On Fri, Feb 28, 2025, Ravi Bangoria wrote:
> On 28-Feb-25 3:54 AM, Sean Christopherson wrote:
> > Fix a long-lurking bug in SVM where KVM runs the guest with the host's
> > DEBUGCTL if LBR virtualization is disabled. AMD CPUs rather stupidly
> > context switch DEBUGCTL if and only if LBR virtualization is enabled (not
> > just supported, but fully enabled).
> >
> > The bug has gone unnoticed because until recently, the only bits that
> > KVM would leave set were things like BTF, which are guest visible but
> > won't cause functional problems unless guest software is being especially
> > particular about #DBs.
> >
> > The bug was exposed by the addition of BusLockTrap ("Detect" in the kernel),
> > as the resulting #DBs due to split-lock accesses in guest userspace (lol
> > Steam) get reflected into the guest by KVM.
> >
> > Note, I don't love suppressing DEBUGCTL.BTF, but practically speaking that's
> > likely the behavior that SVM guests have gotten the vast, vast majority of
> > the time, and given that it's the behavior on Intel, it's (hopefully) a safe
> > option for a fix, e.g. versus trying to add proper BTF virtualization on the
> > fly.
> >
> > v3:
> > - Suppress BTF, as KVM doesn't actually support it. [Ravi]
> > - Actually load the guest's DEBUGCTL (though amusingly, with BTF squashed,
> > it's guaranteed to be '0' in this scenario). [Ravi]
> >
> > v2:
> > - Load the guest's DEBUGCTL instead of simply zeroing it on VMRUN.
> > - Drop bits 5:3 from guest DEBUGCTL so that KVM doesn't let the guest
> > unintentionally enable BusLockTrap (AMD repurposed bits). [Ravi]
> > - Collect a review. [Xiaoyao]
> > - Make bits 5:3 fully reserved, in a separate not-for-stable patch.
> >
> > v1: https://lore.kernel.org/all/20250224181315.2376869-1-seanjc@xxxxxxxxxx
>
> For the series,
>
> Reviewed-and-tested-by: Ravi Bangoria <ravi.bangoria@xxxxxxx>
Thank you for all your help, much appreciated!
