Currently KVM allows the guest to set IA32_DEBUGCTL to whatever value
the guest wants, only capped by a bitmask of allowed bits
(except in the nested entry where KVM apparently doesn't even check
this set of allowed bits - this patch series also fixes that)
However some IA32_DEBUGCTL bits can be useful for the host, e.g the
IA32_DEBUGCTL.DEBUGCTLMSR_FREEZE_IN_SMM which isolates the PMU from
the influence of the host's SMM.
Reshuffle some of the code to allow (currently only this bit) to be passed
though from its host value to the guest.
Note that host value of this bit can be toggled by writing 0 or 1 to
/sys/devices/cpu/freeze_on_smi
This was tested on a Intel(R) Xeon(R) Silver 4410Y with KVM unit tests and
kvm selftests running in parallel with tight loop writing to IO port 0xB2
which on this machine generates #SMIs.
SMI generation was also verified also by reading the MSR 0x34 which
shows the current count of #SMIs received.
Despite the flood of #SMIs, the tests survived with this patch applied.
V4: incorporated review feedback.
Best regards,
Maxim Levitsky
Maxim Levitsky (2):
x86: nVMX: check vmcs12->guest_ia32_debugctl value given by L2
x86: KVM: VMX: preserve DEBUGCTLMSR_FREEZE_IN_SMM
Sean Christopherson (2):
KVM: x86: Convert vcpu_run()'s immediate exit param into a generic
bitmap
KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag
arch/x86/include/asm/kvm-x86-ops.h | 1 -
arch/x86/include/asm/kvm_host.h | 9 ++++++--
arch/x86/kvm/svm/svm.c | 14 +++++++-----
arch/x86/kvm/vmx/main.c | 15 +++----------
arch/x86/kvm/vmx/nested.c | 8 +++++--
arch/x86/kvm/vmx/tdx.c | 3 ++-
arch/x86/kvm/vmx/vmx.c | 36 +++++++++++++++++++++---------
arch/x86/kvm/vmx/vmx.h | 4 ++++
arch/x86/kvm/vmx/x86_ops.h | 4 ++--
arch/x86/kvm/x86.c | 18 ++++++++++-----
10 files changed, 70 insertions(+), 42 deletions(-)
--
2.46.0
