Patchwork [Precise,SRU] Fix nexted load of kvm-intel

login
register
mail settings
Submitter Stefan Bader
Date Aug. 9, 2012, 9:48 a.m.
Message ID <1344505734-16005-1-git-send-email-stefan.bader@canonical.com>
Download mbox | patch
Permalink /patch/176038/
State New
Headers show

Comments

Stefan Bader - Aug. 9, 2012, 9:48 a.m.
Since adding the RDPMC feature in kernels after 3.3, a guest
running a v3.3+ kernel on a host running 3.2 cannot load the
kvm-intel module (Intel CPU obviously). The reason is a check
made on module load time for that feature being present in the
MSRs passed to the guest.
Upstreams reasoning is that no real CPU ever had this flag so
they do not want to change the check in newer kernels (while
kvm-amd is not so tight).

So from the patch that added support for RDPMC based exiting,
only the bit that adds the feature to the nested MSR is taken.

I tested this and could load the module, bring up a nested guest
and also ran "perf test" which on newer versions does a RDPMC
test that fails gracefully enough to seem ok (syscall returns
error).

This was proposed for stable and I just saw the emails being
sent but since it has some impact on Quantal testing I want
to make sure this gets in as soon as possible.

-Stefan

From b79a5f03b4d9a1a56949d6ef38fd4879ff1b8aee Mon Sep 17 00:00:00 2001
From: Stefan Bader <stefan.bader@canonical.com>
Date: Thu, 10 Nov 2011 14:57:25 +0200
Subject: [PATCH] UBUNTU: (pre-stable) KVM: VMX: Set CPU_BASED_RDPMC_EXITING for nested

Based on commit fee84b079d5ddee2247b5c1f53162c330c622902 upstream.

  Intercept RDPMC and forward it to the PMU emulation code.

Newer vmx support will only allow to load the kvm_intel module
if RDPMC_EXITING is supported. Even without the actual support
this part of the change is required on 3.2 hosts.

BugLink: http://bugs.launchpad.net/bugs/1031090
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
---
 arch/x86/kvm/vmx.c |    1 +
 1 file changed, 1 insertion(+)
Andy Whitcroft - Aug. 9, 2012, 11:07 a.m.
On Thu, Aug 09, 2012 at 11:48:54AM +0200, Stefan Bader wrote:
> Since adding the RDPMC feature in kernels after 3.3, a guest
> running a v3.3+ kernel on a host running 3.2 cannot load the
> kvm-intel module (Intel CPU obviously). The reason is a check
> made on module load time for that feature being present in the
> MSRs passed to the guest.
> Upstreams reasoning is that no real CPU ever had this flag so
> they do not want to change the check in newer kernels (while
> kvm-amd is not so tight).

I thought it was that no real CPU didn't have this feature, so they
could rely on its existance.  But anyhow...

> So from the patch that added support for RDPMC based exiting,
> only the bit that adds the feature to the nested MSR is taken.
> 
> I tested this and could load the module, bring up a nested guest
> and also ran "perf test" which on newer versions does a RDPMC
> test that fails gracefully enough to seem ok (syscall returns
> error).
> 
> This was proposed for stable and I just saw the emails being
> sent but since it has some impact on Quantal testing I want
> to make sure this gets in as soon as possible.
> 
> -Stefan
> 
> From b79a5f03b4d9a1a56949d6ef38fd4879ff1b8aee Mon Sep 17 00:00:00 2001
> From: Stefan Bader <stefan.bader@canonical.com>
> Date: Thu, 10 Nov 2011 14:57:25 +0200
> Subject: [PATCH] UBUNTU: (pre-stable) KVM: VMX: Set CPU_BASED_RDPMC_EXITING for nested
> 
> Based on commit fee84b079d5ddee2247b5c1f53162c330c622902 upstream.
> 
>   Intercept RDPMC and forward it to the PMU emulation code.
> 
> Newer vmx support will only allow to load the kvm_intel module
> if RDPMC_EXITING is supported. Even without the actual support
> this part of the change is required on 3.2 hosts.
> 
> BugLink: http://bugs.launchpad.net/bugs/1031090
> Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
> ---
>  arch/x86/kvm/vmx.c |    1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 114fe29..94e6749 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -1957,6 +1957,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
>  #endif
>  		CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
>  		CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
> +		CPU_BASED_RDPMC_EXITING |
>  		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
>  	/*
>  	 * We can allow some features even when not supported by the

Having followed the development of this patch I believe this is the
minimum needed to get nested VMs startable on Intel.  The testing I have
seen looks good.

Acked-by: Andy Whitcroft <apw@canonical.com>

-apw
Stefan Bader - Aug. 9, 2012, 12:15 p.m.
On 09.08.2012 11:48, Stefan Bader wrote:
> Since adding the RDPMC feature in kernels after 3.3, a guest
> running a v3.3+ kernel on a host running 3.2 cannot load the
> kvm-intel module (Intel CPU obviously). The reason is a check
> made on module load time for that feature being present in the
> MSRs passed to the guest.
> Upstreams reasoning is that no real CPU ever had this flag so
> they do not want to change the check in newer kernels (while
> kvm-amd is not so tight).

Of course the reason was that every real CPU *has* the feature (at least the one
doing virt). Lost in negations. Doh!
> 
> So from the patch that added support for RDPMC based exiting,
> only the bit that adds the feature to the nested MSR is taken.
> 
> I tested this and could load the module, bring up a nested guest
> and also ran "perf test" which on newer versions does a RDPMC
> test that fails gracefully enough to seem ok (syscall returns
> error).
> 
> This was proposed for stable and I just saw the emails being
> sent but since it has some impact on Quantal testing I want
> to make sure this gets in as soon as possible.
> 
> -Stefan
> 
> From b79a5f03b4d9a1a56949d6ef38fd4879ff1b8aee Mon Sep 17 00:00:00 2001
> From: Stefan Bader <stefan.bader@canonical.com>
> Date: Thu, 10 Nov 2011 14:57:25 +0200
> Subject: [PATCH] UBUNTU: (pre-stable) KVM: VMX: Set CPU_BASED_RDPMC_EXITING for nested
> 
> Based on commit fee84b079d5ddee2247b5c1f53162c330c622902 upstream.
> 
>   Intercept RDPMC and forward it to the PMU emulation code.
> 
> Newer vmx support will only allow to load the kvm_intel module
> if RDPMC_EXITING is supported. Even without the actual support
> this part of the change is required on 3.2 hosts.
> 
> BugLink: http://bugs.launchpad.net/bugs/1031090
> Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
> ---
>  arch/x86/kvm/vmx.c |    1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 114fe29..94e6749 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -1957,6 +1957,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
>  #endif
>  		CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
>  		CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
> +		CPU_BASED_RDPMC_EXITING |
>  		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
>  	/*
>  	 * We can allow some features even when not supported by the
>
Herton Ronaldo Krzesinski - Aug. 9, 2012, 1:58 p.m.

Herton Ronaldo Krzesinski - Aug. 13, 2012, 1:47 p.m.

Patch

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 114fe29..94e6749 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1957,6 +1957,7 @@  static __init void nested_vmx_setup_ctls_msrs(void)
 #endif
 		CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING |
 		CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_EXITING |
+		CPU_BASED_RDPMC_EXITING |
 		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
 	/*
 	 * We can allow some features even when not supported by the