lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Aug 2017 19:17:47 +0200 From: Sebastian Rachuj <rachus@....de> To: Paolo Bonzini <pbonzini@...hat.com>, rkrcmar@...hat.com, tglx@...utronix.de, mingo@...hat.com, hpa@...or.com, x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: kvm_intel fails to load on Conroe CPUs running Linux 4.12 On 07.08.2017 11:43, Paolo Bonzini wrote: > On 06/08/2017 23:23, Sebastian Rachuj wrote: >> On 06.08.2017 23:10, Paolo Bonzini wrote: >>> On 05/08/2017 21:26, Sebastian Rachuj wrote: >>>> Dear linux developers, >>>> >>>> since my upgrade from linux 4.11 to linux 4.12 the "kvm_intel" module >>>> does not load correctly anymore. "Modprobing" the kernel module gives an >>>> Input/Output error. It seems to be related to the CPU architecture and >>>> (to my knowledge) affects Conroe CPUs. I did a bisect and found the >>>> following commit as the guilty one: >>> >>> What is your cpuinfo? I tested on a Conroe Xeon X3220 (family 6, >>> model 15, stepping 11) when I posted that patch, and it did have virtual >>> NMIs. >> >> Thank you for looking into the issue. My cpuinfo is as follows: > > Looks like Intel was already differentiating virtualization features > across SKUs. Please run the attached script as root to see what other > things are different (apparently) between non-Xeon and Xeon Conroes. Here you are, I hope it helps: # python vmxcap Basic VMX Information Hex: 0x1a040000000007 Revision 7 VMCS size 1024 VMCS restricted to 32 bit addresses no Dual-monitor support yes VMCS memory type 6 INS/OUTS instruction information no IA32_VMX_TRUE_*_CTLS support no pin-based controls External interrupt exiting yes NMI exiting yes Virtual NMIs no Activate VMX-preemption timer no Process posted interrupts no primary processor-based controls Interrupt window exiting yes Use TSC offsetting yes HLT exiting yes INVLPG exiting yes MWAIT exiting yes RDPMC exiting yes RDTSC exiting yes CR3-load exiting forced CR3-store exiting forced CR8-load exiting yes CR8-store exiting yes Use TPR shadow yes NMI-window exiting no MOV-DR exiting yes Unconditional I/O exiting yes Use I/O bitmaps yes Monitor trap flag no Use MSR bitmaps yes MONITOR exiting yes PAUSE exiting yes Activate secondary control no secondary processor-based controls Virtualize APIC accesses no Enable EPT no Descriptor-table exiting no Enable RDTSCP no Virtualize x2APIC mode no Enable VPID no WBINVD exiting no Unrestricted guest no APIC register emulation no Virtual interrupt delivery no PAUSE-loop exiting no RDRAND exiting no Enable INVPCID no Enable VM functions no VMCS shadowing no Enable ENCLS exiting no RDSEED exiting no Enable PML no EPT-violation #VE no Conceal non-root operation from PT no Enable XSAVES/XRSTORS no Mode-based execute control (XS/XU) no TSC scaling no VM-Exit controls Save debug controls forced Host address-space size yes Load IA32_PERF_GLOBAL_CTRL no Acknowledge interrupt on exit yes Save IA32_PAT no Load IA32_PAT no Save IA32_EFER no Load IA32_EFER no Save VMX-preemption timer value no Clear IA32_BNDCFGS no Conceal VM exits from PT no VM-Entry controls Load debug controls forced IA-32e mode guest yes Entry to SMM yes Deactivate dual-monitor treatment yes Load IA32_PERF_GLOBAL_CTRL no Load IA32_PAT no Load IA32_EFER no Load IA32_BNDCFGS no Conceal VM entries from PT no Miscellaneous data Hex: 0x403c0 VMX-preemption timer scale (log2) 0 Store EFER.LMA into IA-32e mode guest control no HLT activity state yes Shutdown activity state yes Wait-for-SIPI activity state yes IA32_SMBASE support no Number of CR3-target values 4 MSR-load/store count recommendation 0 IA32_SMM_MONITOR_CTL[2] can be set to 1 no VMWRITE to VM-exit information fields no Inject event with insn length=0 no MSEG revision identifier 0 VPID and EPT capabilities Hex: 0x0 Execute-only EPT translations no Page-walk length 4 no Paging-structure memory type UC no Paging-structure memory type WB no 2MB EPT pages no 1GB EPT pages no INVEPT supported no EPT accessed and dirty flags no Single-context INVEPT no All-context INVEPT no INVVPID supported no Individual-address INVVPID no Single-context INVVPID no All-context INVVPID no Single-context-retaining-globals INVVPID no VM Functions Hex: 0x0 EPTP Switching no
Powered by blists - more mailing lists