From: Sean Christopherson <seanjc@google.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
Andrew Cooper <Andrew.Cooper3@citrix.com>,
Kai Huang <kai.huang@intel.com>, Chao Gao <chao.gao@intel.com>
Subject: Re: [PATCH v4 14/19] KVM: SVM: Check that the current CPU supports SVM in kvm_is_svm_supported()
Date: Thu, 27 Jul 2023 09:39:53 -0700 [thread overview]
Message-ID: <ZMKd2cT2fw4ZiJQp@google.com> (raw)
In-Reply-To: <20230725091611.GA3766257@hirez.programming.kicks-ass.net>
On Tue, Jul 25, 2023, Peter Zijlstra wrote:
> On Mon, Jul 24, 2023 at 02:40:03PM -0700, Sean Christopherson wrote:
> > On Mon, Jul 24, 2023, Peter Zijlstra wrote:
> > > On Fri, Jul 21, 2023 at 01:18:54PM -0700, Sean Christopherson wrote:
> > > > Check "this" CPU instead of the boot CPU when querying SVM support so that
> > > > the per-CPU checks done during hardware enabling actually function as
> > > > intended, i.e. will detect issues where SVM isn't support on all CPUs.
> > >
> > > Is that a realistic concern?
> >
> > It's not a concern in the sense that it should never happen, but I know of at
> > least one example where VMX on Intel completely disappeared[1]. The "compatibility"
> > checks are really more about the entire VMX/SVM feature set, the base VMX/SVM
> > support check is just an easy and obvious precursor to the full compatibility
> > checks.
> >
> > Of course, SVM doesn't currently have compatibility checks on the full SVM feature
> > set, but that's more due to lack of a forcing function than a desire to _not_ have
> > them. Intel CPUs have a pesky habit of bugs, ucode updates, and/or in-field errors
> > resulting in VMX features randomly appearing or disappearing. E.g. there's an
> > ongoing buzilla (sorry) issue[2] where a user is only able to load KVM *after* a
> > suspend+resume cycle, because TSC scaling only shows up on one socket immediately
> > after boot, which is then somehow resolved by suspend+resume.
> >
> > [1] 009bce1df0bb ("x86/split_lock: Don't write MSR_TEST_CTRL on CPUs that aren't whitelisted")
> > [2] https://bugzilla.kernel.org/show_bug.cgi?id=217574
>
> Is that using late loading of ucode?
Not sure, though I don't think that is relevant for this particular bug.
> Anything that changes *any* feature flag must be early ucode load, there is
> no other possible way since einux does feature enumeration early, and
> features are fixed thereafter.
>
> This is one of the many reasons late loading is a trainwreck.
>
> Doing suspend/resume probably re-loads the firmware
Ya, it does.
> and re-does the feature enumeration -- I didn't check.
The reported ucode revision is the same before and after resume, and is consistent
across all CPUs. KVM does the per-CPU feature enumeration (for sanity checks)
everytime userspace attempts to load KVM (the module), so the timing of the ucode
patch load _shouldn't_ matter.
The user is running quite old ucode for their system, so the current theory is that
old buggy ucode is to blame.
next prev parent reply other threads:[~2023-07-27 16:39 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-21 20:18 [PATCH v4 00/19] x86/reboot: KVM: Clean up "emergency" virt code Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 01/19] x86/reboot: VMCLEAR active VMCSes before emergency reboot Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 02/19] x86/reboot: Harden virtualization hooks for " Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 03/19] x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback Sean Christopherson
2023-07-24 23:57 ` Huang, Kai
2023-07-21 20:18 ` [PATCH v4 04/19] x86/reboot: KVM: Disable SVM during reboot via virt/KVM " Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 05/19] x86/reboot: Assert that IRQs are disabled when turning off virtualization Sean Christopherson
2023-07-24 21:19 ` Peter Zijlstra
2023-07-24 21:41 ` Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 06/19] x86/reboot: Hoist "disable virt" helpers above "emergency reboot" path Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 07/19] x86/reboot: Disable virtualization during reboot iff callback is registered Sean Christopherson
2023-07-24 23:57 ` Huang, Kai
2023-07-21 20:18 ` [PATCH v4 08/19] x86/reboot: Expose VMCS crash hooks if and only if KVM_{INTEL,AMD} is enabled Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 09/19] x86/virt: KVM: Open code cpu_has_vmx() in KVM VMX Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 10/19] x86/virt: KVM: Move VMXOFF helpers into " Sean Christopherson
2023-07-28 9:08 ` Xu Yilun
2023-07-28 9:43 ` Huang, Kai
2023-07-21 20:18 ` [PATCH v4 11/19] KVM: SVM: Make KVM_AMD depend on CPU_SUP_AMD or CPU_SUP_HYGON Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 12/19] x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm() Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 13/19] x86/virt: KVM: Open code cpu_has_svm() into kvm_is_svm_supported() Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 14/19] KVM: SVM: Check that the current CPU supports SVM in kvm_is_svm_supported() Sean Christopherson
2023-07-24 21:21 ` Peter Zijlstra
2023-07-24 21:40 ` Sean Christopherson
2023-07-25 9:16 ` Peter Zijlstra
2023-07-27 16:39 ` Sean Christopherson [this message]
2023-07-24 22:29 ` Dmitry Torokhov
2023-07-24 23:53 ` Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 15/19] KVM: VMX: Ensure CPU is stable when probing basic VMX support Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 16/19] x86/virt: KVM: Move "disable SVM" helper into KVM SVM Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 17/19] KVM: x86: Force kvm_rebooting=true during emergency reboot/crash Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 18/19] KVM: SVM: Use "standard" stgi() helper when disabling SVM Sean Christopherson
2023-07-21 20:18 ` [PATCH v4 19/19] KVM: VMX: Skip VMCLEAR logic during emergency reboots if CR4.VMXE=0 Sean Christopherson
2023-07-25 3:51 ` Huang, Kai
2023-07-25 18:15 ` Sean Christopherson
2023-07-25 22:20 ` Huang, Kai
2023-08-04 0:40 ` [PATCH v4 00/19] x86/reboot: KVM: Clean up "emergency" virt code Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZMKd2cT2fw4ZiJQp@google.com \
--to=seanjc@google.com \
--cc=Andrew.Cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.