[Qemu-devel] [PATCH] Correctly re-init EFER state during INIT IPI

[Qemu-devel] [PATCH] Correctly re-init EFER state during INIT IPI

[Bill Paul]

When doing a re-initialization of a CPU core, the default state is to _not_
have 64-bit long mode enabled. This means the LME (long mode enable) and LMA
(long mode active) bits in the EFER model-specific register should be cleared.

However, the EFER state is part of the CPU environment which is
preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the
time an INIT IPI was received, they will remain set after the init completes.

This is contrary to what the Intel architecture manual describes and what
happens on real hardware, and it leaves the CPU in a weird state that the
guest can't clear.

To fix this, the 'efer' member of the CPUX86State structure has been moved
to an area outside the region preserved by do_cpu_init(), so that it can
be properly re-initialized by x86_cpu_reset().

Signed-off-by: Bill Paul <wpaul@windriver.com>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Richard Henderson <rth@twiddle.net>
CC: Eduardo Habkost <ehabkost@redhat.com>
---
 target-i386/cpu.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 034fab6..fac773c 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -833,6 +833,7 @@ typedef struct CPUX86State {
     BNDReg bnd_regs[4];
     BNDCSReg bndcs_regs;
     uint64_t msr_bndcfgs;
+    uint64_t efer;
 
     /* Beginning of state preserved by INIT (dummy marker).  */
     struct {} start_init_save;
@@ -865,7 +866,6 @@ typedef struct CPUX86State {
     uint32_t sysenter_cs;
     target_ulong sysenter_esp;
     target_ulong sysenter_eip;
-    uint64_t efer;
     uint64_t star;
 
     uint64_t vm_hsave;
-- 
1.8.0

Re: [Qemu-devel] [PATCH] Correctly re-init EFER state during INIT IPI

[Paolo Bonzini]

On 01/10/2015 00:33, Bill Paul wrote:
> When doing a re-initialization of a CPU core, the default state is to _not_
> have 64-bit long mode enabled. This means the LME (long mode enable) and LMA
> (long mode active) bits in the EFER model-specific register should be cleared.
> 
> However, the EFER state is part of the CPU environment which is
> preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the
> time an INIT IPI was received, they will remain set after the init completes.
> 
> This is contrary to what the Intel architecture manual describes and what
> happens on real hardware, and it leaves the CPU in a weird state that the
> guest can't clear.
> 
> To fix this, the 'efer' member of the CPUX86State structure has been moved
> to an area outside the region preserved by do_cpu_init(), so that it can
> be properly re-initialized by x86_cpu_reset().
> 
> Signed-off-by: Bill Paul <wpaul@windriver.com>
> CC: Paolo Bonzini <pbonzini@redhat.com>
> CC: Richard Henderson <rth@twiddle.net>
> CC: Eduardo Habkost <ehabkost@redhat.com>

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

> ---
>  target-i386/cpu.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/target-i386/cpu.h b/target-i386/cpu.h
> index 034fab6..fac773c 100644
> --- a/target-i386/cpu.h
> +++ b/target-i386/cpu.h
> @@ -833,6 +833,7 @@ typedef struct CPUX86State {
>      BNDReg bnd_regs[4];
>      BNDCSReg bndcs_regs;
>      uint64_t msr_bndcfgs;
> +    uint64_t efer;
>  
>      /* Beginning of state preserved by INIT (dummy marker).  */
>      struct {} start_init_save;
> @@ -865,7 +866,6 @@ typedef struct CPUX86State {
>      uint32_t sysenter_cs;
>      target_ulong sysenter_esp;
>      target_ulong sysenter_eip;
> -    uint64_t efer;
>      uint64_t star;
>  
>      uint64_t vm_hsave;
> 

Re: [Qemu-devel] [PATCH] Correctly re-init EFER state during INIT IPI

[Eduardo Habkost]

On Wed, Sep 30, 2015 at 03:33:29PM -0700, Bill Paul wrote:
> When doing a re-initialization of a CPU core, the default state is to _not_
> have 64-bit long mode enabled. This means the LME (long mode enable) and LMA
> (long mode active) bits in the EFER model-specific register should be cleared.
> 
> However, the EFER state is part of the CPU environment which is
> preserved by do_cpu_init(), so if EFER.LME and EFER.LMA were set at the
> time an INIT IPI was received, they will remain set after the init completes.
> 
> This is contrary to what the Intel architecture manual describes and what
> happens on real hardware, and it leaves the CPU in a weird state that the
> guest can't clear.
> 
> To fix this, the 'efer' member of the CPUX86State structure has been moved
> to an area outside the region preserved by do_cpu_init(), so that it can
> be properly re-initialized by x86_cpu_reset().
> 
> Signed-off-by: Bill Paul <wpaul@windriver.com>
> CC: Paolo Bonzini <pbonzini@redhat.com>
> CC: Richard Henderson <rth@twiddle.net>
> CC: Eduardo Habkost <ehabkost@redhat.com>

Applied to x86 tree. Thanks!

-- 
Eduardo