From patchwork Tue Mar 21 04:18:53 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Wanpeng Li X-Patchwork-Id: 9635983 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 8317A6020B for ; Tue, 21 Mar 2017 04:21:33 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 73703271CB for ; Tue, 21 Mar 2017 04:21:33 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 677A72793B; Tue, 21 Mar 2017 04:21:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F3149271CB for ; Tue, 21 Mar 2017 04:21:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752036AbdCUEVc (ORCPT ); Tue, 21 Mar 2017 00:21:32 -0400 Received: from mail-pg0-f67.google.com ([74.125.83.67]:33921 "EHLO mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751212AbdCUEVa (ORCPT ); Tue, 21 Mar 2017 00:21:30 -0400 Received: by mail-pg0-f67.google.com with SMTP id b5so23273723pgg.1; Mon, 20 Mar 2017 21:19:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=XwHJf7vCMMqVjHsfRe+Tt7rU5eCZnCVKonIUzfxvBD4=; b=qX8QZiliUlL/i+vTfO4p9uALKTCWh/HTcJvYdqBKWLfoiGEBas1m9tdiyVqN/c/Bxm 6o1AvsuGHmehWjCJ8l+e7poOOCXzxCbT/fRa5399N+5ZiQ2vJYPAaqma+pJQl4AjgIi0 Ddffdq45EHZQQQHMvVjiCC+u1Orct+aZjRZGiukDEL4H1rj4cFLYMagtIuglbddSowEc N7QEjPvOQrYbO0qdblQVBRpkQs7jfFXP1AfGCEZOOWOUQe9dn4Mso8uux7+cld1m2zkb ARd9evDa7V3TJniHQYhkTXPm8ZYJTgWrCqYvg6XjBJZfrk1T+nReCa02BF6h1+C3cPpZ Q0ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=XwHJf7vCMMqVjHsfRe+Tt7rU5eCZnCVKonIUzfxvBD4=; b=fjpwRCF+QPKeCkOyLPUB2PWbbsDe2b1KWMeL2RuxRQeieX0HKGXmT7me3S4qK6ASSk 3Y0VjBa1kw7x390DE8BtVyMn2f4pKuHPC4QuVc7VqUreWIu2ylgNBEBZr7WIx854NexW 13+jy4UVx8rnV+By+iL8ozZJishgm61lj7g3mV470n+jdRN1tbKVv07o9RmsPSLzE7QZ N4vWyUq2C8IYI4mKx+MjpL9RZuyzAixSXKLafOxCJE/jTeeXP5O1KbKzHD2o1Imzg114 n4zb1ibkIRRh3Tun3277YosuOqZ7uX7e6qBjtjSDslZfEYZ693Z1DMfUAirI3p2P6Cfi Nq8A== X-Gm-Message-State: AFeK/H35AxEJglaZ0uws52zIcTnHhud8lh+FrLEewQ7LIfx9xV9hJs26kWs38CLJYvfnRQ== X-Received: by 10.84.178.1 with SMTP id y1mr44368241plb.60.1490069945428; Mon, 20 Mar 2017 21:19:05 -0700 (PDT) Received: from localhost ([203.205.141.123]) by smtp.gmail.com with ESMTPSA id h9sm35947321pfd.103.2017.03.20.21.19.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Mar 2017 21:19:04 -0700 (PDT) From: Wanpeng Li X-Google-Original-From: Wanpeng Li To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Wanpeng Li Subject: [PATCH v2 1/3] KVM: nVMX: Fix nested VPID vmx exec control Date: Mon, 20 Mar 2017 21:18:53 -0700 Message-Id: <1490069935-6232-1-git-send-email-wanpeng.li@hotmail.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Wanpeng Li This can be reproduced by running kvm-unit-tests/vmx.flat on L0 w/ vpid disabled. Test suite: VPID Unhandled exception 6 #UD at ip 00000000004051a6 error_code=0000 rflags=00010047 cs=00000008 rax=0000000000000000 rcx=0000000000000001 rdx=0000000000000047 rbx=0000000000402f79 rbp=0000000000456240 rsi=0000000000000001 rdi=0000000000000000 r8=000000000000000a r9=00000000000003f8 r10=0000000080010011 r11=0000000000000000 r12=0000000000000003 r13=0000000000000708 r14=0000000000000000 r15=0000000000000000 cr0=0000000080010031 cr2=0000000000000000 cr3=0000000007fff000 cr4=0000000000002020 cr8=0000000000000000 STACK: @4051a6 40523e 400f7f 402059 40028f We should hide and forbid VPID in L1 if it is disabled on L0. However, nested VPID enable bit is set unconditionally during setup nested vmx exec controls though VPID is not exposed through nested VMX capablity. This patch fixes it by don't set nested VPID enable bit if it is disabled on L0. Cc: Paolo Bonzini Cc: Radim Krčmář Fixes: 5c614b3583e (KVM: nVMX: nested VPID emulation) Signed-off-by: Wanpeng Li --- arch/x86/kvm/vmx.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 98e82ee..8795a70 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -2753,7 +2753,6 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx) SECONDARY_EXEC_RDTSCP | SECONDARY_EXEC_DESC | SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | - SECONDARY_EXEC_ENABLE_VPID | SECONDARY_EXEC_APIC_REGISTER_VIRT | SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | SECONDARY_EXEC_WBINVD_EXITING | @@ -2781,10 +2780,12 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx) * though it is treated as global context. The alternative is * not failing the single-context invvpid, and it is worse. */ - if (enable_vpid) + if (enable_vpid) { + vmx->nested.nested_vmx_secondary_ctls_high |= + SECONDARY_EXEC_ENABLE_VPID; vmx->nested.nested_vmx_vpid_caps = VMX_VPID_INVVPID_BIT | VMX_VPID_EXTENT_SUPPORTED_MASK; - else + } else vmx->nested.nested_vmx_vpid_caps = 0; if (enable_unrestricted_guest)