lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <cb4e74be-ee61-121b-ea41-910685f29ee3@web.de>
Date:   Mon, 7 Aug 2017 19:17:47 +0200
From:   Sebastian Rachuj <rachus@....de>
To:     Paolo Bonzini <pbonzini@...hat.com>, rkrcmar@...hat.com,
        tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
        x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: kvm_intel fails to load on Conroe CPUs running Linux 4.12

On 07.08.2017 11:43, Paolo Bonzini wrote:
> On 06/08/2017 23:23, Sebastian Rachuj wrote:
>> On 06.08.2017 23:10, Paolo Bonzini wrote:
>>> On 05/08/2017 21:26, Sebastian Rachuj wrote:
>>>> Dear linux developers,
>>>>
>>>> since my upgrade from linux 4.11 to linux 4.12 the "kvm_intel" module
>>>> does not load correctly anymore. "Modprobing" the kernel module gives an
>>>> Input/Output error. It seems to be related to the CPU architecture and
>>>> (to my knowledge) affects Conroe CPUs. I did a bisect and found the
>>>> following commit as the guilty one:
>>>
>>> What is your cpuinfo?  I tested on a Conroe Xeon X3220 (family 6,
>>> model 15, stepping 11) when I posted that patch, and it did have virtual
>>> NMIs.
>>
>> Thank you for looking into the issue. My cpuinfo is as follows:
> 
> Looks like Intel was already differentiating virtualization features
> across SKUs.  Please run the attached script as root to see what other
> things are different (apparently) between non-Xeon and Xeon Conroes.

Here you are, I hope it helps:

# python vmxcap
Basic VMX Information
   Hex: 0x1a040000000007
   Revision                                 7
   VMCS size                                1024
   VMCS restricted to 32 bit addresses      no
   Dual-monitor support                     yes
   VMCS memory type                         6
   INS/OUTS instruction information         no
   IA32_VMX_TRUE_*_CTLS support             no
pin-based controls
   External interrupt exiting               yes
   NMI exiting                              yes
   Virtual NMIs                             no
   Activate VMX-preemption timer            no
   Process posted interrupts                no
primary processor-based controls
   Interrupt window exiting                 yes
   Use TSC offsetting                       yes
   HLT exiting                              yes
   INVLPG exiting                           yes
   MWAIT exiting                            yes
   RDPMC exiting                            yes
   RDTSC exiting                            yes
   CR3-load exiting                         forced
   CR3-store exiting                        forced
   CR8-load exiting                         yes
   CR8-store exiting                        yes
   Use TPR shadow                           yes
   NMI-window exiting                       no
   MOV-DR exiting                           yes
   Unconditional I/O exiting                yes
   Use I/O bitmaps                          yes
   Monitor trap flag                        no
   Use MSR bitmaps                          yes
   MONITOR exiting                          yes
   PAUSE exiting                            yes
   Activate secondary control               no
secondary processor-based controls
   Virtualize APIC accesses                 no
   Enable EPT                               no
   Descriptor-table exiting                 no
   Enable RDTSCP                            no
   Virtualize x2APIC mode                   no
   Enable VPID                              no
   WBINVD exiting                           no
   Unrestricted guest                       no
   APIC register emulation                  no
   Virtual interrupt delivery               no
   PAUSE-loop exiting                       no
   RDRAND exiting                           no
   Enable INVPCID                           no
   Enable VM functions                      no
   VMCS shadowing                           no
   Enable ENCLS exiting                     no
   RDSEED exiting                           no
   Enable PML                               no
   EPT-violation #VE                        no
   Conceal non-root operation from PT       no
   Enable XSAVES/XRSTORS                    no
   Mode-based execute control (XS/XU)       no
   TSC scaling                              no
VM-Exit controls
   Save debug controls                      forced
   Host address-space size                  yes
   Load IA32_PERF_GLOBAL_CTRL               no
   Acknowledge interrupt on exit            yes
   Save IA32_PAT                            no
   Load IA32_PAT                            no
   Save IA32_EFER                           no
   Load IA32_EFER                           no
   Save VMX-preemption timer value          no
   Clear IA32_BNDCFGS                       no
   Conceal VM exits from PT                 no
VM-Entry controls
   Load debug controls                      forced
   IA-32e mode guest                        yes
   Entry to SMM                             yes
   Deactivate dual-monitor treatment        yes
   Load IA32_PERF_GLOBAL_CTRL               no
   Load IA32_PAT                            no
   Load IA32_EFER                           no
   Load IA32_BNDCFGS                        no
   Conceal VM entries from PT               no
Miscellaneous data
   Hex: 0x403c0
   VMX-preemption timer scale (log2)        0
   Store EFER.LMA into IA-32e mode guest control no
   HLT activity state                       yes
   Shutdown activity state                  yes
   Wait-for-SIPI activity state             yes
   IA32_SMBASE support                      no
   Number of CR3-target values              4
   MSR-load/store count recommendation      0
   IA32_SMM_MONITOR_CTL[2] can be set to 1  no
   VMWRITE to VM-exit information fields    no
   Inject event with insn length=0          no
   MSEG revision identifier                 0
VPID and EPT capabilities
   Hex: 0x0
   Execute-only EPT translations            no
   Page-walk length 4                       no
   Paging-structure memory type UC          no
   Paging-structure memory type WB          no
   2MB EPT pages                            no
   1GB EPT pages                            no
   INVEPT supported                         no
   EPT accessed and dirty flags             no
   Single-context INVEPT                    no
   All-context INVEPT                       no
   INVVPID supported                        no
   Individual-address INVVPID               no
   Single-context INVVPID                   no
   All-context INVVPID                      no
   Single-context-retaining-globals INVVPID no
VM Functions
   Hex: 0x0
   EPTP Switching                           no

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ