KVM: VMX: Use VMX feature flag to query BIOS enabling (a4d0b2fd) · Commits · 戴 / test

Replace KVM's manual checks on IA32_FEAT_CTL with a query on the boot CPU's MSR_IA32_FEAT_CTL and VMX feature flags. The MSR_IA32_FEAT_CTL indicates that IA32_FEAT_CTL has been configured and that dependent features are accurately reflected in cpufeatures, e.g. the VMX flag is now cleared during boot if VMX isn't fully enabled via IA32_FEAT_CTL, including the case where the MSR isn't supported. Signed-off-by:

Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by:

Borislav Petkov <bp@suse.de> Link: https://lkml.kernel.org/r/20191221044513.21680-16-sean.j.christopherson@intel.com

arch/x86/kvm/vmx/vmx.c

+2 −25

Original line number	Diff line number	Diff line
		@@ -2204,31 +2204,8 @@ static __init int cpu_has_kvm_support(void)

		static __init int vmx_disabled_by_bios(void)
		{
		u64 msr;

		rdmsrl(MSR_IA32_FEAT_CTL, msr);

		if (unlikely(!(msr & FEAT_CTL_LOCKED)))
		return 1;

		/* launched w/ TXT and VMX disabled */
		if (!(msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX) &&
		tboot_enabled())
		return 1;
		/* launched w/o TXT and VMX only enabled w/ TXT */
		if (!(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX) &&
		(msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX) &&
		!tboot_enabled()) {
		pr_warn("kvm: disable TXT in the BIOS or "
		"activate TXT before enabling KVM\n");
		return 1;
		}
		/* launched w/o TXT and VMX disabled */
		if (!(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX) &&
		!tboot_enabled())
		return 1;

		return 0;
		return !boot_cpu_has(X86_FEATURE_MSR_IA32_FEAT_CTL) \|\|
		!boot_cpu_has(X86_FEATURE_VMX);
		}

		static void kvm_cpu_vmxon(u64 addr)

Admin message