From mboxrd@z Thu Jan  1 00:00:00 1970
From: ebiederm@xmission.com (Eric W. Biederman)
Subject: Re: [PATCH 0/2] kvm: disable virtualization on kdump
Date: Sun, 26 Oct 2008 07:46:23 -0700
Message-ID: <m1mygre7nk.fsf@frodo.ebiederm.org>
References: <20081022232824.GD5247@verge.net.au>
	<20081023194129.GD27959@blackpad>
	<20081023222906.GB10753@verge.net.au>
	<m1tzb2hkny.fsf@frodo.ebiederm.org> <4904676F.3020706@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Simon Horman <horms@verge.net.au>,
	Eduardo Habkost <ehabkost@redhat.com>,
	kexec@lists.infradead.org, kvm@vger.kernel.org,
	Andrew Morton <akpm@osdl.org>, Vivek Goyal <vgoyal@redhat.com>,
	Haren Myneni <hbabu@us.ibm.com>
To: Avi Kivity <avi@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from out02.mta.xmission.com ([166.70.13.232]:39519 "EHLO
	out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752698AbYJZOyl (ORCPT <rfc822;kvm@vger.kernel.org>);
	Sun, 26 Oct 2008 10:54:41 -0400
In-Reply-To: <4904676F.3020706@redhat.com> (Avi Kivity's message of "Sun, 26
	Oct 2008 14:49:51 +0200")
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Avi Kivity <avi@redhat.com> writes:

> Eric W. Biederman wrote:
>> Why do we need to disable vmx mode before booting a normal linux kernel?
>>
>
> vmx mode blocks INIT (even on the host; not just on the guests) 
*blink* broken hardware design there.

> so reboots don't
> work.  It also assigns some memory to the cpu; if the new kernel isn't aware of
> it, 

Not a problem for a kdump kernel, as it lives out of a reserved region
of memory.

> the cpu and the kernel would both think it belongs to them.  Finally, if vmx
> mode is enabled, you can't start kvm on the new kernel.

This isn't especially interesting in the crash dump scenario.

>> Is it possible to disable vmx mode before we enable interrrupts in the
>> kdump kernel?
>>
>
> You need IPIs to disable vmx on smp.

Thank you.  Reading your description and taking a quick look at
the code in hardware disable it does not appear that there is
anything needed (other than restricting ourselves it running
uniprocessor in the kdump kernel) that needs to happen.

Certainly it would be nice to have kvm disabled in hardware,
but if you are proposing using the existing hardware disable
I must say that the cure looks much worse than the disease.

It looks like the disable function is all of about 20 assembly
instructions so I would not have a problem if he had a
little inline function we could call that test to see if
vmx is enabled and disable it in the case of kexec on panic.

The normal polite shutdown.  That just looks like asking for trouble.

Eric