regression: nested: L1 3.15+ fails to load kvm-intel on L0 <3.15

From: Stefan Bader
Date: Wed Mar 18 2015 - 04:46:31 EST


Someone reported[1] that some of their L1 guests fail to load the kvm-intel
module (without much details). Turns out that this was (at least) caused by

KVM: vmx: Allow the guest to run with dirty debug registers

as this adds VM_EXIT_SAVE_DEBUG_CONTROLS to the required MSR_IA32_VMX_EXIT_CTLS
bits. Not sure this should be fixed up in pre 3.15 kernels or the other way
round. Maybe naively asked but would it be sufficient to add this as required to
older kernels vmcs setup (without the code to make any use of it)?

Regardless of that, I wonder whether the below (this version untested) sound
acceptable for upstream? At least it would make debugging much simpler. :)

--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2953,8 +2953,11 @@ static __init int adjust_vmx_controls(u32 ctl_min, u32 ct
ctl |= vmx_msr_low; /* bit == 1 in low word ==> must be one */

/* Ensure minimum (required) set of control bits are supported. */
- if (ctl_min & ~ctl)
+ if (ctl_min & ~ctl) {
+ printk(KERN_ERR "vmx: msr(%08x) does not match requirements. "
+ "req=%08x cur=%08x\n", msr, ctl_min, ctl);
return -EIO;
+ }

*result = ctl;
return 0;

Thanks,
-Stefan

[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1431473

Attachment: signature.asc
Description: OpenPGP digital signature