Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2406139rdb; Thu, 21 Sep 2023 19:02:54 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG4ifCz8343b1KystGTB+wedsYPxI3a7QEC4T997zlcOPZ7Emj5z+KUHmAD7wnPzRJ41SPc X-Received: by 2002:a05:6a00:1508:b0:690:b7a1:ac51 with SMTP id q8-20020a056a00150800b00690b7a1ac51mr7166577pfu.31.1695348174294; Thu, 21 Sep 2023 19:02:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695348174; cv=none; d=google.com; s=arc-20160816; b=gO9kHyzlE6QmDvFheam/eBuaBpf3KPFh+DqyLCUWqVjGAmzbz/+0CfXDU/ekVTgc5+ 10O1Ob49C0QpWkdDE4gVR0/ieoRnP6vmFNDd7cLl/9fIGoqsMx4tIMPRZrN7twKNPYH9 MuUTa5IQ93P1tQkTei5VpX11omKyxg30X7xoJ3OTaoATf8KqaJcGyVNztCBY8KKnBefs R1zB5ZwmzatvUPpQwfKTbdj+GPfaWtLs9dsDaY76t8U1O/0kXJANYhvH5J3ne+1aEJb7 ppT4gmsZb1GQBokhJfEKQJ44lMJySnYDYvYUUULzQ93N9bCdpr3ZSAcgktAxxLu2ZJz4 iKug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=yGSo9sDHzd5CMzk7FyS0r4V/a8qi3JNE5pWHwlm8AKM=; fh=g0hFlNQE0aODE+wnsVuDIHu0fFY+h09vQ9AYuw/MD1E=; b=tnrL9Y4scXiMVjvT7nxAYo0phMvJ8KO/RRR6ce04e7SaERRHTWZSLhxTVU6EmT+MgJ o14Kda8vgN5nwofRniPBdO34GWSe9bkT+yAIsIo7+Phhl7m5xKglZDfp7HY+/KZrD4Bn 8FA/vQfzyWrqhK/H7gAcwmKgfNnuIsima+Vpc3Ag06yQhndHnfiFXuJok82HgCQI1DFD +sNfC0HT8hLkbZ0/ZYp7wySN1VHGqncm62R9Bntg3Z53L+LBvKaXSx2BiLlXK+bhRbK0 /nTdfMl7D5GjE3x5a8uzXDhi2TaCva9uqqvK0RCC+gb1czIiqNa/I2sRu+yyng/KVkBT IzCA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=bg++GvSt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id q65-20020a632a44000000b005776089b39dsi2765586pgq.317.2023.09.21.19.02.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Sep 2023 19:02:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=bg++GvSt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 47362837D966; Thu, 21 Sep 2023 15:27:29 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229702AbjIUW1W (ORCPT + 99 others); Thu, 21 Sep 2023 18:27:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35864 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231916AbjIUW1D (ORCPT ); Thu, 21 Sep 2023 18:27:03 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BD4B47693 for ; Thu, 21 Sep 2023 10:10:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695316212; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=yGSo9sDHzd5CMzk7FyS0r4V/a8qi3JNE5pWHwlm8AKM=; b=bg++GvStkcGp8lgGKkzXYvr95lWqHAICUfhgDKwFK/NIlt2dNckuUXJiL0xEXf7ih6ouVQ Y8DS8T4AQ/5qBJI/caLgl4X/oYiiFnKJLCtzmx0ht4mN7AayclIalUfSR9urYb/UGk/f57 HpHukbvM0Set5vu+jtqKR24DuwK+ZWc= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-609-wgFi1pJ3PXe1NIs5rJji4g-1; Thu, 21 Sep 2023 07:49:41 -0400 X-MC-Unique: wgFi1pJ3PXe1NIs5rJji4g-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4F68A381170A; Thu, 21 Sep 2023 11:49:41 +0000 (UTC) Received: from virtlab701.virt.lab.eng.bos.redhat.com (virtlab701.virt.lab.eng.bos.redhat.com [10.19.152.228]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1238420268DB; Thu, 21 Sep 2023 11:49:41 +0000 (UTC) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: bp@alien8.de Subject: [PATCH] x86/cpu: clear SVM feature if disabled by BIOS Date: Thu, 21 Sep 2023 07:49:40 -0400 Message-Id: <20230921114940.957141-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Spam-Status: No, score=2.7 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Thu, 21 Sep 2023 15:27:29 -0700 (PDT) When SVM is disabled by BIOS, one cannot use KVM but the svm feature is still shown in the output of /proc/cpuinfo. On Intel machines, VMX is cleared by init_ia32_feat_ctl(), so do the same on AMD and Hygon processors. Signed-off-by: Paolo Bonzini --- arch/x86/include/asm/msr-index.h | 6 +++++- arch/x86/include/asm/svm.h | 6 ------ arch/x86/kernel/cpu/amd.c | 10 ++++++++++ arch/x86/kernel/cpu/hygon.c | 10 ++++++++++ arch/x86/kvm/svm/svm.c | 8 -------- 5 files changed, 25 insertions(+), 15 deletions(-) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index 1d111350197f..6a6b0f763f67 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -1112,12 +1112,16 @@ #define MSR_IA32_VMX_MISC_INTEL_PT (1ULL << 14) #define MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS (1ULL << 29) #define MSR_IA32_VMX_MISC_PREEMPTION_TIMER_SCALE 0x1F -/* AMD-V MSRs */ +/* AMD-V MSRs */ #define MSR_VM_CR 0xc0010114 #define MSR_VM_IGNNE 0xc0010115 #define MSR_VM_HSAVE_PA 0xc0010117 +#define SVM_VM_CR_VALID_MASK 0x001fULL +#define SVM_VM_CR_SVM_LOCK_MASK 0x0008ULL +#define SVM_VM_CR_SVM_DIS_MASK 0x0010ULL + /* Hardware Feedback Interface */ #define MSR_IA32_HW_FEEDBACK_PTR 0x17d0 #define MSR_IA32_HW_FEEDBACK_CONFIG 0x17d1 diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 19bf955b67e0..fb8366af59da 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -229,10 +229,6 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define SVM_IOIO_SIZE_MASK (7 << SVM_IOIO_SIZE_SHIFT) #define SVM_IOIO_ASIZE_MASK (7 << SVM_IOIO_ASIZE_SHIFT) -#define SVM_VM_CR_VALID_MASK 0x001fULL -#define SVM_VM_CR_SVM_LOCK_MASK 0x0008ULL -#define SVM_VM_CR_SVM_DIS_MASK 0x0010ULL - #define SVM_NESTED_CTL_NP_ENABLE BIT(0) #define SVM_NESTED_CTL_SEV_ENABLE BIT(1) #define SVM_NESTED_CTL_SEV_ES_ENABLE BIT(2) @@ -571,8 +567,6 @@ struct vmcb { #define SVM_CPUID_FUNC 0x8000000a -#define SVM_VM_CR_SVM_DISABLE 4 - #define SVM_SELECTOR_S_SHIFT 4 #define SVM_SELECTOR_DPL_SHIFT 5 #define SVM_SELECTOR_P_SHIFT 7 diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index dd8379d84445..1011ce20f513 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -1031,6 +1031,8 @@ static void zenbleed_check(struct cpuinfo_x86 *c) static void init_amd(struct cpuinfo_x86 *c) { + u64 vm_cr; + early_init_amd(c); /* @@ -1082,6 +1084,14 @@ static void init_amd(struct cpuinfo_x86 *c) init_amd_cacheinfo(c); + if (cpu_has(c, X86_FEATURE_SVM)) { + rdmsrl(MSR_VM_CR, vm_cr); + if (vm_cr & SVM_VM_CR_SVM_DIS_MASK) { + pr_notice_once("SVM disabled (by BIOS) in MSR_VM_CR\n"); + clear_cpu_cap(c, X86_FEATURE_SVM); + } + } + if (!cpu_has(c, X86_FEATURE_LFENCE_RDTSC) && cpu_has(c, X86_FEATURE_XMM2)) { /* * Use LFENCE for execution serialization. On families which diff --git a/arch/x86/kernel/cpu/hygon.c b/arch/x86/kernel/cpu/hygon.c index defdc594be14..16f34639ecf7 100644 --- a/arch/x86/kernel/cpu/hygon.c +++ b/arch/x86/kernel/cpu/hygon.c @@ -290,6 +290,8 @@ static void early_init_hygon(struct cpuinfo_x86 *c) static void init_hygon(struct cpuinfo_x86 *c) { + u64 vm_cr; + early_init_hygon(c); /* @@ -320,6 +322,14 @@ static void init_hygon(struct cpuinfo_x86 *c) init_hygon_cacheinfo(c); + if (cpu_has(c, X86_FEATURE_SVM)) { + rdmsrl(MSR_VM_CR, vm_cr); + if (vm_cr & SVM_VM_CR_SVM_DIS_MASK) { + pr_notice_once("SVM disabled (by BIOS) in MSR_VM_CR\n"); + clear_cpu_cap(c, X86_FEATURE_SVM); + } + } + if (cpu_has(c, X86_FEATURE_XMM2)) { /* * Use LFENCE for execution serialization. On families which diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f283eb47f6ac..7b91efb72ea6 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -531,8 +531,6 @@ static bool __kvm_is_svm_supported(void) int cpu = smp_processor_id(); struct cpuinfo_x86 *c = &cpu_data(cpu); - u64 vm_cr; - if (c->x86_vendor != X86_VENDOR_AMD && c->x86_vendor != X86_VENDOR_HYGON) { pr_err("CPU %d isn't AMD or Hygon\n", cpu); @@ -549,12 +547,6 @@ static bool __kvm_is_svm_supported(void) return false; } - rdmsrl(MSR_VM_CR, vm_cr); - if (vm_cr & (1 << SVM_VM_CR_SVM_DISABLE)) { - pr_err("SVM disabled (by BIOS) in MSR_VM_CR on CPU %d\n", cpu); - return false; - } - return true; } -- 2.39.1