA32_PAT			0x00004000
>  #define VM_ENTRY_LOAD_IA32_EFER                 0x00008000
>  
> +#define VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR	0x000011ff
> +
>  /* VMCS Encodings */
>  enum vmcs_field {
>  	VIRTUAL_PROCESSOR_ID            = 0x00000000,
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index d75b098..50ab23e 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -1928,21 +1928,28 @@ static __init void nested_vmx_setup_ctls_msrs(void)
>  		PIN_BASED_EXT_INTR_MASK | PIN_BASED_NMI_EXITING |
>  		PIN_BASED_VIRTUAL_NMIS;
>  
> -	/* exit controls */
> -	nested_vmx_exit_ctls_low = 0;
> +	/*
> +	 * Exit controls
> +	 * If bit 55 of VMX_BASIC is off, bits 0-8 and 10, 11, 13, 14, 16 and
> +	 * 17 must be 1.
> +	 */
> +	nested_vmx_exit_ctls_low = VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR;
>  	/* Note that guest use of VM_EXIT_ACK_INTR_ON_EXIT is not supported. */
>  #ifdef CONFIG_X86_64
>  	nested_vmx_exit_ctls_high = VM_EXIT_HOST_ADDR_SPACE_SIZE;
>  #else
>  	nested_vmx_exit_ctls_high = 0;
>  #endif
> +	nested_vmx_exit_ctls_high |= VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR;
>  
>  	/* entry controls */
>  	rdmsr(MSR_IA32_VMX_ENTRY_CTLS,
>  		nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high);
> -	nested_vmx_entry_ctls_low = 0;
> +	/* If bit 55 of VMX_BASIC is off, bits 0-8 and 12 must be 1. */
> +	nested_vmx_entry_ctls_low = VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR;
>  	nested_vmx_entry_ctls_high &=
>  		VM_ENTRY_LOAD_IA32_PAT | VM_ENTRY_IA32E_MODE;
> +	nested_vmx_entry_ctls_high |= VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR;
>  
>  	/* cpu-based controls */
>  	rdmsr(MSR_IA32_VMX_PROCBASED_CTLS,
>

More information about the kernel-team mailing list