From: Mohit Gambhir <mohit.gambhir@oracle.com>
To: kevin.tian@intel.com, jun.nakajima@intel.com, xen-devel@lists.xen.org
Cc: Mohit Gambhir <mohit.gambhir@oracle.com>,
boris.ostrovsky@oracle.com, mgambhir@outlook.com,
JBeulich@suse.com
Subject: [PATCH v3] x86/vpmu_intel: Fix hypervisor crash by masking PC bit in MSR_P6_EVNTSEL
Date: Thu, 4 May 2017 17:30:17 -0400 [thread overview]
Message-ID: <20170504213017.5433-1-mohit.gambhir@oracle.com> (raw)
Setting Pin Control (PC) bit (19) in MSR_P6_EVNTSEL results in a General
Protection Fault and thus results in a hypervisor crash. This behavior has
been observed on two generations of Intel processors namely, Haswell and
Broadwell. Other Intel processor generations were not tested. However, it
does seem to be a possible erratum that hasn't yet been confirmed by Intel.
To fix the problem this patch masks PC bit and returns an error in
case any guest tries to write to it on any Intel processor. In addition
to the fact that setting this bit crashes the hypervisor on Haswell and
Broadwell, the PC flag bit toggles a hardware pin on the physical CPU
every time the programmed event occurs and the hardware behavior in
response to the toggle is undefined in the SDM, which makes this bit
unsafe to be used by guests and hence should be masked on all machines.
Signed-off-by: Mohit Gambhir <mohit.gambhir@oracle.com>
---
xen/arch/x86/cpu/vpmu_intel.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/cpu/vpmu_intel.c b/xen/arch/x86/cpu/vpmu_intel.c
index 3f0322c..6d768cb 100644
--- a/xen/arch/x86/cpu/vpmu_intel.c
+++ b/xen/arch/x86/cpu/vpmu_intel.c
@@ -76,12 +76,13 @@ static bool_t __read_mostly full_width_write;
#define FIXED_CTR_CTRL_ANYTHREAD_MASK 0x4
#define ARCH_CNTR_ENABLED (1ULL << 22)
+#define ARCH_CNTR_PIN_CONTROL (1ULL << 19)
/* Number of general-purpose and fixed performance counters */
static unsigned int __read_mostly arch_pmc_cnt, fixed_pmc_cnt;
/* Masks used for testing whether and MSR is valid */
-#define ARCH_CTRL_MASK (~((1ull << 32) - 1) | (1ull << 21))
+#define ARCH_CTRL_MASK (~((1ull << 32) - 1) | (1ull << 21) | ARCH_CNTR_PIN_CONTROL)
static uint64_t __read_mostly fixed_ctrl_mask, fixed_counters_mask;
static uint64_t __read_mostly global_ovf_ctrl_mask, global_ctrl_mask;
--
2.9.3
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next reply other threads:[~2017-05-04 21:30 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-04 21:30 Mohit Gambhir [this message]
2017-05-05 10:16 ` [PATCH v3] x86/vpmu_intel: Fix hypervisor crash by masking PC bit in MSR_P6_EVNTSEL Jan Beulich
2017-05-07 22:58 ` Tian, Kevin
2017-05-08 10:30 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170504213017.5433-1-mohit.gambhir@oracle.com \
--to=mohit.gambhir@oracle.com \
--cc=JBeulich@suse.com \
--cc=boris.ostrovsky@oracle.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=mgambhir@outlook.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).