leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

KVM: VMX: Drop initialization of IA32_FEAT_CTL MSR

Browse Source 
Remove KVM's code to initialize IA32_FEAT_CTL MSR when KVM is loaded now
that the MSR is initialized during boot on all CPUs that support VMX,
i.e. on all CPUs that can possibly load kvm_intel.

Note, don't WARN if IA32_FEAT_CTL is unlocked, even though the MSR is
unconditionally locked by init_ia32_feat_ctl().  KVM isn't tied directly
to a CPU vendor detection, whereas init_ia32_feat_ctl() is invoked if
and only if the CPU vendor is recognized and known to support VMX.  As a
result, vmx_disabled_by_bios() may be reached without going through
init_ia32_feat_ctl() and thus without locking IA32_FEAT_CTL.  This quirk
will be eliminated in a future patch.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Jim Mattson <jmattson@google.com>
Link: https://lkml.kernel.org/r/20191221044513.21680-15-sean.j.christopherson@intel.com
This commit is contained in:
Sean Christopherson 2019-12-20 20:45:08 -08:00 committed by Borislav Petkov
parent 85c17291e2
commit 21bd3467a5
1 changed files with 19 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
arch/x86/kvm/vmx/vmx.c
View File

@ -2207,24 +2207,26 @@ static __init int vmx_disabled_by_bios(void)
u64 msr; u64 msr;
rdmsrl(MSR_IA32_FEAT_CTL, msr); rdmsrl(MSR_IA32_FEAT_CTL, msr);
if (msr & FEAT_CTL_LOCKED) {
/* launched w/ TXT and VMX disabled */ if (unlikely(!(msr & FEAT_CTL_LOCKED)))
if (!(msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX) return 1;
&& tboot_enabled())
return 1; /* launched w/ TXT and VMX disabled */
/* launched w/o TXT and VMX only enabled w/ TXT */ if (!(msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX) &&
if (!(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX) tboot_enabled())
&& (msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX) return 1;
&& !tboot_enabled()) { /* launched w/o TXT and VMX only enabled w/ TXT */
printk(KERN_WARNING "kvm: disable TXT in the BIOS or " if (!(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX) &&
"activate TXT before enabling KVM\n"); (msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX) &&
return 1; !tboot_enabled()) {
} pr_warn("kvm: disable TXT in the BIOS or "
/* launched w/o TXT and VMX disabled */ "activate TXT before enabling KVM\n");
if (!(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX) return 1;
&& !tboot_enabled())
return 1;
} }
/* launched w/o TXT and VMX disabled */
if (!(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX) &&
!tboot_enabled())
return 1;
return 0; return 0;
} }
@ -2241,7 +2243,6 @@ static int hardware_enable(void)
{ {
int cpu = raw_smp_processor_id(); int cpu = raw_smp_processor_id();
u64 phys_addr = __pa(per_cpu(vmxarea, cpu)); u64 phys_addr = __pa(per_cpu(vmxarea, cpu));
u64 old, test_bits;
if (cr4_read_shadow() & X86_CR4_VMXE) if (cr4_read_shadow() & X86_CR4_VMXE)
return -EBUSY; return -EBUSY;
@ -2269,17 +2270,6 @@ static int hardware_enable(void)
*/ */
crash_enable_local_vmclear(cpu); crash_enable_local_vmclear(cpu);
rdmsrl(MSR_IA32_FEAT_CTL, old);
test_bits = FEAT_CTL_LOCKED;
test_bits |= FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX;
if (tboot_enabled())
test_bits |= FEAT_CTL_VMX_ENABLED_INSIDE_SMX;
if ((old & test_bits) != test_bits) {
/* enable and lock */
wrmsrl(MSR_IA32_FEAT_CTL, old | test_bits);
}
kvm_cpu_vmxon(phys_addr); kvm_cpu_vmxon(phys_addr);
if (enable_ept) if (enable_ept)
ept_sync_global(); ept_sync_global();