From 7e79bb0dc6af82413c9c5b153f18ce91146e0e53 Mon Sep 17 00:00:00 2001 From: Eduardo Habkost Date: Wed, 9 Oct 2019 17:51:39 +0200 Subject: [PATCH 01/10] target-i386: Merge feature filtering/checking functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RH-Author: Eduardo Habkost Message-id: <20191009175148.1361-2-ehabkost@redhat.com> Patchwork-id: 91357 O-Subject: [RHEL-7.7.z qemu-kvm PATCH 01/10] target-i386: Merge feature filtering/checking functions Bugzilla: 1730606 RH-Acked-by: Miroslav Rezanina RH-Acked-by: Bandan Das RH-Acked-by: Igor Mammedov Merge filter_features_for_kvm() and kvm_check_features_against_host(). Both functions made exactly the same calculations, the only difference was that filter_features_for_kvm() changed the bits on cpu->features[], and kvm_check_features_against_host() did error reporting. 7.8 backport notes (plai): * unavailable_host_feature() removed due to lack of references. * report_unavailable_features() from 51f63aed3 to make things compile. 7.7.z backport notes (ehabkost): * cherry-pick from 7.8 with no conflicts Reviewed-by: Richard Henderson Signed-off-by: Eduardo Habkost Signed-off-by: Andreas Färber (cherry picked from commit 51f63aed32314479065207ff2fb28255de4dbda4) Signed-off-by: Paul Lai Signed-off-by: Eduardo Habkost Signed-off-by: Miroslav Rezanina --- target-i386/cpu.c | 91 ++++++++++++++----------------------------------------- 1 file changed, 22 insertions(+), 69 deletions(-) diff --git a/target-i386/cpu.c b/target-i386/cpu.c index c2fcd1e..c9d7557 100644 --- a/target-i386/cpu.c +++ b/target-i386/cpu.c @@ -1754,11 +1754,11 @@ static void kvm_cpu_fill_host(x86_def_t *x86_cpu_def) #endif /* CONFIG_KVM */ } -static int unavailable_host_feature(FeatureWordInfo *f, uint32_t mask) +static void report_unavailable_features(FeatureWordInfo *f, uint32_t mask) { int i; - for (i = 0; i < 32; ++i) + for (i = 0; i < 32; ++i) { if (1 << i & mask) { const char *reg = get_register_name_32(f->cpuid_reg); assert(reg); @@ -1767,40 +1767,8 @@ static int unavailable_host_feature(FeatureWordInfo *f, uint32_t mask) f->cpuid_eax, reg, f->feat_names[i] ? "." : "", f->feat_names[i] ? f->feat_names[i] : "", i); - break; - } - return 0; -} - -/* Check if all requested cpu flags are making their way to the guest - * - * Returns 0 if all flags are supported by the host, non-zero otherwise. - * - * This function may be called only if KVM is enabled. - */ -static int kvm_check_features_against_host(KVMState *s, X86CPU *cpu) -{ - CPUX86State *env = &cpu->env; - int rv = 0; - FeatureWord w; - - assert(kvm_enabled()); - - for (w = 0; w < FEATURE_WORDS; w++) { - FeatureWordInfo *wi = &feature_word_info[w]; - uint32_t guest_feat = env->features[w]; - uint32_t host_feat = kvm_arch_get_supported_cpuid(s, wi->cpuid_eax, - wi->cpuid_ecx, - wi->cpuid_reg); - uint32_t mask; - for (mask = 1; mask; mask <<= 1) { - if (guest_feat & mask && !(host_feat & mask)) { - unavailable_host_feature(wi, mask); - rv = 1; - } } } - return rv; } static void x86_cpuid_version_get_family(Object *obj, Visitor *v, void *opaque, @@ -2399,12 +2367,21 @@ CpuDefinitionInfoList *arch_query_cpu_definitions(Error **errp) return cpu_list; } -#ifdef CONFIG_KVM -static void filter_features_for_kvm(X86CPU *cpu) +/* + * Filters CPU feature words based on host availability of each feature. + * + * This function may be called only if KVM is enabled. + * + * Returns: 0 if all flags are supported by the host, non-zero otherwise. + */ +static int filter_features_for_kvm(X86CPU *cpu) { CPUX86State *env = &cpu->env; KVMState *s = kvm_state; FeatureWord w; + int rv = 0; + + assert(kvm_enabled()); for (w = 0; w < FEATURE_WORDS; w++) { FeatureWordInfo *wi = &feature_word_info[w]; @@ -2414,9 +2391,16 @@ static void filter_features_for_kvm(X86CPU *cpu) uint32_t requested_features = env->features[w]; env->features[w] &= host_feat; cpu->filtered_features[w] = requested_features & ~env->features[w]; + if (cpu->filtered_features[w]) { + if (cpu->check_cpuid || cpu->enforce_cpuid) { + report_unavailable_features(wi, cpu->filtered_features[w]); + } + rv = 1; + } } + + return rv; } -#endif static void cpu_x86_register(X86CPU *cpu, const char *name, Error **errp) { @@ -3086,42 +3070,11 @@ static void x86_cpu_realizefn(DeviceState *dev, Error **errp) env->features[w] &= feature_word_info[w].tcg_features; } } else { - KVMState *s = kvm_state; - if ((cpu->check_cpuid || cpu->enforce_cpuid) - && kvm_check_features_against_host(s, cpu) && cpu->enforce_cpuid) { + if (filter_features_for_kvm(cpu) && cpu->enforce_cpuid) { error_setg(&local_err, "Host's CPU doesn't support requested features"); goto out; } -#ifdef CONFIG_KVM - filter_features_for_kvm(cpu); -#endif - } - - /* - * RHEL-only: - * - * The arch-facilities feature flag is deprecated because it was never - * supported upstream. The upstream property is "arch-capabilities", - * but it was not backported to this QEMU version. Note that - * arch-capabilities is not required for mitigation of CVE-2017-5715. - * - * In addition to being deprecated, arch-facilities blocks live migration - * because the value of MSR_IA32_ARCH_CAPABILITIES is host-dependent and - * not migration-safe. - */ - if (cpu->env.features[FEAT_7_0_EDX] & CPUID_7_0_EDX_ARCH_CAPABILITIES) { - static bool warned = false; - static Error *arch_facilities_blocker; - if (!warned) { - error_setg(&arch_facilities_blocker, - "The arch-facilities CPU feature is deprecated and " - "does not support live migration"); - migrate_add_blocker(arch_facilities_blocker); - error_report("WARNING: the arch-facilities CPU feature is " - "deprecated and does not support live migration"); - warned = true; - } } #ifndef CONFIG_USER_ONLY -- 1.8.3.1