#1296 LOCK_BIT in MSR_FEATURE_CONTROL

open
nobody
ROM BIOS (83)
5
2012-10-15
2012-05-22
Thomas Prescher
No

The bochs BIOS does not set the LOCK_BIT of MSR_FEATURE_CONTROL when VMX is enabled.

I found the following workaround:
cpu/init.cc line 1100 has a comment that VMX should be enabled by the BIOS instead.
When uncommenting msr.ia32_feature_control = BX_IA32_FEATURE_LOCK_BIT...
everything works fine.

Bug was found when trying to boot NOVA (www.hypervisor.org). NOVA reported that the CPU
does not support VMX even when compiled with --enable-vmx=2 and cpu set to sandybridge 2600k.

Discussion

  • We had a discussion about it once in another bug report:
    ID [2964655] VMX not enabled in MSR IA32_FEATURE_CONTROL

    We concluded that BIOS not necessary should do anything because the hypervisor could set the lock bit by himself before calling to VMXON. Now the question is more - what is done by real BIOSes on real hardware. Do you have the lock bit set immediatelly after you booted BIOS image?

    Stanislav

     
  • The Intel manual says:

    Ensure that the IA32_FEATURE_CONTROL MSR (MSR index 3AH) has been
    properly programmed and that its lock bit is set (Bit 0 = 1). This MSR is generally
    configured by the BIOS using WRMSR.

    For me, this sounds like it is the BIOS' job

     
  • The manual also describes the MSR as follows

    Lock bit (R/WO): (1 = locked).
    When set, locks this MSR from
    being written, writes to this
    bit will result in GP(0).
    Note: Once the Lock bit is set,
    the contents of this register
    cannot be modified.
    Therefore the lock bit must
    be set after configuring
    support
    for Intel Virtualization
    Technology and prior to
    transferring control to an
    option ROM or the OS. Hence,
    once the Lock bit is set, the
    entire
    IA32_FEATURE_CONTROL_M
    SR contents are preserved
    across RESET when
    PWRGOOD is not deasserted.

     
  • Assigning Category to ROM BIOS