cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone

Blame SOURCES/kvm-i386-Mask-SVM-features-if-nested-SVM-is-disabled.patch

902636
From d3b9c1891a6d05308dd5ea119d2c32c8f98a25da Mon Sep 17 00:00:00 2001
902636
From: Eduardo Habkost <ehabkost@redhat.com>
902636
Date: Tue, 30 Jun 2020 23:40:15 -0400
902636
Subject: [PATCH 1/4] i386: Mask SVM features if nested SVM is disabled
902636
902636
RH-Author: Eduardo Habkost <ehabkost@redhat.com>
902636
Message-id: <20200630234015.166253-2-ehabkost@redhat.com>
902636
Patchwork-id: 97852
902636
O-Subject: [RHEL-8.3.0 qemu-kvm PATCH 1/1] i386: Mask SVM features if nested SVM is disabled
902636
Bugzilla: 1835390
902636
RH-Acked-by: Igor Mammedov <imammedo@redhat.com>
902636
RH-Acked-by: Bandan Das <bsd@redhat.com>
902636
RH-Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
902636
902636
QEMU incorrectly validates FEAT_SVM feature flags against
902636
GET_SUPPORTED_CPUID even if SVM features are being masked out by
902636
cpu_x86_cpuid().  This can make QEMU print warnings on most AMD
902636
CPU models, even when SVM nesting is disabled (which is the
902636
default).
902636
902636
This bug was never detected before because of a Linux KVM bug:
902636
until Linux v5.6, KVM was not filtering out SVM features in
902636
GET_SUPPORTED_CPUID when nested was disabled.  This KVM bug was
902636
fixed in Linux v5.7-rc1, on Linux commit a50718cc3f43 ("KVM:
902636
nSVM: Expose SVM features to L1 iff nested is enabled").
902636
902636
Fix the problem by adding a CPUID_EXT3_SVM dependency to all
902636
FEAT_SVM feature flags in the feature_dependencies table.
902636
902636
Reported-by: Yanan Fu <yfu@redhat.com>
902636
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
902636
Message-Id: <20200623230116.277409-1-ehabkost@redhat.com>
902636
[Fix testcase. - Paolo]
902636
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
902636
(cherry picked from commit 730319aef0fcb94f11a4a2d32656437fdde7efdd)
902636
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
902636
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
902636
---
902636
 target/i386/cpu.c             | 4 ++++
902636
 tests/test-x86-cpuid-compat.c | 4 ++--
902636
 2 files changed, 6 insertions(+), 2 deletions(-)
902636
902636
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
902636
index 7d7b016bb7..a343de0c9d 100644
902636
--- a/target/i386/cpu.c
902636
+++ b/target/i386/cpu.c
902636
@@ -1477,6 +1477,10 @@ static FeatureDep feature_dependencies[] = {
902636
         .from = { FEAT_VMX_SECONDARY_CTLS,  VMX_SECONDARY_EXEC_ENABLE_VMFUNC },
902636
         .to = { FEAT_VMX_VMFUNC,            ~0ull },
902636
     },
902636
+    {
902636
+        .from = { FEAT_8000_0001_ECX,       CPUID_EXT3_SVM },
902636
+        .to = { FEAT_SVM,                   ~0ull },
902636
+    },
902636
 };
902636
 
902636
 typedef struct X86RegisterInfo32 {
902636
diff --git a/tests/test-x86-cpuid-compat.c b/tests/test-x86-cpuid-compat.c
902636
index e7c075ed98..983aa0719a 100644
902636
--- a/tests/test-x86-cpuid-compat.c
902636
+++ b/tests/test-x86-cpuid-compat.c
902636
@@ -256,7 +256,7 @@ int main(int argc, char **argv)
902636
                    "-cpu 486,+invtsc", "xlevel", 0x80000007);
902636
     /* CPUID[8000_000A].EDX: */
902636
     add_cpuid_test("x86/cpuid/auto-xlevel/486/npt",
902636
-                   "-cpu 486,+npt", "xlevel", 0x8000000A);
902636
+                   "-cpu 486,+svm,+npt", "xlevel", 0x8000000A);
902636
     /* CPUID[C000_0001].EDX: */
902636
     add_cpuid_test("x86/cpuid/auto-xlevel2/phenom/xstore",
902636
                    "-cpu phenom,+xstore", "xlevel2", 0xC0000001);
902636
@@ -349,7 +349,7 @@ int main(int argc, char **argv)
902636
                    "-machine pc-i440fx-2.4 -cpu SandyBridge,",
902636
                    "xlevel", 0x80000008);
902636
     add_cpuid_test("x86/cpuid/xlevel-compat/pc-i440fx-2.4/npt-on",
902636
-                   "-machine pc-i440fx-2.4 -cpu SandyBridge,+npt",
902636
+                   "-machine pc-i440fx-2.4 -cpu SandyBridge,+svm,+npt",
902636
                    "xlevel", 0x80000008);
902636
 #endif
902636
 
902636
-- 
902636
2.27.0
902636