1. Patchew
  2. linux
  3. [PATCH v3 00/16] KVM: x86/tdx: Have TDX handle VMXON during bringup
  4. View patch

[PATCH v3 05/16] x86/virt: Force-clear X86_FEATURE_VMX if configuring root VMCS fails

Sean Christopherson posted 16 patches 1 month, 2 weeks ago
[PATCH v3 05/16] x86/virt: Force-clear X86_FEATURE_VMX if configuring root VMCS fails
Posted by Sean Christopherson 1 month, 2 weeks ago 
If allocating and configuring a root VMCS fails, clear X86_FEATURE_VMX in
all CPUs so that KVM doesn't need to manually check root_vmcs.  As added
bonuses, clearing VMX will reflect that VMX is unusable in /proc/cpuinfo,
and will avoid a futile auto-probe of kvm-intel.ko.

WARN if allocating a root VMCS page fails, e.g. to help users figure out
why VMX is broken in the unlikely scenario something goes sideways during
boot (and because the allocation should succeed unless there's a kernel
bug).  Tweak KVM's error message to suggest checking kernel logs if VMX is
unsupported (in addition to checking BIOS).

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/vmx.c |  7 ++++---
 arch/x86/virt/hw.c     | 14 ++++++++++++--
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index abd4830f71d8..e767835a4f3a 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -2927,14 +2927,15 @@ static bool __kvm_is_vmx_supported(void)
 		return false;
 	}
 
-	if (!this_cpu_has(X86_FEATURE_MSR_IA32_FEAT_CTL) ||
-	    !this_cpu_has(X86_FEATURE_VMX)) {
+	if (!this_cpu_has(X86_FEATURE_MSR_IA32_FEAT_CTL)) {
 		pr_err("VMX not enabled (by BIOS) in MSR_IA32_FEAT_CTL on CPU %d\n", cpu);
 		return false;
 	}
 
-	if (!per_cpu(root_vmcs, cpu))
+	if (!this_cpu_has(X86_FEATURE_VMX)) {
+		pr_err("VMX not fully enabled on CPU %d.  Check kernel logs and/or BIOS\n", cpu);
 		return false;
+	}
 
 	return true;
 }
diff --git a/arch/x86/virt/hw.c b/arch/x86/virt/hw.c
index 56972f594d90..40495872fdfb 100644
--- a/arch/x86/virt/hw.c
+++ b/arch/x86/virt/hw.c
@@ -28,7 +28,7 @@ static __init void x86_vmx_exit(void)
 	}
 }
 
-static __init int x86_vmx_init(void)
+static __init int __x86_vmx_init(void)
 {
 	u64 basic_msr;
 	u32 rev_id;
@@ -56,7 +56,7 @@ static __init int x86_vmx_init(void)
 		struct vmcs *vmcs;
 
 		page = __alloc_pages_node(node, GFP_KERNEL | __GFP_ZERO, 0);
-		if (!page) {
+		if (WARN_ON_ONCE(!page)) {
 			x86_vmx_exit();
 			return -ENOMEM;
 		}
@@ -68,6 +68,16 @@ static __init int x86_vmx_init(void)
 
 	return 0;
 }
+
+static __init int x86_vmx_init(void)
+{
+	int r;
+
+	r = __x86_vmx_init();
+	if (r)
+		setup_clear_cpu_cap(X86_FEATURE_VMX);
+	return r;
+}
 #else
 static __init int x86_vmx_init(void) { return -EOPNOTSUPP; }
 #endif
-- 
2.53.0.310.g728cabbaf7-goog
Re: [PATCH v3 05/16] x86/virt: Force-clear X86_FEATURE_VMX if configuring root VMCS fails
Posted by dan.j.williams@intel.com 1 month, 2 weeks ago 
Sean Christopherson wrote:
> If allocating and configuring a root VMCS fails, clear X86_FEATURE_VMX in
> all CPUs so that KVM doesn't need to manually check root_vmcs.  As added
> bonuses, clearing VMX will reflect that VMX is unusable in /proc/cpuinfo,
> and will avoid a futile auto-probe of kvm-intel.ko.
> 
> WARN if allocating a root VMCS page fails, e.g. to help users figure out
> why VMX is broken in the unlikely scenario something goes sideways during
> boot (and because the allocation should succeed unless there's a kernel
> bug).  Tweak KVM's error message to suggest checking kernel logs if VMX is
> unsupported (in addition to checking BIOS).
> 
> Signed-off-by: Sean Christopherson <seanjc@google.com>
[..]
> diff --git a/arch/x86/virt/hw.c b/arch/x86/virt/hw.c
> index 56972f594d90..40495872fdfb 100644
> --- a/arch/x86/virt/hw.c
> +++ b/arch/x86/virt/hw.c
[..]
> @@ -56,7 +56,7 @@ static __init int x86_vmx_init(void)
>  		struct vmcs *vmcs;
>  
>  		page = __alloc_pages_node(node, GFP_KERNEL | __GFP_ZERO, 0);
> -		if (!page) {
> +		if (WARN_ON_ONCE(!page)) {

Is the warn_alloc() deep in this path not sufficient? Either way, this
patch looks good to me.
Re: [PATCH v3 05/16] x86/virt: Force-clear X86_FEATURE_VMX if configuring root VMCS fails
Posted by Sean Christopherson 1 month, 2 weeks ago 
On Mon, Feb 16, 2026, dan.j.williams@intel.com wrote:
> Sean Christopherson wrote:
> > If allocating and configuring a root VMCS fails, clear X86_FEATURE_VMX in
> > all CPUs so that KVM doesn't need to manually check root_vmcs.  As added
> > bonuses, clearing VMX will reflect that VMX is unusable in /proc/cpuinfo,
> > and will avoid a futile auto-probe of kvm-intel.ko.
> > 
> > WARN if allocating a root VMCS page fails, e.g. to help users figure out
> > why VMX is broken in the unlikely scenario something goes sideways during
> > boot (and because the allocation should succeed unless there's a kernel
> > bug).  Tweak KVM's error message to suggest checking kernel logs if VMX is
> > unsupported (in addition to checking BIOS).
> > 
> > Signed-off-by: Sean Christopherson <seanjc@google.com>
> [..]
> > diff --git a/arch/x86/virt/hw.c b/arch/x86/virt/hw.c
> > index 56972f594d90..40495872fdfb 100644
> > --- a/arch/x86/virt/hw.c
> > +++ b/arch/x86/virt/hw.c
> [..]
> > @@ -56,7 +56,7 @@ static __init int x86_vmx_init(void)
> >  		struct vmcs *vmcs;
> >  
> >  		page = __alloc_pages_node(node, GFP_KERNEL | __GFP_ZERO, 0);
> > -		if (!page) {
> > +		if (WARN_ON_ONCE(!page)) {
> 
> Is the warn_alloc() deep in this path not sufficient? Either way, this
> patch looks good to me.

Not sure, I don't have much experience with warn_alloc() in practice.  Reading
the code, my initial reaction is that I don't want to rely on warn_alloc() since
it's ratelimited.  Multiple allocation failures during boot seems unlikely, but
at the same time, the cost of the WARN_ON_ONCE() here is really just the handful
of bytes for the bug_table entry.

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.