[Resending as plain text]
On Mon, Feb 5, 2018 at 10:21 AM Jim Mattson wrote:
> This is incorrect. In the event of an early VM-entry failure (e.g. a
> VM-entry failure for "VM entry with invalid control field(s)"), no host
> state should be loaded from the VMCS12. Of cou
Perhaps this is a good time to address the long-standing issues with kvm's
treatment of the "APIC-access address" in the VMCS. This address is simply
a token that the hypervisor puts into the PFN of a 4K EPTE (or PTE if using
shadow paging) that triggers APIC virtualization whenever a page walk
ter
On Fri, Feb 16, 2018 at 6:18 AM, Paolo Bonzini wrote:
> Uhm, taking contents from the hardware is wrong (guess why---live
> migration). I'll send a revert of those two lines.
Hardware seems like a reasonable place to get the default value (cf.
the VMX capability MSRs). Should these two lines ju
On Sun, Feb 11, 2018 at 3:56 AM, Wanpeng Li wrote:
> Writes 0 to cr3 can't be detected during vmentry checks by hardware.
I never suggested otherwise. I was just trying to explain why you
can't assume that the host CR3 field in the VMCS matches the host CR3
at the time of VMLAUNCH.
KVM is set u
Reviewed-by: Jim Mattson
On Mon, Jan 1, 2018 at 2:58 PM, Paolo Bonzini wrote:
> The POSTED_INTR_NV field is constant (though it differs between the vmcs01 and
> vmcs02), there is no need to reload it on vmexit to L1.
>
> Signed-off-by: Paolo Bonzini
> ---
> arch/x86/kvm/
On Mon, Feb 5, 2018 at 10:49 AM KarimAllah Ahmed wrote:
> @@ -7410,19 +7410,17 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
> return kvm_skip_emulated_instruction(vcpu);
> }
> - page = kvm_vcpu_gpa_to_page(vcpu, vmptr);
> - if (is_error_page(page)) {
>
On Mon, Feb 5, 2018 at 10:48 AM KarimAllah Ahmed wrote:
> @@ -5264,9 +5264,8 @@ static void
vmx_complete_nested_posted_interrupt(struct kvm_vcpu *vcpu)
> max_irr = find_last_bit((unsigned long
*)vmx->nested.pi_desc->pir, 256);
> if (max_irr != 256) {
> - vapic_pag
On Mon, Feb 5, 2018 at 4:57 PM, Wanpeng Li wrote:
> This is effective one, what I restore in this patch is
> achitectural/guest visible.
This patch doesn't "restore" the guest visible CR4 to its value at the
time of VMLAUNCH/VMRESUME. It loads a new CR4 value from the vmcs12.
That behavior is in
is no VM-exit from L2 to L1, and these fields are not loaded. Instead,
execution just falls through to the next instruction with VMFailValid
semantics.
On Wed, Feb 7, 2018 at 12:31 AM, Wanpeng Li wrote:
> 2018-02-07 0:58 GMT+08:00 Jim Mattson :
>> On Mon, Feb 5, 2018 at 4:57 PM, Wanpen
Reviewed-by: Jim Mattson
On Wed, Dec 20, 2017 at 4:05 AM, Paolo Bonzini wrote:
> Remove duplicate expression in nested_vmx_prepare_msr_bitmap, and make
> the register names clearer in hardware_setup.
>
> Suggested-by: Jim Mattson
> Signed-off-by: Paolo Bonzini
> ---
> ar
Reviewed-by: Jim Mattson
On Wed, Dec 20, 2017 at 4:05 AM, Paolo Bonzini wrote:
> The bulk of the MSR bitmap is either immutable, or can be copied from
> the L1 bitmap. By initializing it at VMXON time, and copying the mutable
> parts one long at a time on vmentry (rather than one bi
This doesn't look right to me. Without APIC-register virtualization,
the only X2APIC MSR intercept that should be disabled is TPR.
On Wed, Dec 20, 2017 at 4:05 AM, Paolo Bonzini wrote:
> The APICv-enabled MSR bitmap is a superset of the APICv-disabled bitmap.
> Make that obvious in vmx_disable_in
Reviewed-by: Jim Mattson
On Thu, Dec 21, 2017 at 3:51 AM, Paolo Bonzini wrote:
> The APICv-enabled MSR bitmap passes through all MSRs in the
> APICv-disabled bitmap (and then some). Make that obvious in
> vmx_disable_intercept_msr_x2apic.
>
> Signed-off-by: Paolo Bonzini
>
Reviewed-by: Jim Mattson
On Thu, Dec 21, 2017 at 4:43 AM, Paolo Bonzini wrote:
> Prepare for multiple inclusions of the list.
>
> Signed-off-by: Paolo Bonzini
> ---
> arch/x86/kvm/vmx.c | 64 +++-
> arch/x86/kvm/vmx_sh
Reviewed-by: Jim Mattson
On Thu, Dec 21, 2017 at 4:43 AM, Paolo Bonzini wrote:
> VMCS12 fields that are not handled through shadow VMCS are rarely
> written, and thus they are also almost constant in the vmcs02. We can
> thus optimize prepare_vmcs02 by skipping all the work for non
That seems like a convoluted path to produce an illegal RFLAGS value.
What's to prevent syzkaller from simply clearing bit 1 of RFLAGS with
the KVM_SET_REGS ioctl?
On Mon, Nov 20, 2017 at 4:34 PM, Wanpeng Li wrote:
> 2017-11-21 7:09 GMT+08:00 Paolo Bonzini :
>> On 20/11/2017 23:52, Wanpeng Li wro
Sorry; I didn't mean to derail this patch thread. Setting bit 1 of
RFLAGS on CPU reset is clearly correct.
I was just noting that if syzkaller is complaining about illegal
RFLAGS, it's trivial for userspace to set RFLAGS to an illegal value.
User space can set all kinds of illegal RFLAGS state...b
Yikes! This breaks migration to/from older versions of kvm. Will you
be submitting another change to handle dynamic conversion between
formats?
On Mon, Dec 18, 2017 at 9:17 AM, Vitaly Kuznetsov wrote:
> From: Ladi Prosek
>
> Reorders existing fields and adds fields specific to Hyper-V. The layou
es
to KVM_CAP_HYPERV_ENLIGHTENED_VMCS if you like, but kvm must be able
to continue to service VMs using the previous layout and revision
number in perpetuity.
On Mon, Dec 18, 2017 at 12:23 PM, Jim Mattson wrote:
> Yikes! This breaks migration to/from older versions of kvm. Will you
> be submitting anothe
On Tue, Dec 19, 2017 at 4:37 AM, Paolo Bonzini wrote:
> On 19/12/2017 13:25, Vitaly Kuznetsov wrote:
>>
>>> At this point in time, I don't think you can just blithely change the
>>> virtual VMCS layout and revision number. Existing VMs using the old
>>> layout and revision number must continue to
:
> Jim Mattson writes:
>
>> At this point in time, I don't think you can just blithely change the
>> virtual VMCS layout and revision number. Existing VMs using the old
>> layout and revision number must continue to work on versions of kvm
>> past this point. Yo
k cycles (30%) can be saved on a nested VMLAUNCH/VMRESUME.
>
> The resulting for loop only has four iterations, so it is cheap enough
> to reinitialize the MSR write bitmaps on every iteration, and it makes
> the code simpler.
Thanks so much for doing this!
> Suggested-by: Jim Matt
Reviewed-by: Jim Mattson
On Wed, Dec 13, 2017 at 4:51 AM, Paolo Bonzini wrote:
> xsetbv can be expensive when running on nested virtualization, try to
> avoid it.
>
> Signed-off-by: Paolo Bonzini
> ---
> arch/x86/kvm/x86.c | 3 ++-
> 1 file changed, 2 insertions(+), 1
I'm not convinced that this plugs all of the mmio_needed/pio.count
leaks, but it's a start. Syzkaller will eventually let us know about
the others.
On Thu, Aug 10, 2017 at 7:23 AM, Paolo Bonzini wrote:
> On 10/08/2017 16:09, Dmitry Vyukov wrote:
>> On Thu, Aug 10, 2017 at 3:44 PM, Paolo Bonzini
Looks okay to me, but I'm hoping Peter will chime in.
Reviewed-by: Jim Mattson
On Thu, Aug 24, 2017 at 8:56 AM, Paolo Bonzini wrote:
> update_permission_bitmask currently does a 128-iteration loop to,
> essentially, compute a constant array. Computing the 8 bits in parallel
> re
On Wed, Aug 23, 2017 at 1:43 PM, Paolo Bonzini wrote:
> Setting the VMCS12 to launched and clearing the vm_entry_intr_info_field
> was done as part of L0->L1 exit in prepare_vmcs12. In order to simplify
> prepare_vmcs12, move this to enter_vmx_non_root_mode since at this point
> we've already com
On Thu, Aug 24, 2017 at 6:37 AM, Paolo Bonzini wrote:
> Currently, secondary execution controls are divided in three groups:
>
> - static, depending mostly on the module arguments or the processor
> (vmx_secondary_exec_control)
>
> - static, depending on CPUID (vmx_cpuid_update)
There should al
On Thu, Aug 24, 2017 at 6:37 AM, Paolo Bonzini wrote:
> A guest may not be configured to support XSAVES/XRSTORS, even when the host
> does. If the guest does not support XSAVES/XRSTORS, clear the secondary
> execution control so that the processor will raise #UD.
>
> Also clear the "allowed-1" bit
On 24/08/2017 16:47, Jim Mattson wrote:
>>> Currently, secondary execution controls are divided in three groups:
>>>
>>> - static, depending mostly on the module arguments or the processor
>>> (vmx_secondary_exec_control)
>>>
>>> - static,
SSE2 without SSE, or XSAVES
without XSAVE, or RDTSCP without TSC, or DS-CPL without DS, or ...?
On Thu, Aug 24, 2017 at 8:46 AM, Paolo Bonzini wrote:
> On 24/08/2017 17:41, Jim Mattson wrote:
>> Userspace can establish the value of the virtualized
>> IA32_VMX_PROCBASED_CTLS2 MSR via th
Reviewed-by: Jim Mattson
On Thu, Aug 24, 2017 at 9:09 AM, Paolo Bonzini wrote:
> A guest may not be configured to support XSAVES/XRSTORS, even when the host
> does. If the guest does not support XSAVES/XRSTORS, clear the secondary
> execution control so that the processor will
On Thu, Aug 24, 2017 at 5:27 AM, Yu Zhang wrote:
> Currently, KVM uses CR3_L_MODE_RESERVED_BITS to check the
> reserved bits in CR3. Yet the length of reserved bits in
> guest CR3 should be based on the physical address width
> exposed to the VM. This patch changes CR3 check logic to
> calculate t
kvm_cpuid ultimately wants to write all four of the GPRs passed in by
reference. I don't see any advantage to allowing some of these
pointers to be NULL.
Reviewed-by: Jim Mattson
On Mon, Sep 18, 2017 at 5:19 AM, David Hildenbrand wrote:
> On 18.09.2017 12:45, Yu Zhang wrote:
&g
Reviewed-by: Jim Mattson
On Mon, Oct 9, 2017 at 3:51 PM, Wanpeng Li wrote:
> From: Wanpeng Li
>
> SDM mentioned:
>
> "If either the “unrestricted guest” VM-execution control or the “mode-based
> execute control for EPT” VM- execution control is 1, the “enable EPT”
&
I'll ask before Paolo does: Can you please add kvm-unit-tests to
exercise all of this new code?
BTW, what generation of hardware do we need to exercise this code ourselves?
On Fri, Oct 13, 2017 at 4:11 PM, Zhang Yi wrote:
> From: Zhang Yi Z
>
> Hi All,
>
> Here is a patch-series which adding EP
If it were me, I'd apply De Morgan to that expression, but the logic looks fine.
Reviewed-by: Jim Mattson
On Sat, Oct 7, 2017 at 7:35 PM, Wanpeng Li wrote:
> From: Wanpeng Li
>
> SDM mentioned:
>
> "If either the “unrestricted guest” VM-execution control or th
Reviewed-by: Jim Mattson
On Sat, Oct 7, 2017 at 7:35 PM, Wanpeng Li wrote:
> From: Wanpeng Li
>
> SDM section 2.6 mentioned:
>
> After reset, all bits (except bit 0) in XCR0 are cleared to zero; XCR0[0] is
> set to 1.
>
> This patch sets XCRO to the 0x1 after vCPU rese
> parameter
> and exec control fields will be amended.
>
> This patch fixes it by amending module parameter immediately during vmcs data
> setup.
>
> Reviewed-by: Jim Mattson
> Cc: Paolo Bonzini
> Cc: Radim Krčmář
> Cc: Jim Mattson
> Signed-off-by: Wanpeng Li
>
On Sat, Aug 12, 2017 at 6:35 AM, Yu Zhang wrote:
> Currently, KVM uses CR3_L_MODE_RESERVED_BITS to check the
> reserved bits in CR3. Yet the length of reserved bits in
> guest CR3 should be based on the physical address width
> exposed to the VM. This patch changes CR3 check logic to
> calculate t
.rflags = 0,
>> };
>> ioctl(r[4], KVM_SET_REGS, ®s);
>> ioctl(r[4], KVM_RUN, 0);
>> }
>>
>> X86 RFLAGS bit 1 is fixed set, userspace can simply clearing bit 1
>> of RFLAGS with KVM_SET_REGS ioctl which results in vmentry fai
Try disabling the module parameter, "unrestricted_guest." Make sure
that the module parameter, "emulate_invalid_guest_state" is enabled.
This combination allows userspace to feed invalid guest state into the
in-kernel emulator.
On Thu, Dec 7, 2017 at 2:40 AM, Wanpeng Li wrote:
> 2017-12-07 15:52
since vmcs12 is not modified (except for the VM-instruction error field)
>> if the checking of vmcs control area fails. However, the mmu context is
>> switched to nested mmu in prepare_vmcs02() and it will not be reloaded
>> since load_vmcs1
Will do.
On Thu, Nov 9, 2017 at 2:40 AM, Paolo Bonzini wrote:
> On 09/11/2017 01:37, Wanpeng Li wrote:
>> 2017-11-09 5:47 GMT+08:00 Jim Mattson :
>>> I realize now that there are actually many other problems with
>>> deferring some control field checks to the hard
Thanks for doing this!
Reviewed-by: Jim Mattson
On Wed, Nov 29, 2017 at 1:31 AM, Wanpeng Li wrote:
> From: Wanpeng Li
>
> MSR_IA32_DEBUGCTLMSR is zeroed on VMEXIT, so it is saved/restored
> each time during world switch. Jim from Google pointed out that
> when running
An alternative is to give the L1 guest read permission for this MSR in
the MSR permission bitmaps. It's still going to be ~80 cycles, but
that's better than the cost of a VM-exit/VM-entry round-trip.
On Wed, Nov 29, 2017 at 10:20 AM, Andi Kleen wrote:
> Wanpeng Li writes:
>
>> From: Wanpeng Li
permission bitmaps.
>
> Signed-off-by: Jim Mattson
> Signed-off-by: Radim Krčmář
> Signed-off-by: Quan Xu
> ---
> arch/x86/kvm/vmx.c | 17 +
> 1 files changed, 1 insertions(+), 16 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>
access them.
On Sun, Dec 10, 2017 at 9:37 PM, Quan Xu wrote:
>
>
> On 2017/12/09 01:31, Jim Mattson wrote:
>>
>> On Fri, Dec 8, 2017 at 2:22 AM, Quan Xu wrote:
>>>
>>> From: Quan Xu
>>>
>>> Since KVM removes the only I/O port 0x80 bypa
The following commit has been merged into the perf/core branch of tip:
Commit-ID: b3c3361fe325074d4144c29d46daae4fc5a268d5
Gitweb:
https://git.kernel.org/tip/b3c3361fe325074d4144c29d46daae4fc5a268d5
Author:Jim Mattson
AuthorDate:Fri, 05 Feb 2021 11:13:24 -08:00
Committer
401 - 448 of 448 matches
Mail list logo
