cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone

Blame SOURCES/kvm-i386-Mask-SVM-features-if-nested-SVM-is-disabled.patch

be904d
From d3b9c1891a6d05308dd5ea119d2c32c8f98a25da Mon Sep 17 00:00:00 2001
be904d
From: Eduardo Habkost <ehabkost@redhat.com>
be904d
Date: Tue, 30 Jun 2020 23:40:15 -0400
be904d
Subject: [PATCH 1/4] i386: Mask SVM features if nested SVM is disabled
be904d
be904d
RH-Author: Eduardo Habkost <ehabkost@redhat.com>
be904d
Message-id: <20200630234015.166253-2-ehabkost@redhat.com>
be904d
Patchwork-id: 97852
be904d
O-Subject: [RHEL-8.3.0 qemu-kvm PATCH 1/1] i386: Mask SVM features if nested SVM is disabled
be904d
Bugzilla: 1835390
be904d
RH-Acked-by: Igor Mammedov <imammedo@redhat.com>
be904d
RH-Acked-by: Bandan Das <bsd@redhat.com>
be904d
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
be904d
be904d
QEMU incorrectly validates FEAT_SVM feature flags against
be904d
GET_SUPPORTED_CPUID even if SVM features are being masked out by
be904d
cpu_x86_cpuid().  This can make QEMU print warnings on most AMD
be904d
CPU models, even when SVM nesting is disabled (which is the
be904d
default).
be904d
be904d
This bug was never detected before because of a Linux KVM bug:
be904d
until Linux v5.6, KVM was not filtering out SVM features in
be904d
GET_SUPPORTED_CPUID when nested was disabled.  This KVM bug was
be904d
fixed in Linux v5.7-rc1, on Linux commit a50718cc3f43 ("KVM:
be904d
nSVM: Expose SVM features to L1 iff nested is enabled").
be904d
be904d
Fix the problem by adding a CPUID_EXT3_SVM dependency to all
be904d
FEAT_SVM feature flags in the feature_dependencies table.
be904d
be904d
Reported-by: Yanan Fu <yfu@redhat.com>
be904d
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
be904d
Message-Id: <20200623230116.277409-1-ehabkost@redhat.com>
be904d
[Fix testcase. - Paolo]
be904d
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
be904d
(cherry picked from commit 730319aef0fcb94f11a4a2d32656437fdde7efdd)
be904d
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
be904d
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
be904d
---
be904d
 target/i386/cpu.c             | 4 ++++
be904d
 tests/test-x86-cpuid-compat.c | 4 ++--
be904d
 2 files changed, 6 insertions(+), 2 deletions(-)
be904d
be904d
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
be904d
index 7d7b016bb7..a343de0c9d 100644
be904d
--- a/target/i386/cpu.c
be904d
+++ b/target/i386/cpu.c
be904d
@@ -1477,6 +1477,10 @@ static FeatureDep feature_dependencies[] = {
be904d
         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
be904d
         .to = { FEAT_VMX_VMFUNC,            ~0ull },
be904d
     },
be904d
+    {
be904d
+        .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
be904d
+        .to = { FEAT_SVM,                   ~0ull },
be904d
+    },
be904d
 };
be904d
 
be904d
 typedef struct X86RegisterInfo32 {
be904d
diff --git a/tests/test-x86-cpuid-compat.c b/tests/test-x86-cpuid-compat.c
be904d
index e7c075ed98..983aa0719a 100644
be904d
--- a/tests/test-x86-cpuid-compat.c
be904d
+++ b/tests/test-x86-cpuid-compat.c
be904d
@@ -256,7 +256,7 @@ int main(int argc, char **argv)
be904d
                    "-cpu 486,+invtsc", "xlevel", 0x80000007);
be904d
     /* CPUID[8000_000A].EDX: */
be904d
     add_cpuid_test("x86/cpuid/auto-xlevel/486/npt",
be904d
-                   "-cpu 486,+npt", "xlevel", 0x8000000A);
be904d
+                   "-cpu 486,+svm,+npt", "xlevel", 0x8000000A);
be904d
     /* CPUID[C000_0001].EDX: */
be904d
     add_cpuid_test("x86/cpuid/auto-xlevel2/phenom/xstore",
be904d
                    "-cpu phenom,+xstore", "xlevel2", 0xC0000001);
be904d
@@ -349,7 +349,7 @@ int main(int argc, char **argv)
be904d
                    "-machine pc-i440fx-2.4 -cpu SandyBridge,",
be904d
                    "xlevel", 0x80000008);
be904d
     add_cpuid_test("x86/cpuid/xlevel-compat/pc-i440fx-2.4/npt-on",
be904d
-                   "-machine pc-i440fx-2.4 -cpu SandyBridge,+npt",
be904d
+                   "-machine pc-i440fx-2.4 -cpu SandyBridge,+svm,+npt",
be904d
                    "xlevel", 0x80000008);
be904d
 #endif
be904d
 
be904d
-- 
be904d
2.27.0
be904d