From: David Edmondson <david.edmondson@oracle.com>
To: "Leonardo Brás" <leobras@redhat.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [PATCH v1 1/1] target/i386: Mask xstate_bv based on the cpu enabled features
Date: Wed, 02 Feb 2022 15:46:14 +0000 [thread overview]
Message-ID: <cun1r0lqnjt.fsf@oracle.com> (raw)
In-Reply-To: <7ae12835b7423d473ee5e6fd47254b078654e251.camel@redhat.com> ("Leonardo =?utf-8?Q?Br=C3=A1s=22's?= message of "Tue, 01 Feb 2022 16:09:57 -0300")
On Tuesday, 2022-02-01 at 16:09:57 -03, Leonardo Brás wrote:
> Hello David, thanks for this feedback!
>
> On Mon, 2022-01-31 at 12:53 +0000, David Edmondson wrote:
>> On Saturday, 2022-01-29 at 06:46:45 -03, Leonardo Bras wrote:
>>
>> > The following steps describe a migration bug:
>> > 1 - Bring up a VM with -cpu EPYC on a host with EPYC-Milan cpu
>> > 2 - Migrate to a host with EPYC-Naples cpu
>> >
>> > The guest kernel crashes shortly after the migration.
>> >
>> > The crash happens due to a fault caused by XRSTOR:
>> > A set bit in XSTATE_BV is not set in XCR0.
>> > The faulting bit is FEATURE_PKRU (enabled in Milan, but not in
>> > Naples)
>>
>> I'm trying to understand how this happens.
>>
>> If we boot on EPYC-Milan with "-cpu EPYC", the PKRU feature should
>> not
>> be exposed to the VM (it is not available in the EPYC CPU).
>>
>> Given this, how would bit 0x200 (representing PKRU) end up set in
>> xstate_bv?
>
> During my debug, I noticed this bit gets set before the kernel even
> starts.
>
> It's possible Seabios and/or IPXE are somehow setting 0x200 using the
> xrstor command. I am not sure if qemu is able to stop this in KVM mode.
I don't believe that this should be possible.
If the CPU is set to EPYC in QEMU then .features[FEAT_7_0_ECX] does not
include CPUID_7_0_ECX_PKU, which in turn means that when
x86_cpu_enable_xsave_components() generates FEAT_XSAVE_COMP_LO it should
not set XSTATE_PKRU_BIT.
Given that, KVM's vcpu->arch.guest_supported_xcr0 will not include
XSTATE_PKRU_BIT, and __kvm_set_xcr() should not allow that bit to be
set when it intercepts the guest xsetbv instruction.
dme.
--
Please forgive me if I act a little strange, for I know not what I do.
next prev parent reply other threads:[~2022-02-02 16:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-29 9:46 [PATCH v1 1/1] target/i386: Mask xstate_bv based on the cpu enabled features Leonardo Bras
2022-01-31 12:53 ` David Edmondson
2022-02-01 8:29 ` Igor Mammedov
2022-02-01 19:17 ` Leonardo Brás
2022-02-01 19:09 ` Leonardo Brás
2022-02-02 15:46 ` David Edmondson [this message]
2022-02-05 8:22 ` Leonardo Bras Soares Passos
2022-02-01 18:31 ` Leonardo Bras Soares Passos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cun1r0lqnjt.fsf@oracle.com \
--to=david.edmondson@oracle.com \
--cc=leobras@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.