| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Aug 2017 19:17:47 +0200
From: Sebastian Rachuj <rachus@....de>
To: Paolo Bonzini <pbonzini@...hat.com>, rkrcmar@...hat.com,
tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: kvm_intel fails to load on Conroe CPUs running Linux 4.12
On 07.08.2017 11:43, Paolo Bonzini wrote:
> On 06/08/2017 23:23, Sebastian Rachuj wrote:
>> On 06.08.2017 23:10, Paolo Bonzini wrote:
>>> On 05/08/2017 21:26, Sebastian Rachuj wrote:
>>>> Dear linux developers,
>>>>
>>>> since my upgrade from linux 4.11 to linux 4.12 the "kvm_intel" module
>>>> does not load correctly anymore. "Modprobing" the kernel module gives an
>>>> Input/Output error. It seems to be related to the CPU architecture and
>>>> (to my knowledge) affects Conroe CPUs. I did a bisect and found the
>>>> following commit as the guilty one:
>>>
>>> What is your cpuinfo? I tested on a Conroe Xeon X3220 (family 6,
>>> model 15, stepping 11) when I posted that patch, and it did have virtual
>>> NMIs.
>>
>> Thank you for looking into the issue. My cpuinfo is as follows:
>
> Looks like Intel was already differentiating virtualization features
> across SKUs. Please run the attached script as root to see what other
> things are different (apparently) between non-Xeon and Xeon Conroes.
Here you are, I hope it helps:
# python vmxcap
Basic VMX Information
Hex: 0x1a040000000007
Revision 7
VMCS size 1024
VMCS restricted to 32 bit addresses no
Dual-monitor support yes
VMCS memory type 6
INS/OUTS instruction information no
IA32_VMX_TRUE_*_CTLS support no
pin-based controls
External interrupt exiting yes
NMI exiting yes
Virtual NMIs no
Activate VMX-preemption timer no
Process posted interrupts no
primary processor-based controls
Interrupt window exiting yes
Use TSC offsetting yes
HLT exiting yes
INVLPG exiting yes
MWAIT exiting yes
RDPMC exiting yes
RDTSC exiting yes
CR3-load exiting forced
CR3-store exiting forced
CR8-load exiting yes
CR8-store exiting yes
Use TPR shadow yes
NMI-window exiting no
MOV-DR exiting yes
Unconditional I/O exiting yes
Use I/O bitmaps yes
Monitor trap flag no
Use MSR bitmaps yes
MONITOR exiting yes
PAUSE exiting yes
Activate secondary control no
secondary processor-based controls
Virtualize APIC accesses no
Enable EPT no
Descriptor-table exiting no
Enable RDTSCP no
Virtualize x2APIC mode no
Enable VPID no
WBINVD exiting no
Unrestricted guest no
APIC register emulation no
Virtual interrupt delivery no
PAUSE-loop exiting no
RDRAND exiting no
Enable INVPCID no
Enable VM functions no
VMCS shadowing no
Enable ENCLS exiting no
RDSEED exiting no
Enable PML no
EPT-violation #VE no
Conceal non-root operation from PT no
Enable XSAVES/XRSTORS no
Mode-based execute control (XS/XU) no
TSC scaling no
VM-Exit controls
Save debug controls forced
Host address-space size yes
Load IA32_PERF_GLOBAL_CTRL no
Acknowledge interrupt on exit yes
Save IA32_PAT no
Load IA32_PAT no
Save IA32_EFER no
Load IA32_EFER no
Save VMX-preemption timer value no
Clear IA32_BNDCFGS no
Conceal VM exits from PT no
VM-Entry controls
Load debug controls forced
IA-32e mode guest yes
Entry to SMM yes
Deactivate dual-monitor treatment yes
Load IA32_PERF_GLOBAL_CTRL no
Load IA32_PAT no
Load IA32_EFER no
Load IA32_BNDCFGS no
Conceal VM entries from PT no
Miscellaneous data
Hex: 0x403c0
VMX-preemption timer scale (log2) 0
Store EFER.LMA into IA-32e mode guest control no
HLT activity state yes
Shutdown activity state yes
Wait-for-SIPI activity state yes
IA32_SMBASE support no
Number of CR3-target values 4
MSR-load/store count recommendation 0
IA32_SMM_MONITOR_CTL[2] can be set to 1 no
VMWRITE to VM-exit information fields no
Inject event with insn length=0 no
MSEG revision identifier 0
VPID and EPT capabilities
Hex: 0x0
Execute-only EPT translations no
Page-walk length 4 no
Paging-structure memory type UC no
Paging-structure memory type WB no
2MB EPT pages no
1GB EPT pages no
INVEPT supported no
EPT accessed and dirty flags no
Single-context INVEPT no
All-context INVEPT no
INVVPID supported no
Individual-address INVVPID no
Single-context INVVPID no
All-context INVVPID no
Single-context-retaining-globals INVVPID no
VM Functions
Hex: 0x0
EPTP Switching no
Powered by blists - more mailing lists