c461a1
From 50e0729e98e9938b338367e29afd6b7abce9bb04 Mon Sep 17 00:00:00 2001
c461a1
From: "plai@redhat.com" <plai@redhat.com>
c461a1
Date: Mon, 23 Sep 2019 20:40:18 +0200
c461a1
Subject: [PATCH 02/12] target-i386: Merge feature filtering/checking functions
2ec96d
MIME-Version: 1.0
2ec96d
Content-Type: text/plain; charset=UTF-8
2ec96d
Content-Transfer-Encoding: 8bit
2ec96d
c461a1
RH-Author: plai@redhat.com
c461a1
Message-id: <1569271227-28026-2-git-send-email-plai@redhat.com>
c461a1
Patchwork-id: 90853
c461a1
O-Subject: [RHEL7.8 qemu-kvm PATCH v6 01/10] target-i386: Merge feature filtering/checking functions
c461a1
Bugzilla: 1709971
c461a1
RH-Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2ec96d
RH-Acked-by: Bandan Das <bsd@redhat.com>
c461a1
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
c461a1
c461a1
From: Eduardo Habkost <ehabkost@redhat.com>
2ec96d
2ec96d
Merge filter_features_for_kvm() and kvm_check_features_against_host().
2ec96d
2ec96d
Both functions made exactly the same calculations, the only difference
2ec96d
was that filter_features_for_kvm() changed the bits on cpu->features[],
2ec96d
and kvm_check_features_against_host() did error reporting.
2ec96d
2ec96d
Reviewed-by: Richard Henderson <rth@twiddle.net>
2ec96d
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2ec96d
Signed-off-by: Andreas Färber <afaerber@suse.de>
2ec96d
(cherry picked from commit 51f63aed32314479065207ff2fb28255de4dbda4)
2ec96d
Signed-off-by: Paul Lai <plai@redhat.com>
c461a1
c461a1
  unavailable_host_feature() removed due to lack of references.
c461a1
  report_unavailable_features() from 51f63aed3 to make things compile.
c461a1
2ec96d
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
2ec96d
---
2ec96d
 target-i386/cpu.c | 91 ++++++++++++++-----------------------------------------
2ec96d
 1 file changed, 22 insertions(+), 69 deletions(-)
2ec96d
2ec96d
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
c461a1
index ca43268..6fb805b 100644
2ec96d
--- a/target-i386/cpu.c
2ec96d
+++ b/target-i386/cpu.c
c461a1
@@ -1774,11 +1774,11 @@ static void kvm_cpu_fill_host(x86_def_t *x86_cpu_def)
2ec96d
 #endif /* CONFIG_KVM */
2ec96d
 }
2ec96d
 
2ec96d
-static int unavailable_host_feature(FeatureWordInfo *f, uint32_t mask)
2ec96d
+static void report_unavailable_features(FeatureWordInfo *f, uint32_t mask)
2ec96d
 {
2ec96d
     int i;
2ec96d
 
2ec96d
-    for (i = 0; i < 32; ++i)
2ec96d
+    for (i = 0; i < 32; ++i) {
2ec96d
         if (1 << i & mask) {
2ec96d
             const char *reg = get_register_name_32(f->cpuid_reg);
2ec96d
             assert(reg);
c461a1
@@ -1787,40 +1787,8 @@ static int unavailable_host_feature(FeatureWordInfo *f, uint32_t mask)
2ec96d
                 f->cpuid_eax, reg,
2ec96d
                 f->feat_names[i] ? "." : "",
2ec96d
                 f->feat_names[i] ? f->feat_names[i] : "", i);
2ec96d
-            break;
2ec96d
-        }
2ec96d
-    return 0;
2ec96d
-}
2ec96d
-
2ec96d
-/* Check if all requested cpu flags are making their way to the guest
2ec96d
- *
2ec96d
- * Returns 0 if all flags are supported by the host, non-zero otherwise.
2ec96d
- *
2ec96d
- * This function may be called only if KVM is enabled.
2ec96d
- */
2ec96d
-static int kvm_check_features_against_host(KVMState *s, X86CPU *cpu)
2ec96d
-{
2ec96d
-    CPUX86State *env = &cpu->env;
2ec96d
-    int rv = 0;
2ec96d
-    FeatureWord w;
2ec96d
-
2ec96d
-    assert(kvm_enabled());
2ec96d
-
2ec96d
-    for (w = 0; w < FEATURE_WORDS; w++) {
2ec96d
-        FeatureWordInfo *wi = &feature_word_info[w];
2ec96d
-        uint32_t guest_feat = env->features[w];
2ec96d
-        uint32_t host_feat = kvm_arch_get_supported_cpuid(s, wi->cpuid_eax,
2ec96d
-                                                             wi->cpuid_ecx,
2ec96d
-                                                             wi->cpuid_reg);
2ec96d
-        uint32_t mask;
2ec96d
-        for (mask = 1; mask; mask <<= 1) {
2ec96d
-            if (guest_feat & mask && !(host_feat & mask)) {
2ec96d
-                unavailable_host_feature(wi, mask);
2ec96d
-                rv = 1;
2ec96d
-            }
2ec96d
         }
2ec96d
     }
2ec96d
-    return rv;
2ec96d
 }
2ec96d
 
2ec96d
 static void x86_cpuid_version_get_family(Object *obj, Visitor *v, void *opaque,
c461a1
@@ -2419,12 +2387,21 @@ CpuDefinitionInfoList *arch_query_cpu_definitions(Error **errp)
2ec96d
     return cpu_list;
2ec96d
 }
2ec96d
 
2ec96d
-#ifdef CONFIG_KVM
2ec96d
-static void filter_features_for_kvm(X86CPU *cpu)
2ec96d
+/*
2ec96d
+ * Filters CPU feature words based on host availability of each feature.
2ec96d
+ *
2ec96d
+ * This function may be called only if KVM is enabled.
2ec96d
+ *
2ec96d
+ * Returns: 0 if all flags are supported by the host, non-zero otherwise.
2ec96d
+ */
2ec96d
+static int filter_features_for_kvm(X86CPU *cpu)
2ec96d
 {
2ec96d
     CPUX86State *env = &cpu->env;
2ec96d
     KVMState *s = kvm_state;
2ec96d
     FeatureWord w;
2ec96d
+    int rv = 0;
2ec96d
+
2ec96d
+    assert(kvm_enabled());
2ec96d
 
2ec96d
     for (w = 0; w < FEATURE_WORDS; w++) {
2ec96d
         FeatureWordInfo *wi = &feature_word_info[w];
c461a1
@@ -2434,9 +2411,16 @@ static void filter_features_for_kvm(X86CPU *cpu)
2ec96d
         uint32_t requested_features = env->features[w];
2ec96d
         env->features[w] &= host_feat;
2ec96d
         cpu->filtered_features[w] = requested_features & ~env->features[w];
2ec96d
+        if (cpu->filtered_features[w]) {
2ec96d
+            if (cpu->check_cpuid || cpu->enforce_cpuid) {
2ec96d
+                report_unavailable_features(wi, cpu->filtered_features[w]);
2ec96d
+            }
2ec96d
+            rv = 1;
2ec96d
+        }
2ec96d
     }
2ec96d
+
2ec96d
+    return rv;
2ec96d
 }
2ec96d
-#endif
2ec96d
 
2ec96d
 static void cpu_x86_register(X86CPU *cpu, const char *name, Error **errp)
2ec96d
 {
c461a1
@@ -3118,42 +3102,11 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
2ec96d
             env->features[w] &= feature_word_info[w].tcg_features;
2ec96d
         }
2ec96d
     } else {
2ec96d
-        KVMState *s = kvm_state;
2ec96d
-        if ((cpu->check_cpuid || cpu->enforce_cpuid)
2ec96d
-            && kvm_check_features_against_host(s, cpu) && cpu->enforce_cpuid) {
2ec96d
+        if (filter_features_for_kvm(cpu) && cpu->enforce_cpuid) {
2ec96d
             error_setg(&local_err,
2ec96d
                        "Host's CPU doesn't support requested features");
2ec96d
             goto out;
2ec96d
         }
2ec96d
-#ifdef CONFIG_KVM
2ec96d
-        filter_features_for_kvm(cpu);
2ec96d
-#endif
2ec96d
-    }
2ec96d
-
2ec96d
-    /*
2ec96d
-     * RHEL-only:
2ec96d
-     *
2ec96d
-     * The arch-facilities feature flag is deprecated because it was never
2ec96d
-     * supported upstream.  The upstream property is "arch-capabilities",
2ec96d
-     * but it was not backported to this QEMU version.  Note that
2ec96d
-     * arch-capabilities is not required for mitigation of CVE-2017-5715.
2ec96d
-     *
2ec96d
-     * In addition to being deprecated, arch-facilities blocks live migration
2ec96d
-     * because the value of MSR_IA32_ARCH_CAPABILITIES is host-dependent and
2ec96d
-     * not migration-safe.
2ec96d
-     */
2ec96d
-    if (cpu->env.features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_CAPABILITIES) {
2ec96d
-        static bool warned = false;
2ec96d
-        static Error *arch_facilities_blocker;
2ec96d
-        if (!warned) {
2ec96d
-            error_setg(&arch_facilities_blocker,
2ec96d
-                       "The arch-facilities CPU feature is deprecated and "
2ec96d
-                       "does not support live migration");
2ec96d
-            migrate_add_blocker(arch_facilities_blocker);
2ec96d
-            error_report("WARNING: the arch-facilities CPU feature is "
2ec96d
-                         "deprecated and does not support live migration");
2ec96d
-            warned = true;
2ec96d
-        }
2ec96d
     }
2ec96d
 
2ec96d
 #ifndef CONFIG_USER_ONLY
2ec96d
-- 
2ec96d
1.8.3.1
2ec96d