From 52929cc849fce4520d89da98ea06c517be46a5cb Mon Sep 17 00:00:00 2001 From: Jon Maloy Date: Mon, 28 Apr 2025 15:27:51 -0400 Subject: [PATCH] * Mon Apr 28 2025 Jon Maloy - 9.1.0-19 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - kvm-target-i386-Fix-conditional-CONFIG_SYNDBG-enablement.patch [RHEL-7130] - kvm-target-i386-Exclude-hv-syndbg-from-hv-passthrough.patch [RHEL-7130] - Resolves: RHEL-7130 ([Hyper-V][RHEL9.2] Nested Hyper-V on KVM: L1 Windows VM with BIOS mode fails to boot up when using '-cpu host,hv_passthrough’ flag) --- ...xclude-hv-syndbg-from-hv-passthrough.patch | 102 +++++++++++++++++ ...conditional-CONFIG_SYNDBG-enablement.patch | 108 ++++++++++++++++++ qemu-kvm.spec | 12 +- 3 files changed, 221 insertions(+), 1 deletion(-) create mode 100644 kvm-target-i386-Exclude-hv-syndbg-from-hv-passthrough.patch create mode 100644 kvm-target-i386-Fix-conditional-CONFIG_SYNDBG-enablement.patch diff --git a/kvm-target-i386-Exclude-hv-syndbg-from-hv-passthrough.patch b/kvm-target-i386-Exclude-hv-syndbg-from-hv-passthrough.patch new file mode 100644 index 0000000..df4e5e3 --- /dev/null +++ b/kvm-target-i386-Exclude-hv-syndbg-from-hv-passthrough.patch @@ -0,0 +1,102 @@ +From 0288537593cd4452a2523b686b297dad3735f7f8 Mon Sep 17 00:00:00 2001 +From: Vitaly Kuznetsov +Date: Thu, 17 Apr 2025 15:30:50 +0200 +Subject: [PATCH 2/2] target/i386: Exclude 'hv-syndbg' from 'hv-passthrough' + +RH-Author: Vitaly Kuznetsov +RH-MergeRequest: 352: hyper-v: exclude 'hv-syndbg' from 'hv-passthrough' set +RH-Jira: RHEL-7130 +RH-Acked-by: Maxim Levitsky +RH-Acked-by: Ani Sinha +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Commit: [2/2] bf276ad5b340139f71b92e656a0c7756a55dec0b (vkuznets/qemu-kvm) + +Windows with Hyper-V role enabled doesn't boot with 'hv-passthrough' when +no debugger is configured, this significantly limits the usefulness of the +feature as there's no support for subtracting Hyper-V features from CPU +flags at this moment (e.g. "-cpu host,hv-passthrough,-hv-syndbg" does not +work). While this is also theoretically fixable, 'hv-syndbg' is likely +very special and unneeded in the default set. Genuine Hyper-V doesn't seem +to enable it either. + +Introduce 'skip_passthrough' flag to 'kvm_hyperv_properties' and use it as +one-off to skip 'hv-syndbg' when enabling features in 'hv-passthrough' +mode. Note, "-cpu host,hv-passthrough,hv-syndbg" can still be used if +needed. + +As both 'hv-passthrough' and 'hv-syndbg' are debug features, the change +should not have any effect on production environments. + +Signed-off-by: Vitaly Kuznetsov +Link: https://lore.kernel.org/r/20240917160051.2637594-3-vkuznets@redhat.com +Signed-off-by: Paolo Bonzini +(cherry picked from commit 7d7b9c7655a26e09c800ef40373078a80e90d9f3) +Signed-off-by: Vitaly Kuznetsov +--- + docs/system/i386/hyperv.rst | 13 +++++++++---- + target/i386/kvm/kvm.c | 7 +++++-- + 2 files changed, 14 insertions(+), 6 deletions(-) + +diff --git a/docs/system/i386/hyperv.rst b/docs/system/i386/hyperv.rst +index 2505dc4c86..009947e391 100644 +--- a/docs/system/i386/hyperv.rst ++++ b/docs/system/i386/hyperv.rst +@@ -262,14 +262,19 @@ Supplementary features + ``hv-passthrough`` + In some cases (e.g. during development) it may make sense to use QEMU in + 'pass-through' mode and give Windows guests all enlightenments currently +- supported by KVM. This pass-through mode is enabled by "hv-passthrough" CPU +- flag. ++ supported by KVM. + + Note: ``hv-passthrough`` flag only enables enlightenments which are known to QEMU + (have corresponding 'hv-' flag) and copies ``hv-spinlocks`` and ``hv-vendor-id`` + values from KVM to QEMU. ``hv-passthrough`` overrides all other 'hv-' settings on +- the command line. Also, enabling this flag effectively prevents migration as the +- list of enabled enlightenments may differ between target and destination hosts. ++ the command line. ++ ++ Note: ``hv-passthrough`` does not enable ``hv-syndbg`` which can prevent certain ++ Windows guests from booting when used without proper configuration. If needed, ++ ``hv-syndbg`` can be enabled additionally. ++ ++ Note: ``hv-passthrough`` effectively prevents migration as the list of enabled ++ enlightenments may differ between target and destination hosts. + + ``hv-enforce-cpuid`` + By default, KVM allows the guest to use all currently supported Hyper-V +diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c +index 5bf77d761f..94b678e9e3 100644 +--- a/target/i386/kvm/kvm.c ++++ b/target/i386/kvm/kvm.c +@@ -913,6 +913,7 @@ static struct { + uint32_t bits; + } flags[2]; + uint64_t dependencies; ++ bool skip_passthrough; + } kvm_hyperv_properties[] = { + [HYPERV_FEAT_RELAXED] = { + .desc = "relaxed timing (hv-relaxed)", +@@ -1041,7 +1042,8 @@ static struct { + {.func = HV_CPUID_FEATURES, .reg = R_EDX, + .bits = HV_FEATURE_DEBUG_MSRS_AVAILABLE} + }, +- .dependencies = BIT(HYPERV_FEAT_SYNIC) | BIT(HYPERV_FEAT_RELAXED) ++ .dependencies = BIT(HYPERV_FEAT_SYNIC) | BIT(HYPERV_FEAT_RELAXED), ++ .skip_passthrough = true, + }, + [HYPERV_FEAT_MSR_BITMAP] = { + .desc = "enlightened MSR-Bitmap (hv-emsr-bitmap)", +@@ -1450,7 +1452,8 @@ bool kvm_hyperv_expand_features(X86CPU *cpu, Error **errp) + * hv_build_cpuid_leaf() uses this info to build guest CPUIDs. + */ + for (feat = 0; feat < ARRAY_SIZE(kvm_hyperv_properties); feat++) { +- if (hyperv_feature_supported(cs, feat)) { ++ if (hyperv_feature_supported(cs, feat) && ++ !kvm_hyperv_properties[feat].skip_passthrough) { + cpu->hyperv_features |= BIT(feat); + } + } +-- +2.48.1 + diff --git a/kvm-target-i386-Fix-conditional-CONFIG_SYNDBG-enablement.patch b/kvm-target-i386-Fix-conditional-CONFIG_SYNDBG-enablement.patch new file mode 100644 index 0000000..049f3fe --- /dev/null +++ b/kvm-target-i386-Fix-conditional-CONFIG_SYNDBG-enablement.patch @@ -0,0 +1,108 @@ +From 26d5561f7a07c9bc6f8ea9a602c53bfa5daddd13 Mon Sep 17 00:00:00 2001 +From: Vitaly Kuznetsov +Date: Thu, 17 Apr 2025 15:30:42 +0200 +Subject: [PATCH 1/2] target/i386: Fix conditional CONFIG_SYNDBG enablement + +RH-Author: Vitaly Kuznetsov +RH-MergeRequest: 352: hyper-v: exclude 'hv-syndbg' from 'hv-passthrough' set +RH-Jira: RHEL-7130 +RH-Acked-by: Maxim Levitsky +RH-Acked-by: Ani Sinha +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Commit: [1/2] 0446b6202fb3dbae865da0dc7e08092399661f7a (vkuznets/qemu-kvm) + +Putting HYPERV_FEAT_SYNDBG entry under "#ifdef CONFIG_SYNDBG" in +'kvm_hyperv_properties' array is wrong: as HYPERV_FEAT_SYNDBG is not +the highest feature number, the result is an empty (zeroed) entry in +the array (and not a skipped entry!). hyperv_feature_supported() is +designed to check that all CPUID bits are set but for a zeroed +feature in 'kvm_hyperv_properties' it returns 'true' so QEMU considers +HYPERV_FEAT_SYNDBG as always supported, regardless of whether KVM host +actually supports it. + +To fix the issue, leave HYPERV_FEAT_SYNDBG's definition in +'kvm_hyperv_properties' array, there's nothing wrong in having it defined +even when 'CONFIG_SYNDBG' is not set. Instead, put "hv-syndbg" CPU property +under '#ifdef CONFIG_SYNDBG' to alter the existing behavior when the flag +is silently skipped in !CONFIG_SYNDBG builds. + +Leave an 'assert' sentinel in hyperv_feature_supported() making sure there +are no 'holes' or improperly defined features in 'kvm_hyperv_properties'. + +Fixes: d8701185f40c ("hw: hyperv: Initial commit for Synthetic Debugging device") +Signed-off-by: Vitaly Kuznetsov +Link: https://lore.kernel.org/r/20240917160051.2637594-2-vkuznets@redhat.com +Signed-off-by: Paolo Bonzini +(cherry picked from commit bbf3810f2c4f97bd7a1982d3e0ff0f00295b8169) +Signed-off-by: Vitaly Kuznetsov +--- + target/i386/cpu.c | 2 ++ + target/i386/kvm/kvm.c | 11 +++++++---- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index a70a3aa670..0a955b1c45 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -8450,8 +8450,10 @@ static Property x86_cpu_properties[] = { + HYPERV_FEAT_TLBFLUSH_DIRECT, 0), + DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU, + hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF), ++#ifdef CONFIG_SYNDBG + DEFINE_PROP_BIT64("hv-syndbg", X86CPU, hyperv_features, + HYPERV_FEAT_SYNDBG, 0), ++#endif + DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false), + DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, false), + +diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c +index d0329a4ed7..5bf77d761f 100644 +--- a/target/i386/kvm/kvm.c ++++ b/target/i386/kvm/kvm.c +@@ -1035,7 +1035,6 @@ static struct { + .bits = HV_DEPRECATING_AEOI_RECOMMENDED} + } + }, +-#ifdef CONFIG_SYNDBG + [HYPERV_FEAT_SYNDBG] = { + .desc = "Enable synthetic kernel debugger channel (hv-syndbg)", + .flags = { +@@ -1044,7 +1043,6 @@ static struct { + }, + .dependencies = BIT(HYPERV_FEAT_SYNIC) | BIT(HYPERV_FEAT_RELAXED) + }, +-#endif + [HYPERV_FEAT_MSR_BITMAP] = { + .desc = "enlightened MSR-Bitmap (hv-emsr-bitmap)", + .flags = { +@@ -1296,6 +1294,13 @@ static bool hyperv_feature_supported(CPUState *cs, int feature) + uint32_t func, bits; + int i, reg; + ++ /* ++ * kvm_hyperv_properties needs to define at least one CPUID flag which ++ * must be used to detect the feature, it's hard to say whether it is ++ * supported or not otherwise. ++ */ ++ assert(kvm_hyperv_properties[feature].flags[0].func); ++ + for (i = 0; i < ARRAY_SIZE(kvm_hyperv_properties[feature].flags); i++) { + + func = kvm_hyperv_properties[feature].flags[i].func; +@@ -3925,13 +3930,11 @@ static int kvm_put_msrs(X86CPU *cpu, int level) + kvm_msr_entry_add(cpu, HV_X64_MSR_TSC_EMULATION_STATUS, + env->msr_hv_tsc_emulation_status); + } +-#ifdef CONFIG_SYNDBG + if (hyperv_feat_enabled(cpu, HYPERV_FEAT_SYNDBG) && + has_msr_hv_syndbg_options) { + kvm_msr_entry_add(cpu, HV_X64_MSR_SYNDBG_OPTIONS, + hyperv_syndbg_query_options()); + } +-#endif + } + if (hyperv_feat_enabled(cpu, HYPERV_FEAT_VAPIC)) { + kvm_msr_entry_add(cpu, HV_X64_MSR_APIC_ASSIST_PAGE, +-- +2.48.1 + diff --git a/qemu-kvm.spec b/qemu-kvm.spec index e512267..13ecaa5 100644 --- a/qemu-kvm.spec +++ b/qemu-kvm.spec @@ -149,7 +149,7 @@ Obsoletes: %{name}-block-ssh <= %{epoch}:%{version} \ Summary: QEMU is a machine emulator and virtualizer Name: qemu-kvm Version: 9.1.0 -Release: 18%{?rcrel}%{?dist}%{?cc_suffix} +Release: 19%{?rcrel}%{?dist}%{?cc_suffix} # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped # Epoch 15 used for RHEL 8 # Epoch 17 used for RHEL 9 (due to release versioning offset in RHEL 8.5) @@ -545,6 +545,10 @@ Patch186: kvm-hw-virtio-Also-include-md-stubs-in-case-CONFIG_VIRTI.patch Patch187: kvm-virtio-mem-don-t-warn-about-THP-sizes-on-a-kernel-wi.patch # For RHEL-72977 - [IBM 9.7 FEAT] KVM: Enable virtio-mem support - qemu part Patch188: kvm-redhat-Enable-virtio-mem-on-s390x.patch +# For RHEL-7130 - [Hyper-V][RHEL9.2] Nested Hyper-V on KVM: L1 Windows VM with BIOS mode fails to boot up when using '-cpu host,hv_passthrough’ flag +Patch189: kvm-target-i386-Fix-conditional-CONFIG_SYNDBG-enablement.patch +# For RHEL-7130 - [Hyper-V][RHEL9.2] Nested Hyper-V on KVM: L1 Windows VM with BIOS mode fails to boot up when using '-cpu host,hv_passthrough’ flag +Patch190: kvm-target-i386-Exclude-hv-syndbg-from-hv-passthrough.patch %if %{have_clang} BuildRequires: clang @@ -1613,6 +1617,12 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \ %endif %changelog +* Mon Apr 28 2025 Jon Maloy - 9.1.0-19 +- kvm-target-i386-Fix-conditional-CONFIG_SYNDBG-enablement.patch [RHEL-7130] +- kvm-target-i386-Exclude-hv-syndbg-from-hv-passthrough.patch [RHEL-7130] +- Resolves: RHEL-7130 + ([Hyper-V][RHEL9.2] Nested Hyper-V on KVM: L1 Windows VM with BIOS mode fails to boot up when using '-cpu host,hv_passthrough’ flag) + * Mon Apr 14 2025 Jon Maloy - 9.1.0-18 - kvm-virtio-kconfig-memory-devices-are-PCI-only.patch [RHEL-72977] - kvm-hw-s390-ccw-device-Convert-to-three-phase-reset.patch [RHEL-72977]