From nobody Sat Sep 21 01:25:38 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1626956415; cv=none; d=zohomail.com; s=zohoarc; b=edU9qXDu7FGgmkPqinzHmUo1K24XIR5AeFeD9gmJj8Zh8iinC2m7l0AW1hLuGKPxpMWZcSXaaR7SjTrqkqKR6m4fkH46AqPqgQEN1Fjcqu2QjZIcO5sa5DLp5RezVCIcU91gLxs231iimSWRCAGm7dIbCfUFeyFC4rzFOgk0mas= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1626956415; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Z1tIU2YHphnYuT9wydQ/esWuZWRJ4ptwamQw8mUHyLs=; b=GyV+CiQjawwrTjiCnTdX/uDxiU65EjxutH78Ael909HDbjeIaMMUQsds1f0nLNXx83GM8urEN0i02uxBU81a0jM3blG8MFHKYVJiixd3UgDT6efLIihC98seOy5P07QN2dSKCukEx4FvOumy0pRob6DsrZ9g03ncbWavNBsoZtk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1626956415870985.5682809564762; Thu, 22 Jul 2021 05:20:15 -0700 (PDT) Received: from localhost ([::1]:42738 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m6XgU-0001kK-Tr for importer@patchew.org; Thu, 22 Jul 2021 08:20:14 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45734) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m6Xc1-0003IC-J0 for qemu-devel@nongnu.org; Thu, 22 Jul 2021 08:15:37 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:20964) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m6Xc0-0001h1-09 for qemu-devel@nongnu.org; Thu, 22 Jul 2021 08:15:37 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-322-vAW126CXNCGR8Fb1RHtu5A-1; Thu, 22 Jul 2021 08:15:34 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 85F8F92500 for ; Thu, 22 Jul 2021 12:15:33 +0000 (UTC) Received: from vitty.brq.redhat.com (unknown [10.40.195.41]) by smtp.corp.redhat.com (Postfix) with ESMTP id D93595FC03; Thu, 22 Jul 2021 12:15:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1626956135; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Z1tIU2YHphnYuT9wydQ/esWuZWRJ4ptwamQw8mUHyLs=; b=Q7R31zK1OorWA9aqNCg7QP4IDxtHWiopNvnzsm/VguNZqys8gcel1PBAorRRDuh7GL1sbo HM5nx6hWxaV2tk2sLOArBzvZFusAOh8BJlmbNypE3GRg137aHE1Mqgachy6yu6p+IWEW7s TI4pAEUNu9B/2mcseCxbmL4ACeYNfF0= X-MC-Unique: vAW126CXNCGR8Fb1RHtu5A-1 From: Vitaly Kuznetsov To: qemu-devel@nongnu.org, Eduardo Habkost Subject: [PATCH 1/3] docs: Briefly describe KVM PV features Date: Thu, 22 Jul 2021 14:15:26 +0200 Message-Id: <20210722121528.258426-2-vkuznets@redhat.com> In-Reply-To: <20210722121528.258426-1-vkuznets@redhat.com> References: <20210722121528.258426-1-vkuznets@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=vkuznets@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=vkuznets@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -42 X-Spam_score: -4.3 X-Spam_bar: ---- X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.472, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Marcelo Tosatti , Igor Mammedov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1626956417557100001 Content-Type: text/plain; charset="utf-8" KVM PV features don't seem to be documented anywhere, in particular, the fact that some of the features are enabled by default and some are not can only be figured out from the code. Signed-off-by: Vitaly Kuznetsov --- docs/kvm-pv.txt | 92 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 docs/kvm-pv.txt diff --git a/docs/kvm-pv.txt b/docs/kvm-pv.txt new file mode 100644 index 000000000000..84ad7fa60f8d --- /dev/null +++ b/docs/kvm-pv.txt @@ -0,0 +1,92 @@ +KVM paravirtualized features +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D + + +1. Description +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +In some cases when implementing a hardware interface in software is slow, = KVM +implements its own paravirtualized interfaces. + +2. Setup +=3D=3D=3D=3D=3D=3D=3D=3D=3D +KVM PV features are represented as CPU flags. The following features are e= nabled +by default for any CPU model when KVM is enabled: + kvmclock + kvm-nopiodelay + kvm-asyncpf + kvm-steal-time + kvm-pv-eoi + kvmclock-stable-bit + +'kvm-msi-ext-dest-id' feature is enabled by default in x2apic mode with sp= lit +irqchip (e.g. "-machine ...,kernel-irqchip=3Dsplit -cpu ...,x2apic"). + +Note: when cpu model 'host' is used, QEMU passes through all KVM PV featur= es +exposed by KVM to the guest. + +3. Existing features +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +3.1. kvmclock +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +This feature exposes KVM specific PV clocksource to the guest. + +3.2. kvm-nopiodelay +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +The guest doesn't need to perform delays on PIO operations. + +3.3. kvm-mmu +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +This feature is deprecated. + +3.4. kvm-asyncpf +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables asynchronous page fault mechanism. Note: since Linux-5.10 the feat= ure is +deprecated and not enabled by KVM. Use "kvm-asyncpf-int" instead. + +3.5. kvm-steal-time +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables stolen (when guest vCPU is not running) time accounting. + +3.6. kvm-pv-eoi +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables paravirtualized end-of-interrupt signaling. + +3.7. kvm-pv-unhalt +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables paravirtualized spinlocks support. + +3.8. kvm-pv-tlb-flush +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables paravirtualized TLB flush mechanism. + +3.9. kvm-pv-ipi +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables paravirtualized IPI mechanism. + +3.10. kvm-poll-control +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables host-side polling on HLT control from the guest. + +3.11. kvm-pv-sched-yield +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables paravirtualized sched yield feature. + +3.12. kvm-asyncpf-int +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Enables interrupt based asynchronous page fault mechanism. + +3.13. kvm-msi-ext-dest-id +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D +Support 'Extended Destination ID' for external interrupts. The feature all= ows +to use up to 32768 CPUs without IRQ remapping (but other limits may apply = making +the number of supported vCPUs for a given configuration lower). + +3.14. kvmclock-stable-bit +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D +Tells the guest that guest visible TSC value can be fully trusted for kvmc= lock +computations and no warps are expected. + +4. Useful links +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +Please refer to Documentation/virt/kvm in Linux for additional detail. --=20 2.31.1 From nobody Sat Sep 21 01:25:38 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1626956279; cv=none; d=zohomail.com; s=zohoarc; b=U6ToP0M9hjOsJbU3JitqIpQVSV27MTdDt6rpbuMw33Vschn8J96DTRuLaQc5eUVuB70qd4Pa+heZjvdixCJypqIs41NYUGFk7x7uI672h+7HfZLRNSA58TqjcCP8UZzjG6V5JLp1CGkQnx4FgujqUtNJD4cu9BY3vS7PIi3cdYM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1626956279; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=YaN20WxT9swZk3ctK7m51QwSlcHWzGaIIaqOlpuC7Wg=; b=FGd2hVvXegPXkVpL07Y+KnWDtrobsRxR++KqJ6OnyA2dUMyc+7MbVDGUYPibabw3KTCr/eu6O37laJO5KSn3vPTRjo9O86y1fZDFZ6knS85B4D+QDnJj0CevuarQgr/CGzs1c5x8xXt6+Gh65gY3ty1SqkISh2M767lT1tghCLc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1626956279053812.0533535614866; Thu, 22 Jul 2021 05:17:59 -0700 (PDT) Received: from localhost ([::1]:37280 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m6XeH-0006QW-Qk for importer@patchew.org; Thu, 22 Jul 2021 08:17:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45794) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m6XcD-0003V3-9K for qemu-devel@nongnu.org; Thu, 22 Jul 2021 08:15:50 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:26948) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m6XcA-0001n6-KX for qemu-devel@nongnu.org; Thu, 22 Jul 2021 08:15:49 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-363-YeRHXkFjOPC8aG7d_krxVQ-1; Thu, 22 Jul 2021 08:15:44 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EB165100855D for ; Thu, 22 Jul 2021 12:15:43 +0000 (UTC) Received: from vitty.brq.redhat.com (unknown [10.40.195.41]) by smtp.corp.redhat.com (Postfix) with ESMTP id E25905C22B; Thu, 22 Jul 2021 12:15:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1626956146; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YaN20WxT9swZk3ctK7m51QwSlcHWzGaIIaqOlpuC7Wg=; b=inB/DsVYZx93z5tGz5SeRHcODAldTSk4qaYiuZ5itPIi6+Aw759ZRicJveegs22vbKGJH0 mrMNeWoYiTBZly6QbzXjAHmgoGB54oT+wDNZyoL0nZvdylVufXL1Cavp55uQAnnw/C67/N 0fKvybonQ7+FdtSxfBokfVyr3d5PBi8= X-MC-Unique: YeRHXkFjOPC8aG7d_krxVQ-1 From: Vitaly Kuznetsov To: qemu-devel@nongnu.org, Eduardo Habkost Subject: [PATCH 2/3] i386: Support KVM_CAP_ENFORCE_PV_FEATURE_CPUID Date: Thu, 22 Jul 2021 14:15:27 +0200 Message-Id: <20210722121528.258426-3-vkuznets@redhat.com> In-Reply-To: <20210722121528.258426-1-vkuznets@redhat.com> References: <20210722121528.258426-1-vkuznets@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=vkuznets@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=216.205.24.124; envelope-from=vkuznets@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -42 X-Spam_score: -4.3 X-Spam_bar: ---- X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.472, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Marcelo Tosatti , Igor Mammedov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1626956279523100001 Content-Type: text/plain; charset="utf-8" By default, KVM allows the guest to use all currently supported PV features even when they were not announced in guest visible CPUIDs. Introduce a new "kvm-pv-enforce-cpuid" flag to limit the supported feature set to the exposed features. The feature is supported by Linux >=3D 5.10 and is not enabled by default in QEMU. Signed-off-by: Vitaly Kuznetsov --- docs/kvm-pv.txt | 13 ++++++++++++- target/i386/cpu.c | 2 ++ target/i386/cpu.h | 3 +++ target/i386/kvm/kvm.c | 10 ++++++++++ 4 files changed, 27 insertions(+), 1 deletion(-) diff --git a/docs/kvm-pv.txt b/docs/kvm-pv.txt index 84ad7fa60f8d..d1aac533feea 100644 --- a/docs/kvm-pv.txt +++ b/docs/kvm-pv.txt @@ -87,6 +87,17 @@ the number of supported vCPUs for a given configuration = lower). Tells the guest that guest visible TSC value can be fully trusted for kvmc= lock computations and no warps are expected. =20 -4. Useful links +4. Supplementary features +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D + +4.1. kvm-pv-enforce-cpuid +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D +By default, KVM allows the guest to use all currently supported PV feature= s even +when they were not announced in guest visible CPUIDs. 'kvm-pv-enforce-cpui= d' +feature alters this behavior and limits the supported feature set to the +exposed features only. + + +5. Useful links =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Please refer to Documentation/virt/kvm in Linux for additional detail. diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 48b55ebd0a67..0a0d2cddc9d2 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6668,6 +6668,8 @@ static Property x86_cpu_properties[] =3D { DEFINE_PROP_BOOL("l3-cache", X86CPU, enable_l3_cache, true), DEFINE_PROP_BOOL("kvm-no-smi-migration", X86CPU, kvm_no_smi_migration, false), + DEFINE_PROP_BOOL("kvm-pv-enforce-cpuid", X86CPU, kvm_pv_enforce_cpuid, + false), DEFINE_PROP_BOOL("vmware-cpuid-freq", X86CPU, vmware_cpuid_freq, true), DEFINE_PROP_BOOL("tcg-cpuid", X86CPU, expose_tcg, true), DEFINE_PROP_BOOL("x-migrate-smi-count", X86CPU, migrate_smi_count, diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 5d98a4e7c025..31f1f7caf116 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1768,6 +1768,9 @@ struct X86CPU { /* Stop SMI delivery for migration compatibility with old machines */ bool kvm_no_smi_migration; =20 + /* Forcefully disable KVM PV features not exposed in guest CPUIDs */ + bool kvm_pv_enforce_cpuid; + /* Number of physical address bits supported */ uint32_t phys_bits; =20 diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 59ed8327ac13..452b04f469b5 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1617,6 +1617,16 @@ int kvm_arch_init_vcpu(CPUState *cs) =20 cpu_x86_cpuid(env, 0, 0, &limit, &unused, &unused, &unused); =20 + if (cpu->kvm_pv_enforce_cpuid) { + r =3D kvm_vcpu_enable_cap(cs, KVM_CAP_ENFORCE_PV_FEATURE_CPUID, 0,= 1); + if (r < 0) { + fprintf(stderr, + "failed to enable KVM_CAP_ENFORCE_PV_FEATURE_CPUID: %s= ", + strerror(-r)); + abort(); + } + } + for (i =3D 0; i <=3D limit; i++) { if (cpuid_i =3D=3D KVM_MAX_CPUID_ENTRIES) { fprintf(stderr, "unsupported level value: 0x%x\n", limit); --=20 2.31.1 From nobody Sat Sep 21 01:25:38 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1626956292; cv=none; d=zohomail.com; s=zohoarc; b=gd250PNeH0gzb97FDB+jF16Poj5sUEJQTQCAwECjdX36x0T+vD1rUcALGvvH+ZKgaITvPM6RMOLnhFSOds2HesEmUZs8+kJFjklHQEtcb/zVZkAj52CGt5VRvTD9GEfL6vMsM4VGJmzfkKV7T4c+/VLubwItiLd8YL5KD8oKUV8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1626956292; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=btr0PhTidQ9MZJKJ7QMWWCLRZGUMLgkEu6GN5vkWXB4=; b=OgYaW8nbfgacC9OWAHW21EIVXLz1sSXhIi3y/Uquzu3JAHkL57Kw5Kf6w2+xspeFM/rfqJMmJNrTs+4E/prEwRAFABTm5MjUD3JYV2sZwrBNusl2U90rCJE3ndREYNH8vkoTR/3yLqpIBfOLqoA9RKayxE6py/50E+3Of1q26QY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1626956292073539.1884202836399; Thu, 22 Jul 2021 05:18:12 -0700 (PDT) Received: from localhost ([::1]:37516 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m6XeV-0006aC-0j for importer@patchew.org; Thu, 22 Jul 2021 08:18:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45882) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m6XcZ-0003jD-Nz for qemu-devel@nongnu.org; Thu, 22 Jul 2021 08:16:11 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:28845) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m6XcV-0001wx-OC for qemu-devel@nongnu.org; Thu, 22 Jul 2021 08:16:10 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-570-H5m0XRp8M3S1c25jpFEsng-1; Thu, 22 Jul 2021 08:16:04 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 76B0F10086C9 for ; Thu, 22 Jul 2021 12:16:03 +0000 (UTC) Received: from vitty.brq.redhat.com (unknown [10.40.195.41]) by smtp.corp.redhat.com (Postfix) with ESMTP id 59F1F5C230; Thu, 22 Jul 2021 12:15:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1626956166; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=btr0PhTidQ9MZJKJ7QMWWCLRZGUMLgkEu6GN5vkWXB4=; b=Tkmq2JJmzmfR6331KlMhxZTms04gNhidvnCk4VcSVuTQJ0fDQT5xXvIcYqUaiQEt91OGWZ tz8L5iXTc0a57u9Q8oOWKJUDSgt/PXsxm2/JG0lIdJueV2TeIbEDzDkKHWr/piMouvnUKG Nhqj23Ynzzk5P8Bm0VhDG3rCXoNVRes= X-MC-Unique: H5m0XRp8M3S1c25jpFEsng-1 From: Vitaly Kuznetsov To: qemu-devel@nongnu.org, Eduardo Habkost Subject: [PATCH 3/3] i386: Support KVM_CAP_HYPERV_ENFORCE_CPUID Date: Thu, 22 Jul 2021 14:15:28 +0200 Message-Id: <20210722121528.258426-4-vkuznets@redhat.com> In-Reply-To: <20210722121528.258426-1-vkuznets@redhat.com> References: <20210722121528.258426-1-vkuznets@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=vkuznets@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=vkuznets@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -42 X-Spam_score: -4.3 X-Spam_bar: ---- X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.472, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Paolo Bonzini , Marcelo Tosatti , Igor Mammedov Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1626956292472100001 Content-Type: text/plain; charset="utf-8" By default, KVM allows the guest to use all currently supported Hyper-V enlightenments when Hyper-V CPUID interface was exposed, regardless of if some features were not announced in guest visible CPUIDs. hv-enforce-cpuid feature alters this behavior and only allows the guest to use exposed Hyper-V enlightenments. The feature is supported by Linux >=3D 5.14 and is not enabled by default in QEMU. Signed-off-by: Vitaly Kuznetsov --- docs/hyperv.txt | 17 ++++++++++++++--- target/i386/cpu.c | 1 + target/i386/cpu.h | 1 + target/i386/kvm/kvm.c | 9 +++++++++ 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/docs/hyperv.txt b/docs/hyperv.txt index 000638a2fd38..072709a68f47 100644 --- a/docs/hyperv.txt +++ b/docs/hyperv.txt @@ -203,8 +203,11 @@ When the option is set to 'on' QEMU will always enable= the feature, regardless of host setup. To keep guests secure, this can only be used in conjunction= with exposing correct vCPU topology and vCPU pinning. =20 -4. Development features -=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +4. Supplementary features +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D + +4.1. hv-passthrough +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D In some cases (e.g. during development) it may make sense to use QEMU in 'pass-through' mode and give Windows guests all enlightenments currently supported by KVM. This pass-through mode is enabled by "hv-passthrough" CPU @@ -215,8 +218,16 @@ values from KVM to QEMU. "hv-passthrough" overrides al= l other "hv-*" settings on the command line. Also, enabling this flag effectively prevents migration = as the list of enabled enlightenments may differ between target and destination h= osts. =20 +4.2. hv-enforce-cpuid +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +By default, KVM allows the guest to use all currently supported Hyper-V +enlightenments when Hyper-V CPUID interface was exposed, regardless of if +some features were not announced in guest visible CPUIDs. 'hv-enforce-cpui= d' +feature alters this behavior and only allows the guest to use exposed Hype= r-V +enlightenments. + =20 -4. Useful links +5. Useful links =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Hyper-V Top Level Functional specification and other information: https://github.com/MicrosoftDocs/Virtualization-Documentation diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 0a0d2cddc9d2..1d4c44c8b762 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -6642,6 +6642,7 @@ static Property x86_cpu_properties[] =3D { DEFINE_PROP_ON_OFF_AUTO("hv-no-nonarch-coresharing", X86CPU, hyperv_no_nonarch_cs, ON_OFF_AUTO_OFF), DEFINE_PROP_BOOL("hv-passthrough", X86CPU, hyperv_passthrough, false), + DEFINE_PROP_BOOL("hv-enforce-cpuid", X86CPU, hyperv_enforce_cpuid, fal= se), =20 DEFINE_PROP_BOOL("check", X86CPU, check_cpuid, true), DEFINE_PROP_BOOL("enforce", X86CPU, enforce_cpuid, false), diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 31f1f7caf116..9539f57199fa 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1685,6 +1685,7 @@ struct X86CPU { uint32_t hyperv_version_id[4]; uint32_t hyperv_limits[3]; uint32_t hyperv_nested[4]; + bool hyperv_enforce_cpuid; =20 bool check_cpuid; bool enforce_cpuid; diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 452b04f469b5..ccbea88080fc 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -1519,6 +1519,15 @@ static int hyperv_init_vcpu(X86CPU *cpu) cpu->hyperv_nested[0] =3D evmcs_version; } =20 + if (cpu->hyperv_enforce_cpuid) { + ret =3D kvm_vcpu_enable_cap(cs, KVM_CAP_HYPERV_ENFORCE_CPUID, 0, 1= ); + if (ret < 0) { + error_report("failed to enable KVM_CAP_HYPERV_ENFORCE_CPUID: %= s", + strerror(-ret)); + return ret; + } + } + return 0; } =20 --=20 2.31.1