From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paolo Bonzini Subject: Re: [PATCH] kvm: svm: reset mmu on VCPU reset Date: Fri, 18 Sep 2015 16:50:37 +0200 Message-ID: <55FC24BD.7080205@redhat.com> References: <1442583545-266967-1-git-send-email-imammedo@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: joro@8bytes.org, guangrong.xiao@linux.intel.com, kvm@vger.kernel.org, stable To: Igor Mammedov , linux-kernel@vger.kernel.org Return-path: In-Reply-To: <1442583545-266967-1-git-send-email-imammedo@redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org On 18/09/2015 15:39, Igor Mammedov wrote: > When INIT/SIPI sequence is sent to VCPU which before that > was in use by OS, VMRUN might fail with: >=20 > KVM: entry failed, hardware error 0xffffffff > EAX=3D00000000 EBX=3D00000000 ECX=3D00000000 EDX=3D000006d3 > ESI=3D00000000 EDI=3D00000000 EBP=3D00000000 ESP=3D00000000 > EIP=3D00000000 EFL=3D00000002 [-------] CPL=3D0 II=3D0 A20=3D1 SMM=3D= 0 HLT=3D0 > ES =3D0000 00000000 0000ffff 00009300 > CS =3D9a00 0009a000 0000ffff 00009a00 > [...] > CR0=3D60000010 CR2=3Db6f3e000 CR3=3D01942000 CR4=3D000007e0 > [...] > EFER=3D0000000000000000 >=20 > with corresponding SVM error: > KVM: FAILED VMRUN WITH VMCB: > [...] > cpl: 0 efer: 0000000000001000 > cr0: 0000000080010010 cr2: 00007fd7fe85bf90 > cr3: 0000000187d0c000 cr4: 0000000000000020 > [...] >=20 > What happens is that VCPU state right after offlinig: > CR0: 0x80050033 EFER: 0xd01 CR4: 0x7e0 > -> long mode with CR3 pointing to longmode page tables >=20 > and when VCPU gets INIT/SIPI following transition happens > CR0: 0 -> 0x60000010 EFER: 0x0 CR4: 0x7e0 > -> paging disabled with stale CR3 >=20 > However SVM under the hood puts VCPU in Paged Real Mode* > which effectively translates CR0 0x60000010 -> 80010010 after >=20 > svm_vcpu_reset() > -> init_vmcb() > -> kvm_set_cr0() > -> svm_set_cr0() >=20 > but from kvm_set_cr0() perspective CR0: 0 -> 0x60000010 > only caching bits are changed and > commit d81135a57aa6 > ("KVM: x86: do not reset mmu if CR0.CD and CR0.NW are changed")' > regressed svm_vcpu_reset() which relied on MMU being reset. >=20 > As result VMRUN after svm_vcpu_reset() tries to run > VCPU in Paged Real Mode with stale MMU context (longmode page tables)= , > which causes some AMD CPUs** to bail out with VMEXIT_INVALID. >=20 > Fix issue by unconditionally resetting MMU context > at init_vmcb() time. >=20 > -- > * AMD64 Architecture Programmer=E2=80=99s Manual, > Volume 2: System Programming, rev: 3.25 > 15.19 Paged Real Mode > ** Opteron 1216 >=20 > Signed-off-by: Igor Mammedov > --- > arch/x86/kvm/svm.c | 1 + > 1 file changed, 1 insertion(+) >=20 > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > index fdb8cb6..89173af 100644 > --- a/arch/x86/kvm/svm.c > +++ b/arch/x86/kvm/svm.c > @@ -1264,6 +1264,7 @@ static void init_vmcb(struct vcpu_svm *svm, boo= l init_event) > * It also updates the guest-visible cr0 value. > */ > (void)kvm_set_cr0(&svm->vcpu, X86_CR0_NW | X86_CR0_CD | X86_CR0_ET)= ; > + kvm_mmu_reset_context(&svm->vcpu); > =20 > save->cr4 =3D X86_CR4_PAE; > /* rdx =3D ?? */ >=20 Thanks. Unfortunately I have just sent a pull request to Linus, but I'll add =46ixes: d81135a57aa6 Cc: stable@vger.kernel.org and send it out next week. Paolo