From nobody Tue Feb 10 12:42:23 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1499137461150141.33418163905117;
 Mon, 3 Jul 2017 20:04:21 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 46BD287649;
	Tue,  4 Jul 2017 03:04:19 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 10BA06EC9F;
	Tue,  4 Jul 2017 03:04:19 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id A8F621804753;
	Tue,  4 Jul 2017 03:04:14 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
	[10.5.11.14])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v6434DW8016007 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 3 Jul 2017 23:04:13 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 20D916128D; Tue,  4 Jul 2017 03:04:13 +0000 (UTC)
Received: from mx1.redhat.com (ext-mx03.extmail.prod.ext.phx2.redhat.com
	[10.5.110.27])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 1AC2261293
	for <libvir-list@redhat.com>; Tue,  4 Jul 2017 03:04:11 +0000 (UTC)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com
	[66.111.4.25])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 76ACE7EBDE
	for <libvir-list@redhat.com>; Tue,  4 Jul 2017 03:04:10 +0000 (UTC)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47])
	by mailout.nyi.internal (Postfix) with ESMTP id F2EE820BBF;
	Mon,  3 Jul 2017 23:04:09 -0400 (EDT)
Received: from frontend2 ([10.202.2.161])
	by compute7.internal (MEProxy); Mon, 03 Jul 2017 23:04:09 -0400
Received: from devel-3rdparty.localdomain (89-70-103-23.dynamic.chello.pl
	[89.70.103.23])
	by mail.messagingengine.com (Postfix) with ESMTPA id 4C9E0246E8;
	Mon,  3 Jul 2017 23:04:09 -0400 (EDT)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 46BD287649
Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com;
 dmarc=none (p=none dis=none) header.from=invisiblethingslab.com
Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com;
 spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 46BD287649
Authentication-Results: mx1.redhat.com;
	dkim=fail reason="signature verification failed" (2048-bit key)
 header.d=messagingengine.com header.i=@messagingengine.com
 header.b="EH79Ftu2"
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 76ACE7EBDE
Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com;
	dmarc=none (p=none dis=none)
	header.from=invisiblethingslab.com
Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com;
	spf=none smtp.mailfrom=marmarek@invisiblethingslab.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 76ACE7EBDE
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:content-type
	:date:from:in-reply-to:in-reply-to:message-id:mime-version
	:references:references:subject:to:x-me-sender:x-me-sender
	:x-sasl-enc:x-sasl-enc; s=fm1; bh=68RPiMzTYb9rubUAt6Wg2guuypldcf
	v9qBnQX/Oioic=; b=EH79Ftu2kg7Jp/sBF4ncXSTbwI6QUyWAt26spu5Cw4uRAv
	mu8raZM4R4+0P63VoWYxtRJdbRlUdiVjGL5PcvkQajo9X7T5yw6VOkzE0ftw45CN
	AfDzgoIqQhNxB+JXq25cSx9wP/6JTtkJB6yfjY0GdqTWH4FmI/Grwcx2ZqShHca8
	Mwo1/n2rczmmioJSv/p7KGKbelqFub68HJU71+ZLfa2fbxOLNiiXF4Ga10W6HrUA
	Fj50Uno55w/uQU/q+xRSp4WeBnXAJTS9Hra97zr/FpPd0mX9rveAdVfzImgUjYX6
	JUR/+tJHGVvHY/B1/H18bw3GqZ2P+AbWu6EyF6zw==
X-ME-Sender: <xms:qQVbWcpPaOe7EjNDmUcO1a5K74MySpMHV7OTyivFJ712VP5wq2kYpg>
X-Sasl-enc: 2BsjZfLVqHbiSag1qwIESEVAAJMKS+2mlmtbC8Ubgf1h 1499137449
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
	<marmarek@invisiblethingslab.com>
To: libvir-list@redhat.com
Date: Tue,  4 Jul 2017 05:03:45 +0200
Message-Id: 
 <a32d39a0c88264ed54713f94c2852e0706b2db63.1499137349.git-series.marmarek@invisiblethingslab.com>
In-Reply-To: 
 <cover.b5587d9b96684115a98e32d59428c0aa041fcf67.1499137349.git-series.marmarek@invisiblethingslab.com>
References: 
 <cover.b5587d9b96684115a98e32d59428c0aa041fcf67.1499137349.git-series.marmarek@invisiblethingslab.com>
MIME-Version: 1.0
In-Reply-To: 
 <cover.b5587d9b96684115a98e32d59428c0aa041fcf67.1499137349.git-series.marmarek@invisiblethingslab.com>
References: 
 <cover.b5587d9b96684115a98e32d59428c0aa041fcf67.1499137349.git-series.marmarek@invisiblethingslab.com>
X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 203
	matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com
	[10.5.110.27]); Tue, 04 Jul 2017 03:04:10 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com
 [10.5.110.27]);
	Tue, 04 Jul 2017 03:04:10 +0000 (UTC) for IP:'66.111.4.25'
	DOMAIN:'out1-smtp.messagingengine.com'
	HELO:'out1-smtp.messagingengine.com'
	FROM:'marmarek@invisiblethingslab.com' RCPT:''
X-RedHat-Spam-Score: -0.32  (BAYES_50, DCC_REPUT_00_12, DKIM_SIGNED,
 DKIM_VALID,
	RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,
	RCVD_IN_MSPIKE_WL) 66.111.4.25 out1-smtp.messagingengine.com
	66.111.4.25 out1-smtp.messagingengine.com
	<marmarek@invisiblethingslab.com>
X-Scanned-By: MIMEDefang 2.78 on 10.5.110.27
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v2 2/4] libxl: add support for CPUID features
	policy
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]);
 Tue, 04 Jul 2017 03:04:19 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0

Convert CPU features policy into libxl cpuid policy settings. Use new
("libxl") syntax, which allow to enable/disable specific bits, using
host CPU as a base. For this reason, accept only "host-passthrough"
mode.
Libxl do not have distinction between "force" and "required" policy
(there is only "force") and also between "forbid" and "disable" (there
is only "disable"). So, merge them appropriately. If anything, "require"
and "forbid" should be enforced outside of specific driver.

Signed-off-by: Marek Marczykowski-G=C3=B3recki <marmarek@invisiblethingslab=
.com>
---
Changes since v1:
 - use new ("libxl") syntax to set only bits explicitly mentioned in
 domain XML
---
 src/libxl/libxl_conf.c | 77 ++++++++++++++++++++++++++++++++++++++++---
 src/libxl/libxl_conf.h |  1 +-
 2 files changed, 74 insertions(+), 4 deletions(-)

diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c
index a0a53c2..0cf51a8 100644
--- a/src/libxl/libxl_conf.c
+++ b/src/libxl/libxl_conf.c
@@ -291,6 +291,44 @@ libxlMakeChrdevStr(virDomainChrDefPtr def, char **buf)
     return 0;
 }
=20
+static const char *libxlTranslateCPUFeature(const char *virCPUFeatureName)
+{
+    /* libxl use different names for some CPUID bits */
+    if (STREQ(virCPUFeatureName, "cx16"))
+        return "cmpxchg16";
+    if (STREQ(virCPUFeatureName, "cid"))
+        return "cntxid";
+    if (STREQ(virCPUFeatureName, "ds_cpl"))
+        return "dscpl";
+    if (STREQ(virCPUFeatureName, "pclmuldq"))
+        return "pclmulqdq";
+    if (STREQ(virCPUFeatureName, "pni"))
+        return "sse3";
+    if (STREQ(virCPUFeatureName, "ht"))
+        return "htt";
+    if (STREQ(virCPUFeatureName, "pn"))
+        return "psn";
+    if (STREQ(virCPUFeatureName, "clflush"))
+        return "clfsh";
+    if (STREQ(virCPUFeatureName, "sep"))
+        return "sysenter";
+    if (STREQ(virCPUFeatureName, "cx8"))
+        return "cmpxchg8";
+    if (STREQ(virCPUFeatureName, "nodeid_msr"))
+        return "nodeid";
+    if (STREQ(virCPUFeatureName, "cr8legacy"))
+        return "altmovcr8";
+    if (STREQ(virCPUFeatureName, "lahf_lm"))
+        return "lahfsahf";
+    if (STREQ(virCPUFeatureName, "cmp_legacy"))
+        return "cmplegacy";
+    if (STREQ(virCPUFeatureName, "fxsr_opt"))
+        return "ffxsr";
+    if (STREQ(virCPUFeatureName, "pdpe1gb"))
+        return "page1gb";
+    return virCPUFeatureName;
+}
+
 static int
 libxlMakeDomBuildInfo(virDomainDefPtr def,
                       libxl_ctx *ctx,
@@ -376,10 +414,18 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
                           def->features[VIR_DOMAIN_FEATURE_ACPI] =3D=3D
                           VIR_TRISTATE_SWITCH_ON);
=20
-        if (caps &&
-            def->cpu && def->cpu->mode =3D=3D (VIR_CPU_MODE_HOST_PASSTHROU=
GH)) {
+        if (caps && def->cpu) {
             bool hasHwVirt =3D false;
             bool svm =3D false, vmx =3D false;
+            char xlCPU[32];
+
+            if (def->cpu->mode !=3D (VIR_CPU_MODE_HOST_PASSTHROUGH)) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                               _("unsupported cpu mode '%s'"),
+                               virCPUModeTypeToString(def->cpu->mode));
+                return -1;
+            }
+
=20
             if (ARCH_IS_X86(def->os.arch)) {
                 vmx =3D virCPUCheckFeature(caps->host.arch, caps->host.cpu=
, "vmx");
@@ -394,20 +440,43 @@ libxlMakeDomBuildInfo(virDomainDefPtr def,
=20
                         case VIR_CPU_FEATURE_DISABLE:
                         case VIR_CPU_FEATURE_FORBID:
+                            snprintf(xlCPU,
+                                    sizeof(xlCPU),
+                                    "%s=3D0",
+                                    libxlTranslateCPUFeature(
+                                        def->cpu->features[i].name));
+                            if (libxl_cpuid_parse_config(&b_info->cpuid, x=
lCPU)) {
+                                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                                        _("unsupported cpu feature '%s'"),
+                                        def->cpu->features[i].name);
+                                return -1;
+                            }
                             if ((vmx && STREQ(def->cpu->features[i].name, =
"vmx")) ||
-                                (svm && STREQ(def->cpu->features[i].name, =
"svm")))
+                                    (svm && STREQ(def->cpu->features[i].na=
me, "svm")))
                                 hasHwVirt =3D false;
                             break;
=20
                         case VIR_CPU_FEATURE_FORCE:
                         case VIR_CPU_FEATURE_REQUIRE:
+                            snprintf(xlCPU,
+                                    sizeof(xlCPU),
+                                    "%s=3D1",
+                                    libxlTranslateCPUFeature(
+                                        def->cpu->features[i].name));
+                            if (libxl_cpuid_parse_config(&b_info->cpuid, x=
lCPU)) {
+                                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                                        _("unsupported cpu feature '%s'"),
+                                        def->cpu->features[i].name);
+                                return -1;
+                            }
+                            break;
                         case VIR_CPU_FEATURE_OPTIONAL:
                         case VIR_CPU_FEATURE_LAST:
                             break;
                     }
                 }
+                libxl_defbool_set(&b_info->u.hvm.nested_hvm, hasHwVirt);
             }
-            libxl_defbool_set(&b_info->u.hvm.nested_hvm, hasHwVirt);
         }
=20
         if (def->nsounds > 0) {
diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h
index 264df11..8d89ccd 100644
--- a/src/libxl/libxl_conf.h
+++ b/src/libxl/libxl_conf.h
@@ -60,6 +60,7 @@
 # define LIBXL_DUMP_DIR LIBXL_LIB_DIR "/dump"
 # define LIBXL_CHANNEL_DIR LIBXL_LIB_DIR "/channel/target"
 # define LIBXL_BOOTLOADER_PATH "pygrub"
+# define LIBXL_DEFAULT_CPUID_REG_CONFIG "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
=20
=20
 typedef struct _libxlDriverPrivate libxlDriverPrivate;
--=20
git-series 0.9.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list