Received: by 2002:ac0:950c:0:0:0:0:0 with SMTP id f12csp3578603imc; Wed, 13 Mar 2019 23:51:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqz6pt7b2axXChT3I7TXFlwSDy/z9s59bVU3yALYYpNEdMfMABs9hgRQmWilAeyYYjguD86Z X-Received: by 2002:a17:902:aa47:: with SMTP id c7mr49888945plr.338.1552546270714; Wed, 13 Mar 2019 23:51:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552546270; cv=none; d=google.com; s=arc-20160816; b=AzFNebYZyxGsrBAAg5skK+D6uQylfuF0LktLVEYkrW2CFJmWMPh5pNQQGWIpSJGBNR 6VLpId3NnmgYsVAch20GHkOwWtNH7FceA7vvM/5AHSIK2yYLeeDo95xax+nFuCUvjqza WoYSLcLNfwvUhmdfd7rSUJt3XEZQsN3mPI5M551/7Q8DpdED7CCv0BU/qnX2w8NiXzmR rFZ9zHkCtx+LPtXZGWmNA9R+BNhqnDUbNTI7x43nYID5QudcCqvIoP5wksEOj5rIJVh1 RdrQaT2g94WyU6eCttwtoDBdtiVhL0VyNZwraf4PuMuJQC4shS7KvBqB25E1HDc0P9W6 CtGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:content-transfer-encoding:mime-version :message-id:date:subject:cc:from; bh=u2cheg9gJPIJXZcX8wnGv8eVqw5nO6U4vegUaX0Sj4E=; b=rnq/Z4MEzyRzEhfWp62+FAfckmVzwcE7xqveeFVY8kEi9gCZUhbdTCLVeCEse08WXd PbUyE1aycuWA125/eiOTA/hqowM8BXVMcvWmri8GttlNRK7FyRDaGXxNXz5iK/oMVW6O A/KDG/gOIR2G3HzyUAR6VQ1KJEvt0DabRU6o4PU65UW4Tn5CJY+HjHV8AzGFpm46Pftg GQZr4MJXXa2uSeT6ySSL7+ehpKcappbmnMvHSehF9ilnIvNbsxmkvEwGlksjWmeFlVGM cOQxf25k0bFBMm/gb0eOXiSWA01A9sF3Ru6GV8NW9COzFT6ohiZ51/280o44P5cqwM2B pagA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r14si12668083pls.306.2019.03.13.23.50.55; Wed, 13 Mar 2019 23:51:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726748AbfCNGuR (ORCPT + 99 others); Thu, 14 Mar 2019 02:50:17 -0400 Received: from mga12.intel.com ([192.55.52.136]:41975 "EHLO mga12.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726530AbfCNGuR (ORCPT ); Thu, 14 Mar 2019 02:50:17 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Mar 2019 23:50:13 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,477,1544515200"; d="scan'208";a="131528971" Received: from xy-skl-4s.sh.intel.com ([10.239.48.75]) by fmsmga008.fm.intel.com with ESMTP; 13 Mar 2019 23:50:11 -0700 From: Xiaoyao Li Cc: Xiaoyao Li , Kyle Huey , Chao Gao , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] kvm/x86/vmx: switch MSR_MISC_FEATURES_ENABLES between host and guest Date: Thu, 14 Mar 2019 14:38:58 +0800 Message-Id: <20190314063858.18292-1-xiaoyao.li@linux.intel.com> X-Mailer: git-send-email 2.19.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit To: unlisted-recipients:; (no To-header on input) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org CPUID Faulting is a feature about CPUID instruction. When CPUID Faulting is enabled, all execution of the CPUID instruction outside system-management mode (SMM) cause a general-protection (#GP) if the CPL > 0. About this feature, detailed information can be found at https://www.intel.com/content/dam/www/public/us/en/documents/application-notes/virtualization-technology-flexmigration-application-note.pdf There is an issue that current kvm doesn't switch the value of MSR_MISC_FEATURES_ENABLES between host and guest. If MSR_MISC_FEATURES_ENABLES exists on the hardware cpu, and host enables CPUID faulting (setting the bit 0 of MSR_MISC_FEATURES_ENABLES), it will impact the guest's behavior because cpuid faulting is enabled by host and passed to guest. From my tests, when host enables cpuid faulting, it causes guest boot failure when guest uses *modprobe* to load modules. Below is the error log: [ 1.233556] traps: modprobe[71] general protection fault ip:7f0077f6495c sp:7ffda148d808 error:0 in ld-2.17.so[7f0077f4d000+22000] [ 1.237780] traps: modprobe[73] general protection fault ip:7fad5aba095c sp:7ffd36067378 error:0 in ld-2.17.so[7fad5ab89000+22000] [ 1.241930] traps: modprobe[75] general protection fault ip:7f3edb89495c sp:7fffa1a81308 error:0 in ld-2.17.so[7f3edb87d000+22000] [ 1.245998] traps: modprobe[77] general protection fault ip:7f91d670895c sp:7ffc25fa7f38 error:0 in ld-2.17.so[7f91d66f1000+22000] [ 1.250016] traps: modprobe[79] general protection fault ip:7f0ddbbdc95c sp:7ffe9c34f8d8 error:0 in ld-2.17.so[7f0ddbbc5000+22000] *modprobe* calls CPUID instruction thus causing cpuid faulting in guest. At the end, because guest cannot *modprobe* modules, it boots failure. This patch switches MSR_MISC_FEATURES_ENABLES between host and guest when hardware has this MSR. This patch doesn't confict with the commit db2336a80489 ("KVM: x86: virtualize cpuid faulting"), which provides a software emulation of cpuid faulting for x86 arch. Below analysing how cpuid faulting will work after applying this patch: 1. If host cpu is AMD. It doesn't have MSR_MISC_FEATURES_ENABLES, so we can just use the software emulation of cpuid faulting. 2. If host cpu is Intel and it doesn't have MSR_MISC_FEATURES_ENABLES. The same as case 1, we can just use the software emulation of cpuid faulting. 3. If host cpu is Intel and it has MSR_MISC_FEATURES_ENABLES. With this patch, it will write guest's value into MSR_MISC_FEATURES_ENABLES when vm entry. If guest enables cpuid faulting and when guest calls CPUID instruction with CPL > 0, it will cause #GP exception in guest instead of VM exit because of CPUID, thus it doesn't go to the kvm emualtion path but ues the hardware feature. Also it's a benefit that we needn't use VM exit to inject #GP to emulate cpuid faulting feature. Intel SDM vol3.25.1.1 specifies the priority between cpuid faulting and CPUID instruction. Signed-off-by: Xiaoyao Li --- arch/x86/kvm/vmx/vmx.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 30a6bcd735ec..90707fae688e 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6321,6 +6321,23 @@ static void atomic_switch_perf_msrs(struct vcpu_vmx *vmx) msrs[i].host, false); } +static void atomic_switch_msr_misc_features_enables(struct kvm_vcpu *vcpu) +{ + u64 host_msr; + struct vcpu_vmx *vmx = to_vmx(vcpu); + + /* if MSR MISC_FEATURES_ENABLES doesn't exist on the hardware, do nothing*/ + if (rdmsrl_safe(MSR_MISC_FEATURES_ENABLES, &host_msr)) + return; + + if (host_msr == vcpu->arch.msr_misc_features_enables) + clear_atomic_switch_msr(vmx, MSR_MISC_FEATURES_ENABLES); + else + add_atomic_switch_msr(vmx, MSR_MISC_FEATURES_ENABLES, + vcpu->arch.msr_misc_features_enables, + host_msr, false); +} + static void vmx_arm_hv_timer(struct vcpu_vmx *vmx, u32 val) { vmcs_write32(VMX_PREEMPTION_TIMER_VALUE, val); @@ -6562,6 +6579,8 @@ static void vmx_vcpu_run(struct kvm_vcpu *vcpu) atomic_switch_perf_msrs(vmx); + atomic_switch_msr_misc_features_enables(vcpu); + vmx_update_hv_timer(vcpu); /* -- 2.19.1