On Mon, Aug 19, 2019 at 2:47 PM Nikita Leshenko <nikita.leshchenko@xxxxxxxxxx> wrote: > > Before this commit, userspace could disable the GUEST_ACTIVITY_HLT bit in > VMX_MISC yet KVM would happily accept GUEST_ACTIVITY_HLT activity state in > VMCS12. We can fix it by either failing VM entries with HLT activity state when > it's not supported or by disallowing clearing this bit. > > The latter is preferable. If we go with the former, to disable > GUEST_ACTIVITY_HLT userspace also has to make CPU_BASED_HLT_EXITING a "must be > 1" control, otherwise KVM will be presenting a bogus model to L1. > > Don't fail writes that disable GUEST_ACTIVITY_HLT to maintain backwards > compatibility. > > Reviewed-by: Liran Alon <liran.alon@xxxxxxxxxx> > Reviewed-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> > Signed-off-by: Nikita Leshenko <nikita.leshchenko@xxxxxxxxxx> > --- > arch/x86/kvm/vmx/nested.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c > index 46af3a5e9209..24734946ec75 100644 > --- a/arch/x86/kvm/vmx/nested.c > +++ b/arch/x86/kvm/vmx/nested.c > @@ -1102,6 +1102,14 @@ static int vmx_restore_vmx_misc(struct vcpu_vmx *vmx, u64 data) > if (vmx_misc_mseg_revid(data) != vmx_misc_mseg_revid(vmx_misc)) > return -EINVAL; > > + /* > + * We always support HLT activity state. In the past it was possible to > + * turn HLT bit off (without actually turning off HLT activity state > + * support) so we don't fail vmx_restore_vmx_misc if this bit is turned > + * off. > + */ > + data |= VMX_MISC_ACTIVITY_HLT; > + > vmx->nested.msrs.misc_low = data; > vmx->nested.msrs.misc_high = data >> 32; > This change breaks live migration to an upgraded kernel, since it doesn't allow the IA32_VMX_MISC MSR to be restored to its original value. I think this warrants a quirk.
