Blob Blame Raw
From 50e0729e98e9938b338367e29afd6b7abce9bb04 Mon Sep 17 00:00:00 2001
From: "plai@redhat.com" <plai@redhat.com>
Date: Mon, 23 Sep 2019 20:40:18 +0200
Subject: [PATCH 02/12] target-i386: Merge feature filtering/checking functions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

RH-Author: plai@redhat.com
Message-id: <1569271227-28026-2-git-send-email-plai@redhat.com>
Patchwork-id: 90853
O-Subject: [RHEL7.8 qemu-kvm PATCH v6 01/10] target-i386: Merge feature filtering/checking functions
Bugzilla: 1709971
RH-Acked-by: Eduardo Habkost <ehabkost@redhat.com>
RH-Acked-by: Bandan Das <bsd@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>

From: Eduardo Habkost <ehabkost@redhat.com>

Merge filter_features_for_kvm() and kvm_check_features_against_host().

Both functions made exactly the same calculations, the only difference
was that filter_features_for_kvm() changed the bits on cpu->features[],
and kvm_check_features_against_host() did error reporting.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
(cherry picked from commit 51f63aed32314479065207ff2fb28255de4dbda4)
Signed-off-by: Paul Lai <plai@redhat.com>

  unavailable_host_feature() removed due to lack of references.
  report_unavailable_features() from 51f63aed3 to make things compile.

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 target-i386/cpu.c | 91 ++++++++++++++-----------------------------------------
 1 file changed, 22 insertions(+), 69 deletions(-)

diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index ca43268..6fb805b 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -1774,11 +1774,11 @@ static void kvm_cpu_fill_host(x86_def_t *x86_cpu_def)
 #endif /* CONFIG_KVM */
 }
 
-static int unavailable_host_feature(FeatureWordInfo *f, uint32_t mask)
+static void report_unavailable_features(FeatureWordInfo *f, uint32_t mask)
 {
     int i;
 
-    for (i = 0; i < 32; ++i)
+    for (i = 0; i < 32; ++i) {
         if (1 << i & mask) {
             const char *reg = get_register_name_32(f->cpuid_reg);
             assert(reg);
@@ -1787,40 +1787,8 @@ static int unavailable_host_feature(FeatureWordInfo *f, uint32_t mask)
                 f->cpuid_eax, reg,
                 f->feat_names[i] ? "." : "",
                 f->feat_names[i] ? f->feat_names[i] : "", i);
-            break;
-        }
-    return 0;
-}
-
-/* Check if all requested cpu flags are making their way to the guest
- *
- * Returns 0 if all flags are supported by the host, non-zero otherwise.
- *
- * This function may be called only if KVM is enabled.
- */
-static int kvm_check_features_against_host(KVMState *s, X86CPU *cpu)
-{
-    CPUX86State *env = &cpu->env;
-    int rv = 0;
-    FeatureWord w;
-
-    assert(kvm_enabled());
-
-    for (w = 0; w < FEATURE_WORDS; w++) {
-        FeatureWordInfo *wi = &feature_word_info[w];
-        uint32_t guest_feat = env->features[w];
-        uint32_t host_feat = kvm_arch_get_supported_cpuid(s, wi->cpuid_eax,
-                                                             wi->cpuid_ecx,
-                                                             wi->cpuid_reg);
-        uint32_t mask;
-        for (mask = 1; mask; mask <<= 1) {
-            if (guest_feat & mask && !(host_feat & mask)) {
-                unavailable_host_feature(wi, mask);
-                rv = 1;
-            }
         }
     }
-    return rv;
 }
 
 static void x86_cpuid_version_get_family(Object *obj, Visitor *v, void *opaque,
@@ -2419,12 +2387,21 @@ CpuDefinitionInfoList *arch_query_cpu_definitions(Error **errp)
     return cpu_list;
 }
 
-#ifdef CONFIG_KVM
-static void filter_features_for_kvm(X86CPU *cpu)
+/*
+ * Filters CPU feature words based on host availability of each feature.
+ *
+ * This function may be called only if KVM is enabled.
+ *
+ * Returns: 0 if all flags are supported by the host, non-zero otherwise.
+ */
+static int filter_features_for_kvm(X86CPU *cpu)
 {
     CPUX86State *env = &cpu->env;
     KVMState *s = kvm_state;
     FeatureWord w;
+    int rv = 0;
+
+    assert(kvm_enabled());
 
     for (w = 0; w < FEATURE_WORDS; w++) {
         FeatureWordInfo *wi = &feature_word_info[w];
@@ -2434,9 +2411,16 @@ static void filter_features_for_kvm(X86CPU *cpu)
         uint32_t requested_features = env->features[w];
         env->features[w] &= host_feat;
         cpu->filtered_features[w] = requested_features & ~env->features[w];
+        if (cpu->filtered_features[w]) {
+            if (cpu->check_cpuid || cpu->enforce_cpuid) {
+                report_unavailable_features(wi, cpu->filtered_features[w]);
+            }
+            rv = 1;
+        }
     }
+
+    return rv;
 }
-#endif
 
 static void cpu_x86_register(X86CPU *cpu, const char *name, Error **errp)
 {
@@ -3118,42 +3102,11 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp)
             env->features[w] &= feature_word_info[w].tcg_features;
         }
     } else {
-        KVMState *s = kvm_state;
-        if ((cpu->check_cpuid || cpu->enforce_cpuid)
-            && kvm_check_features_against_host(s, cpu) && cpu->enforce_cpuid) {
+        if (filter_features_for_kvm(cpu) && cpu->enforce_cpuid) {
             error_setg(&local_err,
                        "Host's CPU doesn't support requested features");
             goto out;
         }
-#ifdef CONFIG_KVM
-        filter_features_for_kvm(cpu);
-#endif
-    }
-
-    /*
-     * RHEL-only:
-     *
-     * The arch-facilities feature flag is deprecated because it was never
-     * supported upstream.  The upstream property is "arch-capabilities",
-     * but it was not backported to this QEMU version.  Note that
-     * arch-capabilities is not required for mitigation of CVE-2017-5715.
-     *
-     * In addition to being deprecated, arch-facilities blocks live migration
-     * because the value of MSR_IA32_ARCH_CAPABILITIES is host-dependent and
-     * not migration-safe.
-     */
-    if (cpu->env.features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_CAPABILITIES) {
-        static bool warned = false;
-        static Error *arch_facilities_blocker;
-        if (!warned) {
-            error_setg(&arch_facilities_blocker,
-                       "The arch-facilities CPU feature is deprecated and "
-                       "does not support live migration");
-            migrate_add_blocker(arch_facilities_blocker);
-            error_report("WARNING: the arch-facilities CPU feature is "
-                         "deprecated and does not support live migration");
-            warned = true;
-        }
     }
 
 #ifndef CONFIG_USER_ONLY
-- 
1.8.3.1