Re: [PATCH] x86: kvm: Restrict X86_FEATURE_VMMCALL to x86_64 platform
From: Paolo Bonzini
Date: Tue Jul 31 2018 - 03:39:26 EST
On 30/07/2018 21:40, Matthew Whitehead wrote:
> early_init_amd() is called on all AMD processors, both 64 and 32 bit.
> Presently 32 bit processors get the X86_FEATURE_VMMCALL feature set, which
> they do not support. Add conditionals to restrict it to 64 bit processors.
This shouldn't be necessary; for systems that don't have virtualization
extensions, the comment explains why setting X86_FEATURE_VMMCALL is safe.
But it is also wrong, because you can run a 32-bit kernel as a guest on
a 64-bit processor, and then it should set X86_FEATURE_VMMCALL because
the processor has the vmmcall instruction and not Intel's vmcall.
Thanks,
Paolo
> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Signed-off-by: Matthew Whitehead <tedheadster@xxxxxxxxx>
> ---
> arch/x86/kernel/cpu/amd.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
> index 38915fbfae73..df06919324cd 100644
> --- a/arch/x86/kernel/cpu/amd.c
> +++ b/arch/x86/kernel/cpu/amd.c
> @@ -662,12 +662,14 @@ static void early_init_amd(struct cpuinfo_x86 *c)
> }
> #endif
>
> +#ifdef CONFIG_X86_64
> /*
> * This is only needed to tell the kernel whether to use VMCALL
> * and VMMCALL. VMMCALL is never executed except under virt, so
> * we can set it unconditionally.
> */
> set_cpu_cap(c, X86_FEATURE_VMMCALL);
> +#endif
>
> /* F16h erratum 793, CVE-2013-6885 */
> if (c->x86 == 0x16 && c->x86_model <= 0xf)
>