There are a few bits in the VMX entry/exit control MSRs where KVM
intervenes. The "load IA32_PERF_GLOBAL_CTRL" and "{load,clear}
IA32_BNDCFGS" VMX entry/exit control bits are under KVM control and
conditionally exposed based on the guest CPUID. If the guest CPUID
provides a supporting vPMU or MPX, the respective VMX control bits are
enabled.
These rules have not been upheld in all cases, though. KVM will only
apply its updates to the MSRs when the guest CPUID is set. If an
unsuspecting VMM writes to these VMX control MSRs after the CPUID has
been set, KVM fails to configure the appropriate bits. There does not
exist any ordering requirements between setting CPUID and writing to an
MSR.
[Patch 1-2]
Fix the immediate issue by hooking writes to the VMX control MSRs. If
userspace writes to one of the affected MSRs, reapply KVMs tweaks to
these registers. Note that these patches employ the minimal change
required to fix the issue, in case they are worthy of a backport.
[Patch 3-4]
Of course, it is not ideal to have KVM fiddling with the guest's MSRs in
this way. Add a quirk allowing sane VMMs to take complete ownership of
these VMX control bits.
[Patch 5-6]
Add tests to verify correct behavior for these bits with the quirk
enabled (KVM control) and quirk disabled (userspace control).
Finally, patch 7 is a nit cleanup that I noticed while doing the
renovations above.
This series applies cleanly to 5.17-rc2. Tested on a Skylake host.
Oliver Upton (7):
KVM: nVMX: Keep KVM updates to BNDCFGS ctrl bits across MSR write
KVM: nVMX: Keep KVM updates to PERF_GLOBAL_CTRL ctrl bits across MSR
write
KVM: nVMX: Roll all entry/exit ctl updates into a single helper
KVM: nVMX: Add a quirk for KVM tweaks to VMX control MSRs
selftests: KVM: Add test for PERF_GLOBAL_CTRL VMX control MSR bits
selftests: KVM: Add test for BNDCFGS VMX control MSR bits
KVM: VMX: Use local pointer to vcpu_vmx in vmx_vcpu_after_set_cpuid()
arch/x86/include/uapi/asm/kvm.h | 11 +-
arch/x86/kvm/vmx/nested.c | 30 +---
arch/x86/kvm/vmx/nested.h | 1 -
arch/x86/kvm/vmx/pmu_intel.c | 2 -
arch/x86/kvm/vmx/vmx.c | 17 +-
arch/x86/kvm/vmx/vmx.h | 2 +
tools/testing/selftests/kvm/.gitignore | 1 +
tools/testing/selftests/kvm/Makefile | 1 +
.../selftests/kvm/include/x86_64/vmx.h | 2 +
.../kvm/x86_64/vmx_control_msrs_test.c | 166 ++++++++++++++++++
10 files changed, 201 insertions(+), 32 deletions(-)
create mode 100644 tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c
--
2.35.0.263.gb82422642f-goog
