From: Laszlo Ersek <lersek@redhat.com>
To: Ashok Raj <ashok.raj@intel.com>,
Paolo Bonzini <pbonzini@redhat.com>,
seabios@seabios.org, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [SeaBIOS] [PATCH v3] fw/msr_feature_control: add support to set MSR_IA32_FEATURE_CONTROL
Date: Wed, 6 Jul 2016 17:32:59 +0200 [thread overview]
Message-ID: <ef8a47eb-1bd3-5330-6d99-76ce13cd785a@redhat.com> (raw)
In-Reply-To: <20160706130336.ad4jmzvbgiyc7g5h@hz-desktop>
On 07/06/16 15:03, Haozhong Zhang wrote:
> On 07/06/16 13:04, Laszlo Ersek wrote:
>> On 07/06/16 08:42, Laszlo Ersek wrote:
>>> On 07/06/16 08:28, Haozhong Zhang wrote:
>>>> Hi Ashok,
>>>>
>>>> On 07/06/16 02:18, Paolo Bonzini wrote:
>>>>>> I forgot to restore MSR_IA32_FEATURE_CONTROL in the resume path, and
>>>>>> MSR_IA32_FEATURE_CONTROL is zero after S3 resume.
>>>>>
>>>>> This is a bug. Sorry Laszlo. :)
>>>>>
>>>>>> Not restore MSR_IA32_FEATURE_CONTROL during S3 resume does not affect
>>>>>> at least Linux guest (tested 4.5). Current QEMU may advise the guest
>>>>>> firmware to set bit 20 (for LMCE), bit 2 (for VMX) and bit 0 (lock
>>>>>> bit).
>>>>>> - For LMCE, Linux only checks bit 20 and bit 0 at boot time and then
>>>>>> keeps using the result even after resume.
>>>>>
>>>>> On real hardware, LMCE would not be enabled after resume. I'm not
>>>>> sure what would happen, but it wouldn't be good.
>>>>
>>>> Could you help to check if the LMCE bit in MSR_IA32_FEATURE_CONTROL is
>>>> set after S3 resume on the real hardware?
>>>
>>> The SDM says that IA32_FEATURE_CONTROL is zeroed on logical processor reset.
>>>
>>> 23.7 ENABLING AND ENTERING VMX OPERATION
>>>
>>> [...] VMXON is also controlled by the IA32_FEATURE_CONTROL MSR (MSR
>>> address 3AH). This MSR is cleared to zero when a logical processor is
>>> reset. [...]
>>
>> Actually, I think there is a bug in KVM at the moment. I ran the
>> following test:
>>
>> - modified OVMF to set the MSR to value 0x5 on just the BSP
>> - booted an i440fx and a Q35 (SMM-enabled) OVMF guest
>> - checked "rdmsr -a 0x3a" in both
>> - ran "pm-suspend" in both guests, woke them
>> - repeated the rdmsr command
>>
>> The result is that the BSP had the 0x5 MSR value both after cold boot
>> and after S3 resume. So, KVM does not seem to implement clearing of the MSR.
>>
>
> Interesting result, is setting MSR on BSP also called after S3 resume?
Yes. Henceforth my middle name should be "bumblebee", because today I've
been bumbling from error to error.
In short, I messed up my ad-hoc OVMF patch, and added the wrmsr to a
location that is on both the normal boot path and the S3 resume path. I
fixed the patch and now I get the same result as you -- the MSR is
indeed clear after S3 resume.
> I went through your test steps with OVMF replaced by a modified
> SeaBIOS which only sets MSR_IA32_FEATURE_CONTROL on BSP at boot time,
> the result before S3 resume is the value on BSP is 5 and others are 0,
> and the result after S3 resume is values on all CPUs are 0.
Right.
>> I checked kvm/next (currently at
>> 196f20ca52e8c7281932663c348fa54b82d03914), and vmx_vcpu_reset() does not
>> seem to zero vmx->msr_ia32_feature_control.
>>
>
> The function reset cpu state in QEMU after S3 resume is
> x86_cpu_reset(CPUState *s) in target-i386/cpu.c which is called for
> all vcpus and does
>
> memset(env, 0, offsetof(CPUX86State, cpuid_level));
>
> CPUX86State.msr_ia32_feature_control is before .cpuid_level, so guest
> MSR_IA32_FEATURE_CONTROL on all vcpus should be zero after S3 resume.
Thank you for the analysis and sorry about the noise.
Laszlo
prev parent reply other threads:[~2016-07-06 15:33 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-22 6:53 [Qemu-devel] [PATCH v3] fw/msr_feature_control: add support to set MSR_IA32_FEATURE_CONTROL Haozhong Zhang
2016-07-01 12:02 ` [Qemu-devel] [SeaBIOS] " Gerd Hoffmann
2016-07-05 22:19 ` Laszlo Ersek
2016-07-06 1:26 ` Haozhong Zhang
2016-07-06 6:18 ` Paolo Bonzini
2016-07-06 6:28 ` Haozhong Zhang
2016-07-06 6:42 ` Laszlo Ersek
2016-07-06 6:49 ` Haozhong Zhang
2016-07-06 7:44 ` Laszlo Ersek
2016-07-06 8:48 ` Haozhong Zhang
2016-07-06 9:00 ` Laszlo Ersek
2016-07-06 9:05 ` Laszlo Ersek
2016-07-06 9:07 ` Haozhong Zhang
2016-07-06 9:13 ` Laszlo Ersek
2016-07-06 11:04 ` Laszlo Ersek
2016-07-06 12:18 ` Paolo Bonzini
2016-07-06 15:43 ` Laszlo Ersek
2016-07-07 12:12 ` Paolo Bonzini
2016-07-07 12:44 ` Laszlo Ersek
2016-07-07 13:19 ` [Qemu-devel] " Paolo Bonzini
2016-07-06 13:03 ` [Qemu-devel] [SeaBIOS] " Haozhong Zhang
2016-07-06 15:32 ` Laszlo Ersek [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ef8a47eb-1bd3-5330-6d99-76ce13cd785a@redhat.com \
--to=lersek@redhat.com \
--cc=ashok.raj@intel.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=seabios@seabios.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).