From: Binbin Wu <binbin.wu@linux.intel.com>
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org
Cc: pbonzini@redhat.com, seanjc@google.com, dave.hansen@intel.com,
kas@kernel.org, rick.p.edgecombe@intel.com,
vishal.l.verma@intel.com, xiaoyao.li@intel.com,
chao.gao@intel.com, binbin.wu@linux.intel.com
Subject: [PATCH 2/2] x86/cpu: Skip reading MSR_IA32_PLATFORM_ID in virtualized environment
Date: Tue, 28 Apr 2026 10:47:46 +0800 [thread overview]
Message-ID: <20260428024746.1040531-3-binbin.wu@linux.intel.com> (raw)
In-Reply-To: <20260428024746.1040531-1-binbin.wu@linux.intel.com>
The Linux kernel now reads MSR_IA32_PLATFORM_ID during CPU init. When
running as a guest, if the underlying hypervisor does not emulate the
MSR, the RDMSR from 0x17 in intel_get_platform_id() can trigger an
unchecked MSR access during early boot.
unchecked MSR access error: RDMSR from 0x17 at rIP: 0xffffffffba38d6fc (intel_get_platform_id+0x7c/0xb0)
Call Trace:
<TASK>
? early_init_intel+0x28/0x2c0
? early_cpu_init+0x9b/0x930
? setup_arch+0xbf/0xbb0
? _printk+0x6b/0x90
? start_kernel+0x7f/0xaa0
? x86_64_start_reservations+0x24/0x30
? x86_64_start_kernel+0xda/0xe0
? common_startup_64+0x13e/0x141
</TASK>
Currently, KVM does not support guest reads of MSR_IA32_PLATFORM_ID for
TDX. This should be fixed in the hypervisor, but for compatibility with
newer guests running on older KVM hosts, skip reading MSR_IA32_PLATFORM_ID
and return 0. It's meaningless to read MSR_IA32_PLATFORM_ID since guests
are not allowed to do microcode update. cpu_has_old_microcode(), which
uses platform ID for CPU match, also skips checking whether the microcode
is old or not in a virtualized environment.
Since intel_get_platform_id() can be called early before cpuinfo_x86
is fully initialized, check whether it's running in a virtualized
environment from CPUID and opportunistically add a helper.
Fixes: d8630b67ca1ed ("x86/cpu: Add platform ID to CPU info structure")
Reported-by: Vishal Verma <vishal.l.verma@intel.com>
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
---
arch/x86/kernel/cpu/microcode/core.c | 2 +-
arch/x86/kernel/cpu/microcode/intel.c | 4 ++++
arch/x86/kernel/cpu/microcode/internal.h | 5 +++++
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/microcode/core.c b/arch/x86/kernel/cpu/microcode/core.c
index 651202e6fefb..ee204c8a90bf 100644
--- a/arch/x86/kernel/cpu/microcode/core.c
+++ b/arch/x86/kernel/cpu/microcode/core.c
@@ -135,7 +135,7 @@ bool __init microcode_loader_disabled(void)
* 3) Certain AMD patch levels are not allowed to be
* overwritten.
*/
- hypervisor_present = native_cpuid_ecx(1) & BIT(31);
+ hypervisor_present = x86_cpuid_has_hypervisor();
if ((hypervisor_present && !IS_ENABLED(CONFIG_MICROCODE_DBG)) ||
amd_check_current_patch_level())
diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
index 37ac4afe0972..cb93e4ea410e 100644
--- a/arch/x86/kernel/cpu/microcode/intel.c
+++ b/arch/x86/kernel/cpu/microcode/intel.c
@@ -147,6 +147,10 @@ u32 intel_get_platform_id(void)
if (intel_cpuid_vfm() <= INTEL_PENTIUM_II_KLAMATH)
return 0;
+ /* Don't try to read microcode bits when virtualized. */
+ if (x86_cpuid_has_hypervisor())
+ return 0;
+
/* get processor flags from MSR 0x17 */
native_rdmsr(MSR_IA32_PLATFORM_ID, val[0], val[1]);
diff --git a/arch/x86/kernel/cpu/microcode/internal.h b/arch/x86/kernel/cpu/microcode/internal.h
index 3b93c0676b4f..0233e074d76b 100644
--- a/arch/x86/kernel/cpu/microcode/internal.h
+++ b/arch/x86/kernel/cpu/microcode/internal.h
@@ -100,6 +100,11 @@ static inline unsigned int x86_cpuid_family(void)
return x86_family(eax);
}
+static inline bool x86_cpuid_has_hypervisor(void)
+{
+ return native_cpuid_ecx(1) & BIT(31);
+}
+
extern bool force_minrev;
#ifdef CONFIG_CPU_SUP_AMD
--
2.46.0
next prev parent reply other threads:[~2026-04-28 2:43 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-28 2:47 [PATCH 0/2] Fix MSR_IA32_PLATFORM_ID access for TDX guests Binbin Wu
2026-04-28 2:47 ` [PATCH 1/2] KVM: TDX: Allow TDs to read MSR_IA32_PLATFORM_ID Binbin Wu
2026-04-28 5:31 ` Xiaoyao Li
2026-04-28 11:44 ` Chao Gao
2026-04-28 16:30 ` Sean Christopherson
2026-04-28 18:31 ` Edgecombe, Rick P
2026-04-28 18:44 ` Sean Christopherson
2026-04-28 19:28 ` Edgecombe, Rick P
2026-04-28 18:49 ` Dave Hansen
2026-04-29 9:09 ` Binbin Wu
2026-04-28 2:47 ` Binbin Wu [this message]
2026-04-28 6:01 ` [PATCH 2/2] x86/cpu: Skip reading MSR_IA32_PLATFORM_ID in virtualized environment Xiaoyao Li
2026-04-28 9:57 ` Binbin Wu
2026-04-28 18:54 ` Edgecombe, Rick P
2026-04-28 19:13 ` Dave Hansen
2026-04-29 23:14 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260428024746.1040531-3-binbin.wu@linux.intel.com \
--to=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=dave.hansen@intel.com \
--cc=kas@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=vishal.l.verma@intel.com \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.