From 5b9676b8f411856e04553979d6db819971c2a559 Mon Sep 17 00:00:00 2001 From: Jon Maloy Date: Wed, 9 Aug 2023 23:22:59 +0000 Subject: [PATCH] * Wed Aug 09 2023 Jon Maloy - 6.2.0-38 - kvm-qapi-i386-sev-Change-the-reduced-phys-bits-value-fro.patch [bz#2214840] - kvm-qemu-options.hx-Update-the-reduced-phys-bits-documen.patch [bz#2214840] - kvm-i386-sev-Update-checks-and-information-related-to-re.patch [bz#2214840] - kvm-i386-cpu-Update-how-the-EBX-register-of-CPUID-0x8000.patch [bz#2214840] - kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch [bz#2223947] - Resolves: bz#2214840 ([AMDSERVER 8.9 Bug] Qemu SEV reduced-phys-bits fixes) - Resolves: bz#2223947 ([RHEL8.9] qemu core dump with '-cpu host,mpx=off' on Cascadelake host) --- ...how-the-EBX-register-of-CPUID-0x8000.patch | 53 +++++++++++++ ...checks-and-information-related-to-re.patch | 78 +++++++++++++++++++ ...ange-the-reduced-phys-bits-value-fro.patch | 55 +++++++++++++ ...Update-the-reduced-phys-bits-documen.patch | 61 +++++++++++++++ ...Fix-disabling-MPX-on-cpu-host-with-M.patch | 57 ++++++++++++++ qemu-kvm.spec | 23 +++++- 6 files changed, 326 insertions(+), 1 deletion(-) create mode 100644 kvm-i386-cpu-Update-how-the-EBX-register-of-CPUID-0x8000.patch create mode 100644 kvm-i386-sev-Update-checks-and-information-related-to-re.patch create mode 100644 kvm-qapi-i386-sev-Change-the-reduced-phys-bits-value-fro.patch create mode 100644 kvm-qemu-options.hx-Update-the-reduced-phys-bits-documen.patch create mode 100644 kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch diff --git a/kvm-i386-cpu-Update-how-the-EBX-register-of-CPUID-0x8000.patch b/kvm-i386-cpu-Update-how-the-EBX-register-of-CPUID-0x8000.patch new file mode 100644 index 0000000..ccfaa3a --- /dev/null +++ b/kvm-i386-cpu-Update-how-the-EBX-register-of-CPUID-0x8000.patch @@ -0,0 +1,53 @@ +From 18ac13c7d64266238bd44b2188e0d044af3c3377 Mon Sep 17 00:00:00 2001 +From: Bandan Das +Date: Thu, 3 Aug 2023 15:14:14 -0400 +Subject: [PATCH 4/5] i386/cpu: Update how the EBX register of CPUID 0x8000001F + is set + +RH-Author: Bandan Das +RH-MergeRequest: 296: Updates to SEV reduced-phys-bits parameter +RH-Bugzilla: 2214840 +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Vitaly Kuznetsov +RH-Commit: [4/4] 8b236fd9bc4c177bfacf6220a429e711b5bf062e + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2214840 + +commit fb6bbafc0f19385fb257ee073ed13dcaf613f2f8 +Author: Tom Lendacky +Date: Fri Sep 30 10:14:30 2022 -0500 + + i386/cpu: Update how the EBX register of CPUID 0x8000001F is set + + Update the setting of CPUID 0x8000001F EBX to clearly document the ranges + associated with fields being set. + + Fixes: 6cb8f2a663 ("cpu/i386: populate CPUID 0x8000_001F when SEV is active") + Signed-off-by: Tom Lendacky + Reviewed-by: Dr. David Alan Gilbert + Message-Id: <5822fd7d02b575121380e1f493a8f6d9eba2b11a.1664550870.git.thomas.lendacky@amd.com> + Signed-off-by: Paolo Bonzini + +Signed-off-by: Bandan Das +--- + target/i386/cpu.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 9d3dcdcc0d..265f0aadfc 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -5836,8 +5836,8 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count, + if (sev_enabled()) { + *eax = 0x2; + *eax |= sev_es_enabled() ? 0x8 : 0; +- *ebx = sev_get_cbit_position(); +- *ebx |= sev_get_reduced_phys_bits() << 6; ++ *ebx = sev_get_cbit_position() & 0x3f; /* EBX[5:0] */ ++ *ebx |= (sev_get_reduced_phys_bits() & 0x3f) << 6; /* EBX[11:6] */ + } + break; + default: +-- +2.37.3 + diff --git a/kvm-i386-sev-Update-checks-and-information-related-to-re.patch b/kvm-i386-sev-Update-checks-and-information-related-to-re.patch new file mode 100644 index 0000000..d5a3f94 --- /dev/null +++ b/kvm-i386-sev-Update-checks-and-information-related-to-re.patch @@ -0,0 +1,78 @@ +From 19504ea76b6341c11213316402bb5194487e1f01 Mon Sep 17 00:00:00 2001 +From: Bandan Das +Date: Thu, 3 Aug 2023 15:13:19 -0400 +Subject: [PATCH 3/5] i386/sev: Update checks and information related to + reduced-phys-bits + +RH-Author: Bandan Das +RH-MergeRequest: 296: Updates to SEV reduced-phys-bits parameter +RH-Bugzilla: 2214840 +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Vitaly Kuznetsov +RH-Commit: [3/4] b617173d2b15fa39cdc02b5c1ac4d52e9b0dfede + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2214840 + +commit 8168fed9f84e3128f7628969ae78af49433d5ce7 +Author: Tom Lendacky +Date: Fri Sep 30 10:14:29 2022 -0500 + + i386/sev: Update checks and information related to reduced-phys-bits + + The value of the reduced-phys-bits parameter is propogated to the CPUID + information exposed to the guest. Update the current validation check to + account for the size of the CPUID field (6-bits), ensuring the value is + in the range of 1 to 63. + + Maintain backward compatibility, to an extent, by allowing a value greater + than 1 (so that the previously documented value of 5 still works), but not + allowing anything over 63. + + Fixes: d8575c6c02 ("sev/i386: add command to initialize the memory encryption context") + Signed-off-by: Tom Lendacky + Reviewed-by: Dr. David Alan Gilbert + Message-Id: + Signed-off-by: Paolo Bonzini + +Signed-off-by: Bandan Das +--- + target/i386/sev.c | 17 ++++++++++++++--- + 1 file changed, 14 insertions(+), 3 deletions(-) + +diff --git a/target/i386/sev.c b/target/i386/sev.c +index 025ff7a6f8..ba6a65e90c 100644 +--- a/target/i386/sev.c ++++ b/target/i386/sev.c +@@ -892,15 +892,26 @@ int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp) + host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL); + host_cbitpos = ebx & 0x3f; + ++ /* ++ * The cbitpos value will be placed in bit positions 5:0 of the EBX ++ * register of CPUID 0x8000001F. No need to verify the range as the ++ * comparison against the host value accomplishes that. ++ */ + if (host_cbitpos != sev->cbitpos) { + error_setg(errp, "%s: cbitpos check failed, host '%d' requested '%d'", + __func__, host_cbitpos, sev->cbitpos); + goto err; + } + +- if (sev->reduced_phys_bits < 1) { +- error_setg(errp, "%s: reduced_phys_bits check failed, it should be >=1," +- " requested '%d'", __func__, sev->reduced_phys_bits); ++ /* ++ * The reduced-phys-bits value will be placed in bit positions 11:6 of ++ * the EBX register of CPUID 0x8000001F, so verify the supplied value ++ * is in the range of 1 to 63. ++ */ ++ if (sev->reduced_phys_bits < 1 || sev->reduced_phys_bits > 63) { ++ error_setg(errp, "%s: reduced_phys_bits check failed," ++ " it should be in the range of 1 to 63, requested '%d'", ++ __func__, sev->reduced_phys_bits); + goto err; + } + +-- +2.37.3 + diff --git a/kvm-qapi-i386-sev-Change-the-reduced-phys-bits-value-fro.patch b/kvm-qapi-i386-sev-Change-the-reduced-phys-bits-value-fro.patch new file mode 100644 index 0000000..7a3e128 --- /dev/null +++ b/kvm-qapi-i386-sev-Change-the-reduced-phys-bits-value-fro.patch @@ -0,0 +1,55 @@ +From 57ee29fbb08f7b89ee1b7c75b749392c08af3b03 Mon Sep 17 00:00:00 2001 +From: Bandan Das +Date: Thu, 3 Aug 2023 15:23:54 -0400 +Subject: [PATCH 1/5] qapi, i386/sev: Change the reduced-phys-bits value from 5 + to 1 + +RH-Author: Bandan Das +RH-MergeRequest: 296: Updates to SEV reduced-phys-bits parameter +RH-Bugzilla: 2214840 +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Vitaly Kuznetsov +RH-Commit: [1/4] 4137cb3b57cbb175078bc908fb2301ea2b97fd17 + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2214840 + +commit 798a818f50a9bfc01e8b5943090de458863b897b +Author: Tom Lendacky +Date: Fri Sep 30 10:14:27 2022 -0500 + + qapi, i386/sev: Change the reduced-phys-bits value from 5 to 1 + + A guest only ever experiences, at most, 1 bit of reduced physical + addressing. Change the query-sev-capabilities json comment to use 1. + + Fixes: 31dd67f684 ("sev/i386: qmp: add query-sev-capabilities command") + Signed-off-by: Tom Lendacky + Reviewed-by: Dr. David Alan Gilbert + Message-Id: + Signed-off-by: Paolo Bonzini + +RHEL Notes: + Conflicts: Context differences, since commit 811b4ec7f8eb + is missing + +Signed-off-by: Bandan Das +--- + qapi/misc-target.json | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/qapi/misc-target.json b/qapi/misc-target.json +index 4bc45d2474..ede9052440 100644 +--- a/qapi/misc-target.json ++++ b/qapi/misc-target.json +@@ -205,7 +205,7 @@ + # + # -> { "execute": "query-sev-capabilities" } + # <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE", +-# "cbitpos": 47, "reduced-phys-bits": 5}} ++# "cbitpos": 47, "reduced-phys-bits": 1}} + # + ## + { 'command': 'query-sev-capabilities', 'returns': 'SevCapability', +-- +2.37.3 + diff --git a/kvm-qemu-options.hx-Update-the-reduced-phys-bits-documen.patch b/kvm-qemu-options.hx-Update-the-reduced-phys-bits-documen.patch new file mode 100644 index 0000000..9d95c9c --- /dev/null +++ b/kvm-qemu-options.hx-Update-the-reduced-phys-bits-documen.patch @@ -0,0 +1,61 @@ +From 095811c08557b0a2ad1a433d28699ead1e5ef664 Mon Sep 17 00:00:00 2001 +From: Bandan Das +Date: Thu, 3 Aug 2023 15:12:15 -0400 +Subject: [PATCH 2/5] qemu-options.hx: Update the reduced-phys-bits + documentation + +RH-Author: Bandan Das +RH-MergeRequest: 296: Updates to SEV reduced-phys-bits parameter +RH-Bugzilla: 2214840 +RH-Acked-by: Emanuele Giuseppe Esposito +RH-Acked-by: Vitaly Kuznetsov +RH-Commit: [2/4] f8e8f5aeff449a34ce90c6e55e2a51873a6e6a87 + +Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2214840 + +commit 326e3015c4c6f3197157ea0bb00826ae740e2fad +Author: Tom Lendacky +Date: Fri Sep 30 10:14:28 2022 -0500 + + qemu-options.hx: Update the reduced-phys-bits documentation + + A guest only ever experiences, at most, 1 bit of reduced physical + addressing. Update the documentation to reflect this as well as change + the example value on the reduced-phys-bits option. + + Fixes: a9b4942f48 ("target/i386: add Secure Encrypted Virtualization (SEV) object") + Signed-off-by: Tom Lendacky + Reviewed-by: Dr. David Alan Gilbert + Message-Id: <13a62ced1808546c1d398e2025cf85f4c94ae123.1664550870.git.thomas.lendacky@amd.com> + Signed-off-by: Paolo Bonzini + +Signed-off-by: Bandan Das +--- + qemu-options.hx | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/qemu-options.hx b/qemu-options.hx +index 4b7798088b..981248e283 100644 +--- a/qemu-options.hx ++++ b/qemu-options.hx +@@ -5204,7 +5204,7 @@ SRST + physical address space. The ``reduced-phys-bits`` is used to + provide the number of bits we loose in physical address space. + Similar to C-bit, the value is Host family dependent. On EPYC, +- the value should be 5. ++ a guest will lose a maximum of 1 bit, so the value should be 1. + + The ``sev-device`` provides the device file to use for + communicating with the SEV firmware running inside AMD Secure +@@ -5239,7 +5239,7 @@ SRST + + # |qemu_system_x86| \\ + ...... \\ +- -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=5 \\ ++ -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1 \\ + -machine ...,memory-encryption=sev0 \\ + ..... + +-- +2.37.3 + diff --git a/kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch b/kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch new file mode 100644 index 0000000..d900059 --- /dev/null +++ b/kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch @@ -0,0 +1,57 @@ +From 522ce31b4998b714b03e781f49403b71531ebe5a Mon Sep 17 00:00:00 2001 +From: "Maciej S. Szmigiero" +Date: Mon, 23 May 2022 18:26:58 +0200 +Subject: [PATCH 5/5] target/i386/kvm: Fix disabling MPX on "-cpu host" with + MPX-capable host + +RH-Author: Ani Sinha +RH-MergeRequest: 297: target/i386/kvm: Fix disabling MPX on "-cpu host" with MPX-capable host +RH-Bugzilla: 2223947 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Jon Maloy +RH-Commit: [1/1] 90098294a873a53b366389606fd0402efcbd70ad + +Since KVM commit 5f76f6f5ff96 ("KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled") +it is not possible to disable MPX on a "-cpu host" just by adding "-mpx" +there if the host CPU does indeed support MPX. +QEMU will fail to set MSR_IA32_VMX_TRUE_{EXIT,ENTRY}_CTLS MSRs in this case +and so trigger an assertion failure. + +Instead, besides "-mpx" one has to explicitly add also +"-vmx-exit-clear-bndcfgs" and "-vmx-entry-load-bndcfgs" to QEMU command +line to make it work, which is a bit convoluted. + +Make the MPX-related bits in FEAT_VMX_{EXIT,ENTRY}_CTLS dependent on MPX +being actually enabled so such workarounds are no longer necessary. + +Signed-off-by: Maciej S. Szmigiero +Message-Id: <51aa2125c76363204cc23c27165e778097c33f0b.1653323077.git.maciej.szmigiero@oracle.com> +Cc: qemu-stable@nongnu.org +Signed-off-by: Paolo Bonzini +(cherry picked from commit 267b5e7e378afd260004cb37a66a6fcd641e3b53) +--- + target/i386/cpu.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 265f0aadfc..726814ee2e 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1326,6 +1326,14 @@ static FeatureDep feature_dependencies[] = { + .from = { FEAT_7_0_EBX, CPUID_7_0_EBX_INVPCID }, + .to = { FEAT_VMX_SECONDARY_CTLS, VMX_SECONDARY_EXEC_ENABLE_INVPCID }, + }, ++ { ++ .from = { FEAT_7_0_EBX, CPUID_7_0_EBX_MPX }, ++ .to = { FEAT_VMX_EXIT_CTLS, VMX_VM_EXIT_CLEAR_BNDCFGS }, ++ }, ++ { ++ .from = { FEAT_7_0_EBX, CPUID_7_0_EBX_MPX }, ++ .to = { FEAT_VMX_ENTRY_CTLS, VMX_VM_ENTRY_LOAD_BNDCFGS }, ++ }, + { + .from = { FEAT_7_0_EBX, CPUID_7_0_EBX_RDSEED }, + .to = { FEAT_VMX_SECONDARY_CTLS, VMX_SECONDARY_EXEC_RDSEED_EXITING }, +-- +2.37.3 + diff --git a/qemu-kvm.spec b/qemu-kvm.spec index 6483966..12fe32e 100644 --- a/qemu-kvm.spec +++ b/qemu-kvm.spec @@ -83,7 +83,7 @@ Obsoletes: %1-rhev <= %{epoch}:%{version}-%{release} Summary: QEMU is a machine emulator and virtualizer Name: qemu-kvm Version: 6.2.0 -Release: 37%{?rcrel}%{?dist} +Release: 38%{?rcrel}%{?dist} # Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped Epoch: 15 License: GPLv2 and GPLv2+ and CC-BY @@ -769,6 +769,16 @@ Patch303: kvm-util-iov-Remove-qemu_iovec_init_extended.patch Patch304: kvm-iotests-iov-padding-New-test.patch # For bz#2141964 - Guest hit EXT4-fs error on host 4K disk when repeatedly hot-plug/unplug running IO disk Patch305: kvm-block-Fix-pad_request-s-request-restriction.patch +# For bz#2214840 - [AMDSERVER 8.9 Bug] Qemu SEV reduced-phys-bits fixes +Patch306: kvm-qapi-i386-sev-Change-the-reduced-phys-bits-value-fro.patch +# For bz#2214840 - [AMDSERVER 8.9 Bug] Qemu SEV reduced-phys-bits fixes +Patch307: kvm-qemu-options.hx-Update-the-reduced-phys-bits-documen.patch +# For bz#2214840 - [AMDSERVER 8.9 Bug] Qemu SEV reduced-phys-bits fixes +Patch308: kvm-i386-sev-Update-checks-and-information-related-to-re.patch +# For bz#2214840 - [AMDSERVER 8.9 Bug] Qemu SEV reduced-phys-bits fixes +Patch309: kvm-i386-cpu-Update-how-the-EBX-register-of-CPUID-0x8000.patch +# For bz#2223947 - [RHEL8.9] qemu core dump with '-cpu host,mpx=off' on Cascadelake host +Patch310: kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch BuildRequires: wget BuildRequires: rpm-build @@ -1938,6 +1948,17 @@ sh %{_sysconfdir}/sysconfig/modules/kvm.modules &> /dev/null || : %changelog +* Wed Aug 09 2023 Jon Maloy - 6.2.0-38 +- kvm-qapi-i386-sev-Change-the-reduced-phys-bits-value-fro.patch [bz#2214840] +- kvm-qemu-options.hx-Update-the-reduced-phys-bits-documen.patch [bz#2214840] +- kvm-i386-sev-Update-checks-and-information-related-to-re.patch [bz#2214840] +- kvm-i386-cpu-Update-how-the-EBX-register-of-CPUID-0x8000.patch [bz#2214840] +- kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch [bz#2223947] +- Resolves: bz#2214840 + ([AMDSERVER 8.9 Bug] Qemu SEV reduced-phys-bits fixes) +- Resolves: bz#2223947 + ([RHEL8.9] qemu core dump with '-cpu host,mpx=off' on Cascadelake host) + * Tue Jul 25 2023 Miroslav Rezanina - 6.2.0-37 - kvm-util-iov-Make-qiov_slice-public.patch [bz#2141964] - kvm-block-Collapse-padded-I-O-vecs-exceeding-IOV_MAX.patch [bz#2141964]