Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755566AbdCTO65 (ORCPT ); Mon, 20 Mar 2017 10:58:57 -0400 Received: from mx1.redhat.com ([209.132.183.28]:38136 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754788AbdCTO6o (ORCPT ); Mon, 20 Mar 2017 10:58:44 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 775F656FC Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=rkrcmar@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 775F656FC Date: Mon, 20 Mar 2017 15:58:09 +0100 From: Radim =?utf-8?B?S3LEjW3DocWZ?= To: Wanpeng Li Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Paolo Bonzini , Wanpeng Li Subject: Re: [PATCH] KVM: nVMX: Fix L2 guest crash when VPID is disabled on L0 Message-ID: <20170320145808.GA23433@potion> References: <1490012745-10122-1-git-send-email-wanpeng.li@hotmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1490012745-10122-1-git-send-email-wanpeng.li@hotmail.com> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Mon, 20 Mar 2017 14:58:14 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2421 Lines: 60 2017-03-20 05:25-0700, Wanpeng Li: > From: Wanpeng Li > > L2 guest crash during boot if VPID is enabled on L1 and disabled on L0. This > also can be catched by kvm-unit-tests/vmx.flat when VPID is disabled on L0. > > KVM: entry failed, hardware error 0x7 > EAX=00000000 EBX=00000000 ECX=00000000 EDX=000306c3 > ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000 > EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 > ES =0000 00000000 0000ffff 00009300 > CS =f000 ffff0000 0000ffff 00009b00 > SS =0000 00000000 0000ffff 00009300 > DS =0000 00000000 0000ffff 00009300 > FS =0000 00000000 0000ffff 00009300 > GS =0000 00000000 0000ffff 00009300 > LDT=0000 00000000 0000ffff 00008200 > TR =0000 00000000 0000ffff 00008b00 > GDT= 00000000 0000ffff > IDT= 00000000 0000ffff > CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000 > DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 > DR6=00000000ffff0ff0 DR7=0000000000000400 > EFER=0000000000000000 I couldn't reproduce the hardware error. Unit test just got #UD and exited, which seems to be because KVM doesn't add the exec controls in vmcs02. > The enable_vpid sysfs perm parameter miss the 0 prefix, so the enable_vpid > is failed to be disabled though vmcs_config bit is not set. This patch fixes > it by utilizing S_IRUGO which includes 0 prefix instead. > > Cc: Paolo Bonzini > Cc: Radim Krčmář > Signed-off-by: Wanpeng Li > --- > arch/x86/kvm/vmx.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 98e82ee..a7e4880 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -66,7 +66,7 @@ static const struct x86_cpu_id vmx_cpu_id[] = { > MODULE_DEVICE_TABLE(x86cpu, vmx_cpu_id); > > static bool __read_mostly enable_vpid = 1; > -module_param_named(vpid, enable_vpid, bool, 0444); > +module_param_named(vpid, enable_vpid, bool, S_IRUGO); Aren't "0444" and "(00400 | 00040 | 00004)" the same number? I'm not convinced this patch fixes anything and I think we have two options when approaching VPID: 1) hide and forbid VPIDs in L1 if they are disabled on L0 2) expose VPID hardware to L1 regardless of L0 settings We treat other features like (1), because it simplifies implementation, so I'd do the same for VPID ...