From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Borislav Petkov <bp@alien8.de>
Cc: "Thomas Gleixner" <tglx@linutronix.de>,
"Ingo Molnar" <mingo@redhat.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
linux-kernel@vger.kernel.org,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
"Wanpeng Li" <wanpengli@tencent.com>,
"Jim Mattson" <jmattson@google.com>,
kvm@vger.kernel.org
Subject: Re: [PATCH v2 06/16] x86/cpu: Clear VMX feature flag if VMX is not fully enabled
Date: Thu, 14 Nov 2019 10:32:38 -0800 [thread overview]
Message-ID: <20191114183238.GH24045@linux.intel.com> (raw)
In-Reply-To: <20191025163858.GF6483@zn.tnic>
On Fri, Oct 25, 2019 at 06:38:58PM +0200, Borislav Petkov wrote:
> On Mon, Oct 21, 2019 at 05:08:36PM -0700, Sean Christopherson wrote:
> > Now that the IA32_FEATURE_CONTROL MSR is guaranteed to be configured and
> > locked, clear the VMX capability flag if the IA32_FEATURE_CONTROL MSR is
> > not supported or if BIOS disabled VMX, i.e. locked IA32_FEATURE_CONTROL
> > and did not set the appropriate VMX enable bit.
> >
> > Cc: Paolo Bonzini <pbonzini@redhat.com>
> > Cc: Radim Krčmář <rkrcmar@redhat.com>
> > Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
> > Cc: Wanpeng Li <wanpengli@tencent.com>
> > Cc: Jim Mattson <jmattson@google.com>
> > Cc: kvm@vger.kernel.org
> > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> > ---
> > arch/x86/kernel/cpu/feature_control.c | 23 ++++++++++++++++++++---
> > 1 file changed, 20 insertions(+), 3 deletions(-)
> >
> > diff --git a/arch/x86/kernel/cpu/feature_control.c b/arch/x86/kernel/cpu/feature_control.c
> > index 57b928e64cf5..74c76159a046 100644
> > --- a/arch/x86/kernel/cpu/feature_control.c
> > +++ b/arch/x86/kernel/cpu/feature_control.c
> > @@ -7,13 +7,19 @@
> >
> > void init_feature_control_msr(struct cpuinfo_x86 *c)
> > {
> > + bool tboot = tboot_enabled();
> > u64 msr;
> >
> > - if (rdmsrl_safe(MSR_IA32_FEATURE_CONTROL, &msr))
> > + if (rdmsrl_safe(MSR_IA32_FEATURE_CONTROL, &msr)) {
> > + if (cpu_has(c, X86_FEATURE_VMX)) {
> > + pr_err_once("x86/cpu: VMX disabled, IA32_FEATURE_CONTROL MSR unsupported\n");
> ^^^^^^^^
>
> pr_fmt
>
> But, before that: do we really wanna know about this or there's nothing
> the user can do? If she can reenable VMX in the BIOS, or otherwise do
> something about it, maybe we should say that above... Otherwise, this
> message is useless.
My thought for having the print was to alert the user that something is
royally borked with their system. There's nothing the user can do to fix
it per se, but it does indicate that either their hardware or the VMM
hosting their virtual machine is broken. So maybe be more explicit about
it being a likely hardware/VMM issue?
> > + clear_cpu_cap(c, X86_FEATURE_VMX);
> > + }
> > return;
> > + }
> >
> > if (msr & FEATURE_CONTROL_LOCKED)
> > - return;
> > + goto update_caps;
> >
> > /*
> > * Ignore whatever value BIOS left in the MSR to avoid enabling random
> > @@ -23,8 +29,19 @@ void init_feature_control_msr(struct cpuinfo_x86 *c)
> >
> > if (cpu_has(c, X86_FEATURE_VMX)) {
> > msr |= FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX;
> > - if (tboot_enabled())
> > + if (tboot)
> > msr |= FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX;
> > }
> > wrmsrl(MSR_IA32_FEATURE_CONTROL, msr);
> > +
> > +update_caps:
> > + if (!cpu_has(c, X86_FEATURE_VMX))
> > + return;
>
> If this test is just so we can save us the below code, I'd say remove it
> for the sake of having less code in that function. The test is cheap and
> not on a fast path so who cares if we clear an alrady cleared bit. But
> maybe this evolves in the later patches...
I didn't want to print the "VMX disabled by BIOS..." message if VMX isn't
supported in the first place. Later patches also add more code in this
flow, but avoiding the print message is the main motiviation.
> > +
> > + if ((tboot && !(msr & FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX)) ||
> > + (!tboot && !(msr & FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX))) {
> > + pr_err_once("x86/cpu: VMX disabled by BIOS (TXT %s)\n",
> > + tboot ? "enabled" : "disabled");
> > + clear_cpu_cap(c, X86_FEATURE_VMX);
> > + }
> > }
>
> --
> Regards/Gruss,
> Boris.
>
> https://people.kernel.org/tglx/notes-about-netiquette
next prev parent reply other threads:[~2019-11-14 18:32 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-21 23:46 [PATCH v2 00/16] x86/cpu: Clean up handling of VMX features Sean Christopherson
2019-10-21 23:54 ` [PATCH v2 01/16] x86/intel: Initialize IA32_FEATURE_CONTROL MSR at boot Sean Christopherson
2019-10-22 0:15 ` Sean Christopherson
2019-10-25 14:09 ` Borislav Petkov
2019-10-25 15:11 ` Sean Christopherson
2019-10-21 23:56 ` [PATCH v2 02/16] x86/mce: WARN once if IA32_FEATURE_CONTROL MSR is left unlocked Sean Christopherson
2019-10-25 14:22 ` Borislav Petkov
2019-10-22 0:08 ` [PATCH v2 03/16] x86/centaur: Use common IA32_FEATURE_CONTROL MSR initialization Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 04/16] x86/zhaoxin: " Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 05/16] KVM: VMX: Drop initialization of IA32_FEATURE_CONTROL MSR Sean Christopherson
2019-10-22 10:51 ` Paolo Bonzini
2019-10-22 15:16 ` Sean Christopherson
2019-11-14 18:34 ` Sean Christopherson
2019-11-15 10:10 ` Paolo Bonzini
2019-10-25 16:26 ` Borislav Petkov
2019-10-25 16:39 ` Borislav Petkov
2019-10-22 0:08 ` [PATCH v2 06/16] x86/cpu: Clear VMX feature flag if VMX is not fully enabled Sean Christopherson
2019-10-25 16:38 ` Borislav Petkov
2019-11-14 18:32 ` Sean Christopherson [this message]
2019-11-15 10:05 ` Paolo Bonzini
2019-11-15 10:34 ` Borislav Petkov
2019-11-15 15:34 ` Sean Christopherson
2019-11-15 15:39 ` Borislav Petkov
2019-10-22 0:08 ` [PATCH v2 07/16] KVM: VMX: Use VMX feature flag to query BIOS enabling Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 08/16] KVM: VMX: Check for full VMX support when verifying CPU compatibility Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 09/16] x86/vmx: Introduce VMX_FEATURES_* Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 10/16] x86/cpu: Detect VMX features on Intel, Centaur and Zhaoxin CPUs Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 11/16] x86/cpu: Print VMX flags in /proc/cpuinfo using VMX_FEATURES_* Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 12/16] x86/cpufeatures: Drop synthetic VMX feature flags Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 13/16] KVM: VMX: Use VMX_FEATURE_* flags to define VMCS control bits Sean Christopherson
2019-10-22 0:09 ` [PATCH v2 14/16] x86/cpufeatures: Clean up synthetic virtualization flags Sean Christopherson
2019-10-22 0:12 ` [PATCH v2 15/16] perf/x86: Provide stubs of KVM helpers for non-Intel CPUs Sean Christopherson
2019-10-22 0:12 ` [PATCH v2 16/16] KVM: VMX: Allow KVM_INTEL when building for Centaur and/or Zhaoxin CPUs Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191114183238.GH24045@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).