KVM Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH RFC 0/3] x86/kvm/hyper-v: fix enlightened VMCS & QEMU4.2
@ 2020-01-15 17:10 Vitaly Kuznetsov
  2020-01-15 17:10 ` [PATCH RFC 1/3] x86/kvm/hyper-v: remove stale evmcs_already_enabled check from nested_enable_evmcs() Vitaly Kuznetsov
                   ` (2 more replies)
  0 siblings, 3 replies; 34+ messages in thread
From: Vitaly Kuznetsov @ 2020-01-15 17:10 UTC (permalink / raw)
  To: kvm
  Cc: Paolo Bonzini, Sean Christopherson, Jim Mattson, linux-kernel,
	Liran Alon, Roman Kagan

With fine grained VMX feature enablement QEMU>=4.2 tries to do KVM_SET_MSRS
with default (matching CPU model) values and in case eVMCS is also enabled,
fails. While the regression is in QEMU, it may still be preferable to
fix this in KVM.

It would be great if we could just omit the VMX feature filtering in KVM
and make this guest's responsibility: if it switches to using enlightened
vmcs it should be aware that not all hardware features are going to be
supported. Genuine Hyper-V, however, fails the test. In particular, it
enables SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES and without
'apic_access_addr' field in eVMCS there's not much we can do in KVM.

The suggested approach in this patch series is: move VMX feature
filtering to vmx_get_msr() so only guest doesn't see them when eVMCS
is enabled (PATCH2) and add a check that it doesn't enable them
(PATCH3).

I can't say that I'm a great fan of this workaround myself, thus RFC.

My initial RFC sent to qemu-devel@:
https://lists.nongnu.org/archive/html/qemu-devel/2020-01/msg00123.html

Vitaly Kuznetsov (3):
  x86/kvm/hyper-v: remove stale evmcs_already_enabled check from
    nested_enable_evmcs()
  x86/kvm/hyper-v: move VMX controls sanitization out of
    nested_enable_evmcs()
  x86/kvm/hyper-v: don't allow to turn on unsupported VMX controls for
    nested guests

 arch/x86/kvm/vmx/evmcs.c  | 99 ++++++++++++++++++++++++++++++++++-----
 arch/x86/kvm/vmx/evmcs.h  |  2 +
 arch/x86/kvm/vmx/nested.c |  3 ++
 arch/x86/kvm/vmx/vmx.c    | 10 +++-
 4 files changed, 100 insertions(+), 14 deletions(-)

-- 
2.24.1


^ permalink raw reply	[flat|nested] 34+ messages in thread

end of thread, back to index

Thread overview: 34+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-15 17:10 [PATCH RFC 0/3] x86/kvm/hyper-v: fix enlightened VMCS & QEMU4.2 Vitaly Kuznetsov
2020-01-15 17:10 ` [PATCH RFC 1/3] x86/kvm/hyper-v: remove stale evmcs_already_enabled check from nested_enable_evmcs() Vitaly Kuznetsov
2020-01-15 22:50   ` Liran Alon
2020-01-15 17:10 ` [PATCH RFC 2/3] x86/kvm/hyper-v: move VMX controls sanitization out of nested_enable_evmcs() Vitaly Kuznetsov
2020-01-15 22:49   ` Liran Alon
2020-01-16  8:37     ` Vitaly Kuznetsov
2020-02-03 15:11       ` Vitaly Kuznetsov
2020-01-15 23:27   ` Sean Christopherson
2020-01-15 23:30     ` Liran Alon
2020-01-16  8:51       ` Vitaly Kuznetsov
2020-01-16 16:19         ` Sean Christopherson
2020-01-16 16:57           ` Vitaly Kuznetsov
2020-01-17  6:31             ` Sean Christopherson
2020-01-18 21:42           ` Paolo Bonzini
2020-01-19  8:54   ` Paolo Bonzini
2020-01-22  5:47     ` Sean Christopherson
2020-01-22  9:37       ` Vitaly Kuznetsov
2020-01-22 14:33       ` Paolo Bonzini
2020-01-22 15:08         ` Vitaly Kuznetsov
2020-01-22 15:51           ` Sean Christopherson
2020-01-22 16:29             ` Vitaly Kuznetsov
2020-01-22 16:40               ` Paolo Bonzini
2020-01-23  9:15                 ` Vitaly Kuznetsov
2020-01-23 19:09                   ` Vitaly Kuznetsov
2020-01-24 17:25                     ` Sean Christopherson
2020-01-27 15:38                       ` Vitaly Kuznetsov
2020-01-27 17:53                         ` Paolo Bonzini
2020-01-27 21:52                           ` Vitaly Kuznetsov
2020-01-27 18:17                         ` Sean Christopherson
2020-01-15 17:10 ` [PATCH RFC 3/3] x86/kvm/hyper-v: don't allow to turn on unsupported VMX controls for nested guests Vitaly Kuznetsov
2020-01-15 22:59   ` Liran Alon
2020-01-16  8:55     ` Vitaly Kuznetsov
2020-01-16 16:21       ` Sean Christopherson
2020-01-19  8:57         ` Paolo Bonzini

KVM Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/kvm/0 kvm/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 kvm kvm/ https://lore.kernel.org/kvm \
		kvm@vger.kernel.org
	public-inbox-index kvm

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.kvm


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git