Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2909876rdb; Fri, 22 Sep 2023 11:42:50 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEH9AC24MSwBUYhA4fyOiYSgleY4xIIzUFRmz7GOjfeoEF8VsqnY4dUjNtv2FIGUg4aq426 X-Received: by 2002:a05:6a20:7f8d:b0:154:e793:52b3 with SMTP id d13-20020a056a207f8d00b00154e79352b3mr557227pzj.0.1695408169780; Fri, 22 Sep 2023 11:42:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695408169; cv=none; d=google.com; s=arc-20160816; b=T6d170I4RlwPIrD7Nneq4oiF2FbFBeUgL+Lrkor8v71k/5c7mYzXvFfEmnRVV1lgMM pKi/krqr3tDW/0LzRj74FG/hj3TFjIaYF9w5HgMiQPCxP/86M3lkU88GfzTaP4KGfz8e exkTp8hTWjt8r9T/cdnbXDMOGqgt0VpPw4PNnc33U0NCjSjzVarMOy8ksyfx5nG05GmT xAJiGbklj7EsIrOLtK/wGFIRjpkXhFhHIPIX5ySwZeIu3Uq0Y3pQzAXI7Kw/4i5vF2Nz ExEld4iAVbRHIFGTYTPBJlTxTsLpmJUrG0dUOPVKP1CFQx06hhArN9w7+5TTLRMuXs0m j9TA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=jHa3naU1XzxEBhK7V3RItz2lj4bCVrBUNq4F0vxDu+A=; fh=apmkNLA9MOJo8+J9dlMXCCKkpRl+uxeSTtXA6d7EGd0=; b=0nh2T7FsRCyggUioo/YXQpRsaGYzHcM+m3izjJ0GqeU1X3C5ovB5I8oJGnhQBux3GM n8i3i/+By9DuVTkLyHuJ45cnNCJBhgLwxngxrAi0V4+RVheqNE5qhPmJdDITLtk5IlhG EgIQ3VkIdXeySCX0HF/nGlVm49iARYxf1XPeEH+VwoufERyKgKKf9vHZFZjYigsDyZTU OmRIoKwSvhDTKBXUKHrLBUlD40xsmJq3MKMVMQa+oCNk74rk+KITlpkVn0OCc65gqdjL rHlflcMtP2qwqAmwNb35lQoMlIFUYaFuT6Rjj/pTCNPSUbpKLbiryMrbHp/5YYa9b46N Aw4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=QJdPdeIy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id m1-20020a656a01000000b00578ca21773fsi4602638pgu.718.2023.09.22.11.42.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Sep 2023 11:42:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=QJdPdeIy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 27D03809C394; Fri, 22 Sep 2023 09:41:40 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231331AbjIVQlj (ORCPT + 99 others); Fri, 22 Sep 2023 12:41:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40544 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229639AbjIVQlh (ORCPT ); Fri, 22 Sep 2023 12:41:37 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3750D198 for ; Fri, 22 Sep 2023 09:41:31 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-d814a1f7378so113651276.1 for ; Fri, 22 Sep 2023 09:41:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1695400890; x=1696005690; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=jHa3naU1XzxEBhK7V3RItz2lj4bCVrBUNq4F0vxDu+A=; b=QJdPdeIyYt5wEH51jj0ES32JUFakKXL6TUmQV6k3EPwjwT8wx7J3iMNYnxn2MoLdC0 NJcS+7OUWh+e/9p6dJ7iWcYw4/vbcxaXAVPX9Aog4qIAEGMvNTmCC1e4AuV33Qp2yyl5 D30gxWZkNM3Qi5IjWRsUVkd9/LhjYe7BsYW//ysrDP84/aoP+xBeroPQEKlyUHL329OE mxARoFFql/y5sMxkO5fAwe3cMnXqdIyqHDFOtUTJC/sh2rH87kUeC65v6pDfKc/2+xWq Rqxn1sNPlxrkZ1aBJbkKlIfLH9j5wonO+6mAzgFaRZLjMWYDD/JY10Z+r0VNclEDImlD tkIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695400890; x=1696005690; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=jHa3naU1XzxEBhK7V3RItz2lj4bCVrBUNq4F0vxDu+A=; b=CYLNvSaNjiOAH70hRRv1xSB7rEsNTpZO1mNU4MIp5XBabbUg1on1n+QePiaKjS/Fv3 +zOjY5HpYVDzFMiwzBu0C9ozxC5Q/AxylK2KUsPqUSt3T88GWdPzKcRHZr5SvXiH3VLm viFXJ+u7LFTdZ2hyQUlx/Jm1VWnjChv41+Jhe1H5uuqSmdlfAaWS37fgGPyB+q+ekwFv aoV+D2pLx/ls5hzqUKO0ioyxZ7swf5Qn2FhKGEm9ie8IQLaHvSkh257XjR1kED+6B53w Iedj4qyx2oHomUJAUQxTdwh4XgMoVTczEGqUsl5XlCWdsXjqPZvAzBxWfeEtLkCsPZkT vZNw== X-Gm-Message-State: AOJu0YwZxMRf1PPIoOTBcVi91N26fkO67VHKC+ms4cUFgIhy0CxLO08a tE3ZcgC+oGR5+wAWe5JThqLZi1DathM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:a2c7:0:b0:d77:fb00:b246 with SMTP id c7-20020a25a2c7000000b00d77fb00b246mr54465ybn.1.1695400890443; Fri, 22 Sep 2023 09:41:30 -0700 (PDT) Date: Fri, 22 Sep 2023 09:41:28 -0700 In-Reply-To: <20230921114940.957141-1-pbonzini@redhat.com> Mime-Version: 1.0 References: <20230921114940.957141-1-pbonzini@redhat.com> Message-ID: Subject: Re: [PATCH] x86/cpu: clear SVM feature if disabled by BIOS From: Sean Christopherson To: Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, bp@alien8.de Content-Type: text/plain; charset="us-ascii" X-Spam-Status: No, score=-8.4 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Fri, 22 Sep 2023 09:41:40 -0700 (PDT) On Thu, Sep 21, 2023, Paolo Bonzini wrote: > diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c > index f283eb47f6ac..7b91efb72ea6 100644 > --- a/arch/x86/kvm/svm/svm.c > +++ b/arch/x86/kvm/svm/svm.c > @@ -531,8 +531,6 @@ static bool __kvm_is_svm_supported(void) > int cpu = smp_processor_id(); > struct cpuinfo_x86 *c = &cpu_data(cpu); > > - u64 vm_cr; > - > if (c->x86_vendor != X86_VENDOR_AMD && > c->x86_vendor != X86_VENDOR_HYGON) { > pr_err("CPU %d isn't AMD or Hygon\n", cpu); > @@ -549,12 +547,6 @@ static bool __kvm_is_svm_supported(void) > return false; > } Hidden in here is if (!cpu_has(c, X86_FEATURE_SVM)) { pr_err("SVM not supported by CPU %d\n", cpu); return false; } which will be technically wrong and potentially misleading when SVM is disabled by BIOS, but supported by the CPU. We should do the same thing that VMX does and manually query CPUID to check "is SVM supported", and then rely on cpu_has() for the "is SVM supported _and_ enabled". E.g. diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f283eb47f6ac..9bcd8aad28d7 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -539,22 +539,21 @@ static bool __kvm_is_svm_supported(void) return false; } - if (!cpu_has(c, X86_FEATURE_SVM)) { + if (!(cpuid_ecx(0x80000001) & feature_bit(SVM))) { pr_err("SVM not supported by CPU %d\n", cpu); return false; } + if (!cpu_has(c, X86_FEATURE_SVM)) { + pr_err("SVM disabled (by BIOS) in MSR_VM_CR on CPU %d\n", cpu); + return false; + } + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) { pr_info("KVM is unsupported when running as an SEV guest\n"); return false; } - rdmsrl(MSR_VM_CR, vm_cr); - if (vm_cr & (1 << SVM_VM_CR_SVM_DISABLE)) { - pr_err("SVM disabled (by BIOS) in MSR_VM_CR on CPU %d\n", cpu); - return false; - } - return true; }