Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-52260

VM boot with page fault error when start with amd-sev and vIOMMU enabled

    • No
    • Moderate
    • rhel-sst-virtualization
    • ssg_virtualization
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      Description of problem:
      VM boot with page fault error when start with amd-sev and vIOMMU enabled

      Version-Release number of selected component (if applicable):
      host:
      libvirt-10.5.0-4.el9.x86_64
      qemu-kvm-9.0.0-7.el9.x86_64
      kernel-5.14.0-480.el9.x86_64
      VM:
      kernel-5.14.0-480.el9.x86_64

      How reproducible:
      100%

      Steps to Reproduce:
      1. On an AMD-SEV system, prepare a vm with sev setting:

       # virsh dumpxml test
      <domain type='kvm'>
        <name>test</name>
      ......
       <memtune>
          <hard_limit unit='KiB'>5242880</hard_limit>
        </memtune>
        <vcpu placement='static'>1</vcpu>
        <os firmware='efi'>
          <type arch='x86_64' machine='pc-q35-rhel9.4.0'>hvm</type>
          <firmware>
            <feature enabled='no' name='enrolled-keys'/>
            <feature enabled='no' name='secure-boot'/>
          </firmware>
          <loader readonly='yes' secure='no' type='pflash' stateless='yes'>/usr/share/edk2/ovmf/OVMF.amdsev.fd</loader>
          <boot dev='hd'/>
        </os>
      ...
       <launchSecurity type='sev' kernelHashes='yes'>
          <cbitpos>51</cbitpos>
          <reducedPhysBits>1</reducedPhysBits>
          <policy>0x0003</policy>
        </launchSecurity>
      </domain>
      

      2. Start the vm, the vm can start and boot successfully:

       [root@localhost ~]# dmesg | grep -i sev
      [    0.043444] Memory Encryption Features active: AMD SEV
      [    0.043444] SEV: Status: SEV
      [    4.781700] kvm_amd: KVM is unsupported when running as an SEV guest
      

      3. destroy the VM, add virtio iommu into the guest xml, and start the vm again:

       # virsh destroy test
      Domain 'test' destroyed
      
      # cat iommu.xml  
      <iommu model='virtio'/>
      
      # virsh attach-device test iommu.xml --config
      Device attached successfully
      
      # virsh start test --console
      ...
      [    5.421144] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2ae4 []
      [    5.421165] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2aec []
      [    5.421185] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2af0 []
      [    5.421206] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2af4 []
      [    5.421226] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2af8 []
      [    5.421246] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2afc []
      [    5.486310] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2ae8 []
      [    5.486349] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2ae0 []
      [    5.760006] usb 2-1: device descriptor read/64, error -110
      [   10.434902] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2ae8 []
      [   10.434932] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2ae0 []
      [   10.434954] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2ae4 []
      [   10.434974] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2aec []
      [   10.434994] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2af0 []
      [   10.435014] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2af4 []
      [   10.435034] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2af8 []
      [   10.435054] virtio_iommu virtio0: page fault from EP 239 at 0xe86b2afc []
      

      Actual results:
      VM boot with page fault error when start with amd-sev and vIOMMU enabled

      Expected results:
      There should not be errors and vm can work properly with vIOMMU and SEV enabled

      Additional info:

        1. test_with_iommu.xml
          9 kB
          Yalan Zhang
        2. test_without_iommu.xml
          9 kB
          Yalan Zhang

              bdas@redhat.com Bandan Das
              yalzhang@redhat.com Yalan Zhang
              virt-maint virt-maint
              Zixi Chen Zixi Chen
              Votes:
              0 Vote for this issue
              Watchers:
              16 Start watching this issue

                Created:
                Updated: