Bug 53621

Summary: nVMX: MSR_IA32_FEATURE_CONTROL
Product: Virtualization Reporter: Nadav Har'El (nyh)
Component: kvmAssignee: virtualization_kvm
Status: RESOLVED CODE_FIX    
Severity: enhancement CC: bonzini
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 3.19 Subsystem:
Regression: No Bisected commit-id:
Bug Depends on:    
Bug Blocks: 94971, 53601    
Attachments: Patch for better MSR_IA32_FEATURE_CONTROL emulation

Description Nadav Har'El 2013-02-11 13:12:11 UTC 
The existing code emulates the guest's use of the IA32_FEATURE_CONTROL MSR
in a way that was enough to run nested VMX guests, but did not fully
conform to the VMX specification, and in particular did not allow a guest
BIOS to prevent the guest OS from using VMX by setting the lock bit on this
MSR.

This simple patch emulates this MSR better, allowing the guest to lock it, and
verifying its setting on VMXON. Also make sure that this MSR (and of course,
VMXON state) is reset on guest vcpu reset (via SIPI).

This patch stems from these discussions:

http://comments.gmane.org/gmane.comp.emulators.kvm.devel/87759
http://comments.gmane.org/gmane.comp.emulators.kvm.devel/87846

I'm not sure why it wasn't accepted. The only remaining issue appeared to be this:

  > > > +#define VMXON_NEEDED_FEATURES \
  > > > +	  (FEATURE_CONTROL_LOCKED | FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX)

  Move it to the top of the file, or as a variable at the top of the
  function please.
Comment 1 Nadav Har'El 2013-02-11 13:12:57 UTC 
Created attachment 93111 [details]
Patch for better MSR_IA32_FEATURE_CONTROL emulation
Comment 2 Paolo Bonzini 2015-04-08 08:58:21 UTC 
Fixed by commit b3897a49e22f (KVM: nVMX: Fix read/write to MSR_IA32_FEATURE_CONTROL, 2013-07-08).