On Tue, 2011-07-05 at 13:37 +0300, Avi Kivity wrote: > On 07/05/2011 12:56 PM, Sasha Levin wrote: > > Please note that I don't have access to the hardware in question, this > > was done over IRC. > > > > I understand that. Can you get in contact with the reporter again? >
Hopefully, If he comes back on IRC (or reads these mails :) ). > > Here are the steps taken in debugging this issue: > > > > 1. Looking at the dmesg ( http://pastebin.com/eM7bDY8r ) we saw that > > when trying to load the kvm module, the following error shows up: 'kvm: > > enabling virtualization on CPU0 failed'. > > > > 2. We went through the lsmod output (unfortunately I don't have the link > > as it's gone from my IRC buffer) and didn't see any modules belonging to > > other hypervisors. > > > > 3. At that point, looking at the code - we figured that a set SVM flag > > is the possible culprit since it's the only code path which fails > > loading the module with that error message without printing anything > > else. > > > > 4. Installed msr-tools and injected the msr module so that we could read > > msr values from userspace. > > > > 5. Ran 'rdmsr 0xc0000080' to read the extended feature register. The > > output had bit 12 set - which means that SVM bit was enabled. > > > > 6. Ran 'wrmsr 0xc0000080 0xd01' which disabled the SVM bit. > > > > 7. kvm module loaded ok. > > My questions are: > > - was a BIOS update attempted? at least VMware uses the same check as > kvm, and probably virtualbox as well, so this problem should have been > seen before. We didn't update the BIOS. virtualbox was installed previously and didn't work properly either - thats why he tried kvm afaik. We made sure to remove virtualbox properly and did a reset afterwards. After removal, no virtualbox modules were loaded at any point. > - was the vendor contacted? Not that I think we'll see a lot of good > from that. Nope. > - was this after a reset or cold boot? This was a reset, we didn't try a cold boot. > - maybe a stealth rootkit is involved? > A rootkit that messed up the MSRs or runs a hidden guest sounds like a possibility too. Alexander Graf suggested it's a simple case of a BIOS vendor not implementing specs properly as he has seen a similar case of BIOS only allowing to start virtualization on the first CPU. -- Sasha. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
