€•¸:Œsphinx.addnodes”Œdocument”“”)”}”(Œ rawsource”Œ”Œchildren”]”(Œ translations”Œ LanguagesNode”“”)”}”(hhh]”(hŒ pending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ refdomain”Œstd”Œreftype”Œdoc”Œ reftarget”Œ'/translations/zh_CN/virt/kvm/x86/errata”Œmodname”NŒ classname”NŒ refexplicit”ˆuŒtagname”hhh ubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ'/translations/zh_TW/virt/kvm/x86/errata”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ'/translations/it_IT/virt/kvm/x86/errata”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ'/translations/ja_JP/virt/kvm/x86/errata”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ'/translations/ko_KR/virt/kvm/x86/errata”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒPortuguese (Brazilian)”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ'/translations/pt_BR/virt/kvm/x86/errata”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒSpanish”…””}”hh–sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ'/translations/sp_SP/virt/kvm/x86/errata”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h hhŒ _document”hŒsource”NŒline”NubhŒcomment”“”)”}”(hŒ SPDX-License-Identifier: GPL-2.0”h]”hŒ SPDX-License-Identifier: GPL-2.0”…””}”hh·sbah}”(h]”h ]”h"]”h$]”h&]”Œ xml:space”Œpreserve”uh1hµhhh²hh³ŒA/var/lib/git/docbuild/linux/Documentation/virt/kvm/x86/errata.rst”h´KubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒ'Known limitations of CPU virtualization”h]”hŒ'Known limitations of CPU virtualization”…””}”(hhÏh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhhÊh²hh³hÇh´KubhŒ paragraph”“”)”}”(hŒÛWhenever perfect emulation of a CPU feature is impossible or too hard, KVM has to choose between not implementing the feature at all or introducing behavioral differences between virtual machines and bare metal systems.”h]”hŒÛWhenever perfect emulation of a CPU feature is impossible or too hard, KVM has to choose between not implementing the feature at all or introducing behavioral differences between virtual machines and bare metal systems.”…””}”(hhßh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KhhÊh²hubhÞ)”}”(hŒ\This file documents some of the known limitations that KVM has in virtualizing CPU features.”h]”hŒ\This file documents some of the known limitations that KVM has in virtualizing CPU features.”…””}”(hhíh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K hhÊh²hubhÉ)”}”(hhh]”(hÎ)”}”(hŒx86”h]”hŒx86”…””}”(hhþh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhhûh²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒ"``KVM_GET_SUPPORTED_CPUID`` issues”h]”(hŒliteral”“”)”}”(hŒ``KVM_GET_SUPPORTED_CPUID``”h]”hŒKVM_GET_SUPPORTED_CPUID”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jhjubhŒ issues”…””}”(hjh²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj h²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒ x87 features”h]”hŒ x87 features”…””}”(hj0h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj-h²hh³hÇh´KubhÞ)”}”(hŒÎUnlike most other CPUID feature bits, CPUID[EAX=7,ECX=0]:EBX[6] (FDP_EXCPTN_ONLY) and CPUID[EAX=7,ECX=0]:EBX]13] (ZERO_FCS_FDS) are clear if the features are present and set if the features are not present.”h]”hŒÎUnlike most other CPUID feature bits, CPUID[EAX=7,ECX=0]:EBX[6] (FDP_EXCPTN_ONLY) and CPUID[EAX=7,ECX=0]:EBX]13] (ZERO_FCS_FDS) are clear if the features are present and set if the features are not present.”…””}”(hj>h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khj-h²hubhÞ)”}”(hŒÀClearing these bits in CPUID has no effect on the operation of the guest; if these bits are set on hardware, the features will not be present on any virtual machine that runs on that hardware.”h]”hŒÀClearing these bits in CPUID has no effect on the operation of the guest; if these bits are set on hardware, the features will not be present on any virtual machine that runs on that hardware.”…””}”(hjLh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khj-h²hubhÞ)”}”(hX**Workaround:** It is recommended to always set these bits in guest CPUID. Note however that any software (e.g ``WIN87EM.DLL``) expecting these features to be present likely predates these CPUID feature bits, and therefore doesn't know to check for them anyway.”h]”(hŒstrong”“”)”}”(hŒ**Workaround:**”h]”hŒ Workaround:”…””}”(hj`h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1j^hjZubhŒ` It is recommended to always set these bits in guest CPUID. Note however that any software (e.g ”…””}”(hjZh²hh³Nh´Nubj)”}”(hŒ``WIN87EM.DLL``”h]”hŒ WIN87EM.DLL”…””}”(hjrh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jhjZubhŒ‰) expecting these features to be present likely predates these CPUID feature bits, and therefore doesn’t know to check for them anyway.”…””}”(hjZh²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´Khj-h²hubeh}”(h]”Œ x87-features”ah ]”h"]”Œ x87 features”ah$]”h&]”uh1hÈhj h²hh³hÇh´Kubeh}”(h]”Œkvm-get-supported-cpuid-issues”ah ]”h"]”Œkvm_get_supported_cpuid issues”ah$]”h&]”uh1hÈhhûh²hh³hÇh´KubhÉ)”}”(hhh]”(hÎ)”}”(hŒ``KVM_SET_VCPU_EVENTS`` issue”h]”(j)”}”(hŒ``KVM_SET_VCPU_EVENTS``”h]”hŒKVM_SET_VCPU_EVENTS”…””}”(hj¡h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jhjubhŒ issue”…””}”(hjh²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjšh²hh³hÇh´K%ubhÞ)”}”(hXNInvalid KVM_SET_VCPU_EVENTS input with respect to error codes *may* result in failed VM-Entry on Intel CPUs. Pre-CET Intel CPUs require that exception injection through the VMCS correctly set the "error code valid" flag, e.g. require the flag be set when injecting a #GP, clear when injecting a #UD, clear when injecting a soft exception, etc. Intel CPUs that enumerate IA32_VMX_BASIC[56] as '1' relax VMX's consistency checks, and AMD CPUs have no restrictions whatsoever. KVM_SET_VCPU_EVENTS doesn't sanity check the vector versus "has_error_code", i.e. KVM's ABI follows AMD behavior.”h]”(hŒ>Invalid KVM_SET_VCPU_EVENTS input with respect to error codes ”…””}”(hj¹h²hh³Nh´NubhŒemphasis”“”)”}”(hŒ*may*”h]”hŒmay”…””}”(hjÃh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1jÁhj¹ubhX result in failed VM-Entry on Intel CPUs. Pre-CET Intel CPUs require that exception injection through the VMCS correctly set the “error code valid†flag, e.g. require the flag be set when injecting a #GP, clear when injecting a #UD, clear when injecting a soft exception, etc. Intel CPUs that enumerate IA32_VMX_BASIC[56] as ‘1’ relax VMX’s consistency checks, and AMD CPUs have no restrictions whatsoever. KVM_SET_VCPU_EVENTS doesn’t sanity check the vector versus “has_error_codeâ€, i.e. KVM’s ABI follows AMD behavior.”…””}”(hj¹h²hh³Nh´Nubeh}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K'hjšh²hubeh}”(h]”Œkvm-set-vcpu-events-issue”ah ]”h"]”Œkvm_set_vcpu_events issue”ah$]”h&]”uh1hÈhhûh²hh³hÇh´K%ubhÉ)”}”(hhh]”(hÎ)”}”(hŒNested virtualization features”h]”hŒNested virtualization features”…””}”(hjæh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjãh²hh³hÇh´K1ubhÞ)”}”(hX@On AMD CPUs, when GIF is cleared, #DB exceptions or traps due to a breakpoint register match are ignored and discarded by the CPU. The CPU relies on the VMM to fully virtualize this behavior, even when vGIF is enabled for the guest (i.e. vGIF=0 does not cause the CPU to drop #DBs when the guest is running). KVM does not virtualize this behavior as the complexity is unjustified given the rarity of the use case. One way to handle this would be for KVM to intercept the #DB, temporarily disable the breakpoint, single-step over the instruction, then re-enable the breakpoint.”h]”hX@On AMD CPUs, when GIF is cleared, #DB exceptions or traps due to a breakpoint register match are ignored and discarded by the CPU. The CPU relies on the VMM to fully virtualize this behavior, even when vGIF is enabled for the guest (i.e. vGIF=0 does not cause the CPU to drop #DBs when the guest is running). KVM does not virtualize this behavior as the complexity is unjustified given the rarity of the use case. One way to handle this would be for KVM to intercept the #DB, temporarily disable the breakpoint, single-step over the instruction, then re-enable the breakpoint.”…””}”(hjôh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K3hjãh²hubeh}”(h]”Œnested-virtualization-features”ah ]”h"]”Œnested virtualization features”ah$]”h&]”uh1hÈhhûh²hh³hÇh´K1ubhÉ)”}”(hhh]”(hÎ)”}”(hŒx2APIC”h]”hŒx2APIC”…””}”(hj h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj h²hh³hÇh´K=ubhÞ)”}”(hX[When KVM_X2APIC_API_USE_32BIT_IDS is enabled, KVM activates a hack/quirk that allows sending events to a single vCPU using its x2APIC ID even if the target vCPU has legacy xAPIC enabled, e.g. to bring up hotplugged vCPUs via INIT-SIPI on VMs with > 255 vCPUs. A side effect of the quirk is that, if multiple vCPUs have the same physical APIC ID, KVM will deliver events targeting that APIC ID only to the vCPU with the lowest vCPU ID. If KVM_X2APIC_API_USE_32BIT_IDS is not enabled, KVM follows x86 architecture when processing interrupts (all vCPUs matching the target APIC ID receive the interrupt).”h]”hX[When KVM_X2APIC_API_USE_32BIT_IDS is enabled, KVM activates a hack/quirk that allows sending events to a single vCPU using its x2APIC ID even if the target vCPU has legacy xAPIC enabled, e.g. to bring up hotplugged vCPUs via INIT-SIPI on VMs with > 255 vCPUs. A side effect of the quirk is that, if multiple vCPUs have the same physical APIC ID, KVM will deliver events targeting that APIC ID only to the vCPU with the lowest vCPU ID. If KVM_X2APIC_API_USE_32BIT_IDS is not enabled, KVM follows x86 architecture when processing interrupts (all vCPUs matching the target APIC ID receive the interrupt).”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´K>hj h²hubeh}”(h]”Œx2apic”ah ]”h"]”Œx2apic”ah$]”h&]”uh1hÈhhûh²hh³hÇh´K=ubhÉ)”}”(hhh]”(hÎ)”}”(hŒMTRRs”h]”hŒMTRRs”…””}”(hj4h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhj1h²hh³hÇh´KHubhÞ)”}”(hX!KVM does not virtualize guest MTRR memory types. KVM emulates accesses to MTRR MSRs, i.e. {RD,WR}MSR in the guest will behave as expected, but KVM does not honor guest MTRRs when determining the effective memory type, and instead treats all of guest memory as having Writeback (WB) MTRRs.”h]”hX!KVM does not virtualize guest MTRR memory types. KVM emulates accesses to MTRR MSRs, i.e. {RD,WR}MSR in the guest will behave as expected, but KVM does not honor guest MTRRs when determining the effective memory type, and instead treats all of guest memory as having Writeback (WB) MTRRs.”…””}”(hjBh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KIhj1h²hubeh}”(h]”Œmtrrs”ah ]”h"]”Œmtrrs”ah$]”h&]”uh1hÈhhûh²hh³hÇh´KHubhÉ)”}”(hhh]”(hÎ)”}”(hŒCR0.CD”h]”hŒCR0.CD”…””}”(hj[h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÍhjXh²hh³hÇh´KOubhÞ)”}”(hŒãKVM does not virtualize CR0.CD on Intel CPUs. Similar to MTRR MSRs, KVM emulates CR0.CD accesses so that loads and stores from/to CR0 behave as expected, but setting CR0.CD=1 has no impact on the cachaeability of guest memory.”h]”hŒãKVM does not virtualize CR0.CD on Intel CPUs. Similar to MTRR MSRs, KVM emulates CR0.CD accesses so that loads and stores from/to CR0 behave as expected, but setting CR0.CD=1 has no impact on the cachaeability of guest memory.”…””}”(hjih²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KPhjXh²hubhÞ)”}”(hŒ²Note, this erratum does not affect AMD CPUs, which fully virtualize CR0.CD in hardware, i.e. put the CPU caches into "no fill" mode when CR0.CD=1, even when running in the guest.”h]”hŒ¶Note, this erratum does not affect AMD CPUs, which fully virtualize CR0.CD in hardware, i.e. put the CPU caches into “no fill†mode when CR0.CD=1, even when running in the guest.”…””}”(hjwh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÝh³hÇh´KUhjXh²hubeh}”(h]”Œcr0-cd”ah ]”h"]”Œcr0.cd”ah$]”h&]”uh1hÈhhûh²hh³hÇh´KOubeh}”(h]”Œx86”ah ]”h"]”Œx86”ah$]”h&]”uh1hÈhhÊh²hh³hÇh´Kubeh}”(h]”Œ'known-limitations-of-cpu-virtualization”ah ]”h"]”Œ'known limitations of cpu virtualization”ah$]”h&]”uh1hÈhhh²hh³hÇh´Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”hÇuh1hŒcurrent_source”NŒ current_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(hÍNŒ generator”NŒ datestamp”NŒ source_link”NŒ source_url”NŒ toc_backlinks”Œentry”Œfootnote_backlinks”KŒ sectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒ strip_classes”NŒ report_level”KŒ halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ traceback”ˆŒinput_encoding”Œ utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”jÀŒerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œ language_code”Œen”Œrecord_dependencies”NŒconfig”NŒ id_prefix”hŒauto_id_prefix”Œid”Œ dump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”hÇŒ _destination”NŒ _config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒ raw_enabled”KŒline_length_limit”M'Œpep_references”NŒ pep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒ rfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œ smart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œ docinfo_xform”KŒsectsubtitle_xform”‰Œ image_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”(jšj—j’jj—j”jjŒjàjÝjjj.j+jUjRjŠj‡uŒ nametypes”}”(jš‰j’‰j—‰j‰jà‰j‰j.‰jU‰jŠ‰uh}”(j—hÊjhûj”j jŒj-jÝjšjjãj+j jRj1j‡jXuŒ footnote_refs”}”Œ citation_refs”}”Œ autofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ footnotes”]”Œ citations”]”Œautofootnote_start”KŒsymbol_footnote_start”KŒ id_counter”Œ collections”ŒCounter”“”}”…”R”Œparse_messages”]”Œtransform_messages”]”Œ transformer”NŒ include_log”]”Œ decoration”Nh²hub.