On 25/10/19 11:03, speck for Joerg Roedel wrote: > On Fri, Oct 25, 2019 at 10:48:04AM +0200, speck for Paolo Bonzini wrote: >> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c >> index e7970a2e8eae..1f923dee99e5 100644 >> --- a/arch/x86/kvm/vmx/vmx.c >> +++ b/arch/x86/kvm/vmx/vmx.c >> @@ -992,6 +992,9 @@ static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset) >> ignore_bits &= ~(u64)EFER_SCE; >> #endif >> >> + guest_efer &= ~ignore_bits; >> + guest_efer |= host_efer & ignore_bits; >> + >> /* >> * On EPT, we can't emulate NX, so we must switch EFER atomically. >> * On CPUs that support "load IA32_EFER", always switch EFER >> @@ -1010,9 +1013,6 @@ static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset) >> } else { >> clear_atomic_switch_msr(vmx, MSR_EFER); >> >> - guest_efer &= ~ignore_bits; >> - guest_efer |= host_efer & ignore_bits; >> - >> vmx->guest_msrs[efer_offset].data = guest_efer; >> vmx->guest_msrs[efer_offset].mask = ~ignore_bits; >> >> >> > > This works on my machine with ept=0 but breaks with ept=1: > > KVM: entry failed, hardware error 0x80000021 Even simpler: diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index e7970a2e8eae..8979d5e7b6f5 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -969,17 +969,9 @@ static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset) u64 guest_efer = vmx->vcpu.arch.efer; u64 ignore_bits = 0; - if (!enable_ept) { - /* - * NX is needed to handle CR0.WP=1, CR4.SMEP=1. Testing - * host CPUID is more efficient than testing guest CPUID - * or CR4. Host SMEP is anyway a requirement for guest SMEP. - */ - if (boot_cpu_has(X86_FEATURE_SMEP)) - guest_efer |= EFER_NX; - else if (!(guest_efer & EFER_NX)) - ignore_bits |= EFER_NX; - } + /* Shadow paging assumes the NX bit to be available. */ + if (!enable_ept) + guest_efer |= EFER_NX; /* * LMA and LME handled by hardware; SCE meaningless outside long mode. This also shows why I couldn't reproduce it, my machine has SMEP and thus always runs the guest with EFER.NXE=1. Paolo