On 9/28/18 6:25 PM, Jim Mattson wrote:
On Thu, Sep 27, 2018 at 3:27 PM, Zdenek Kaspar <zkaspar82@xxxxxxxxx> wrote:Hi, Core2 is broken with 4.18.8+ kernels. VM boot ends with virtio errors like devices refuse features or Error -2 initializing vqs. Successfully bisected (v4.18.8 v4.18.7) to: d9b47449c1a17be65332e07c1e8acba0f8b27e10 is the first bad commit commit d9b47449c1a17be65332e07c1e8acba0f8b27e10 Author: Junaid Shahid <junaids@xxxxxxxxxx> Date: Tue Aug 14 10:15:34 2018 -0700 kvm: x86: Set highest physical address bits in non-present/reserved SPTEs commit 28a1f3ac1d0c8558ee4453d9634dad891a6e922e upstream. Always set the 5 upper-most supported physical address bits to 1 for SPTEs that are marked as non-present or reserved, to make them unusable for L1TF attacks from the guest. Currently, this just applies to MMIO SPTEs. (We do not need to mark PTEs that are completely 0 as physical page 0 is already reserved.) This allows mitigation of L1TF without disabling hyper-threading by using shadow paging mode instead of EPT. Signed-off-by: Junaid Shahid <junaids@xxxxxxxxxx> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> :040000 040000 1e535944156e32133ad6ad21d6be39b192a8264b 69bd6e678235077fb516cf67ef7817423ba6f84e M arch Without this commit old Core2 works fine... TIA, Z.See the thread, "[PATCH] KVM: x86: fix L1TF's MMIO GFN calculation."
OK, running now https://patchwork.kernel.org/patch/10614795/ for ~hour on 4.18.10 and it fixes my problem. Thanks!
