From nobody Mon Jun 29 22:04:18 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C66AAC433EF for ; Wed, 2 Feb 2022 09:51:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245609AbiBBJvk (ORCPT ); Wed, 2 Feb 2022 04:51:40 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]:26875 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245593AbiBBJve (ORCPT ); Wed, 2 Feb 2022 04:51:34 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1643795494; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UY84501MvomnFs5xyvNmmIsM6K/tjlv86HW1KV/TDi4=; b=igU2MCiuZIRE/ZfUtZp0SLtO+J7NVPdAI+pFath6HZk+2D5Gy3ziO5poYBnjoUZa2BUcVg 5WKbYx56wZfGVS4FWXOOXoa3hInP7rKRIR+Uj/6R8QwBamque64v5wH30mQo0+vT4Tnifb HbinPmNl/5Izp7Nrjo2pLNQIhZMrupk= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-209-2F5RkzrmPru3ciFRNJx4cw-1; Wed, 02 Feb 2022 04:51:30 -0500 X-MC-Unique: 2F5RkzrmPru3ciFRNJx4cw-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 795CF8144E4; Wed, 2 Feb 2022 09:51:29 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.240]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8FA50752AA; Wed, 2 Feb 2022 09:51:18 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Maxim Levitsky , Vineeth Pillai , linux-kernel@vger.kernel.org Subject: [PATCH v2 1/4] KVM: nSVM: Track whether changes in L0 require MSR bitmap for L2 to be rebuilt Date: Wed, 2 Feb 2022 10:50:57 +0100 Message-Id: <20220202095100.129834-2-vkuznets@redhat.com> In-Reply-To: <20220202095100.129834-1-vkuznets@redhat.com> References: <20220202095100.129834-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Similar to nVMX commit ed2a4800ae9d ("KVM: nVMX: Track whether changes in L0 require MSR bitmap for L2 to be rebuilt"), introduce a flag to keep track of whether MSR bitmap for L2 needs to be rebuilt due to changes in MSR bitmap for L1 or switching to a different L2. Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/svm/nested.c | 6 ++++++ arch/x86/kvm/svm/svm.c | 3 ++- arch/x86/kvm/svm/svm.h | 9 +++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index cf206855ebf0..f27323728be2 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -193,6 +193,8 @@ static bool nested_svm_vmrun_msrpm(struct vcpu_svm *svm) svm->nested.msrpm[p] =3D svm->msrpm[p] | value; } =20 + svm->nested.force_msr_bitmap_recalc =3D false; + svm->vmcb->control.msrpm_base_pa =3D __sme_set(__pa(svm->nested.msrpm)); =20 return true; @@ -494,6 +496,7 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm = *svm, struct vmcb *vmcb12 if (svm->nested.vmcb12_gpa !=3D svm->nested.last_vmcb12_gpa) { new_vmcb12 =3D true; svm->nested.last_vmcb12_gpa =3D svm->nested.vmcb12_gpa; + svm->nested.force_msr_bitmap_recalc =3D true; } =20 if (unlikely(new_vmcb12 || vmcb_is_dirty(vmcb12, VMCB_SEG))) { @@ -1494,6 +1497,9 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu, =20 svm_switch_vmcb(svm, &svm->nested.vmcb02); nested_vmcb02_prepare_control(svm); + + svm->nested.force_msr_bitmap_recalc =3D true; + kvm_make_request(KVM_REQ_GET_NESTED_STATE_PAGES, vcpu); ret =3D 0; out_free: diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 2c99b18d76c0..6b5e2ebcf5d4 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -664,6 +664,7 @@ static bool msr_write_intercepted(struct kvm_vcpu *vcpu= , u32 msr) static void set_msr_interception_bitmap(struct kvm_vcpu *vcpu, u32 *msrpm, u32 msr, int read, int write) { + struct vcpu_svm *svm =3D to_svm(vcpu); u8 bit_read, bit_write; unsigned long tmp; u32 offset; @@ -694,7 +695,7 @@ static void set_msr_interception_bitmap(struct kvm_vcpu= *vcpu, u32 *msrpm, msrpm[offset] =3D tmp; =20 svm_hv_vmcb_dirty_nested_enlightenments(vcpu); - + svm->nested.force_msr_bitmap_recalc =3D true; } =20 void set_msr_interception(struct kvm_vcpu *vcpu, u32 *msrpm, u32 msr, diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 47ef8f4a9358..92fc4f554634 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -163,6 +163,15 @@ struct svm_nested_state { struct vmcb_save_area_cached save; =20 bool initialized; + + /* + * Indicates whether MSR bitmap for L2 needs to be rebuilt due to + * changes in MSR bitmap for L1 or switching to a different L2. Note, + * this flag can only be used reliably in conjunction with a paravirt L1 + * which informs L0 whether any changes to MSR bitmap for L2 were done + * on its side. + */ + bool force_msr_bitmap_recalc; }; =20 struct vcpu_sev_es_state { --=20 2.34.1 From nobody Mon Jun 29 22:04:19 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8C4CC433EF for ; Wed, 2 Feb 2022 09:51:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245619AbiBBJvz (ORCPT ); Wed, 2 Feb 2022 04:51:55 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:38360 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245593AbiBBJvz (ORCPT ); Wed, 2 Feb 2022 04:51:55 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1643795514; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=u+5zAxO3o7/6DgJdypYrIU0Jd0XAIUeE1mVBNMKw/BA=; b=cBWoVo2IBcGd+lGI3Il5U8lOTAIjYAzavpxX0Xj20QhZBlS+TS21d46GXx3F3ncSp5j4Wo pFMRkAduT3icZo3ZwmhvH71i1qsQbOl4M96xibhtG7oHHqEXeB/IIIAi2WEB1wc7p6sOQo Sd7fr9gKuPEm0zWssa/0sqrpoM/gxB0= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-574-kgvENJD5Pc64-wfR2_zfSw-1; Wed, 02 Feb 2022 04:51:49 -0500 X-MC-Unique: kgvENJD5Pc64-wfR2_zfSw-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 62A05107B27C; Wed, 2 Feb 2022 09:51:48 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.240]) by smtp.corp.redhat.com (Postfix) with ESMTP id D85DC752AA; Wed, 2 Feb 2022 09:51:29 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Maxim Levitsky , Vineeth Pillai , linux-kernel@vger.kernel.org Subject: [PATCH v2 2/4] KVM: x86: Make kvm_hv_hypercall_enabled() static inline Date: Wed, 2 Feb 2022 10:50:58 +0100 Message-Id: <20220202095100.129834-3-vkuznets@redhat.com> In-Reply-To: <20220202095100.129834-1-vkuznets@redhat.com> References: <20220202095100.129834-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" In preparation for using kvm_hv_hypercall_enabled() from SVM code, make it static inline to avoid the need to export it. The function is a simple check with only two call sites currently. Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/hyperv.c | 5 ----- arch/x86/kvm/hyperv.h | 6 +++++- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index 6e38a7d22e97..ec01ec9992d4 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -2017,11 +2017,6 @@ int kvm_hv_set_enforce_cpuid(struct kvm_vcpu *vcpu, = bool enforce) return ret; } =20 -bool kvm_hv_hypercall_enabled(struct kvm_vcpu *vcpu) -{ - return vcpu->arch.hyperv_enabled && to_kvm_hv(vcpu->kvm)->hv_guest_os_id; -} - static void kvm_hv_hypercall_set_result(struct kvm_vcpu *vcpu, u64 result) { bool longmode; diff --git a/arch/x86/kvm/hyperv.h b/arch/x86/kvm/hyperv.h index ed1c4e546d04..e19c00ee9ab3 100644 --- a/arch/x86/kvm/hyperv.h +++ b/arch/x86/kvm/hyperv.h @@ -89,7 +89,11 @@ static inline u32 kvm_hv_get_vpindex(struct kvm_vcpu *vc= pu) int kvm_hv_set_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 data, bool h= ost); int kvm_hv_get_msr_common(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata, bool= host); =20 -bool kvm_hv_hypercall_enabled(struct kvm_vcpu *vcpu); +static inline bool kvm_hv_hypercall_enabled(struct kvm_vcpu *vcpu) +{ + return vcpu->arch.hyperv_enabled && to_kvm_hv(vcpu->kvm)->hv_guest_os_id; +} + int kvm_hv_hypercall(struct kvm_vcpu *vcpu); =20 void kvm_hv_irq_routing_update(struct kvm *kvm); --=20 2.34.1 From nobody Mon Jun 29 22:04:19 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60DDAC433FE for ; Wed, 2 Feb 2022 09:52:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245628AbiBBJwR (ORCPT ); Wed, 2 Feb 2022 04:52:17 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:24311 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245054AbiBBJwM (ORCPT ); Wed, 2 Feb 2022 04:52:12 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1643795531; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cgFGsxOGcMBf4PqRbP0oxIU+SDHKdwycOOwCjyolYBo=; b=e4ESWs3Shy4H49Ze0VKI3n85xjWeKmnA+BF6e/Kxd8YDo3uTkhrSxI743UlVsjF0b1Au6F hBW9p6Vfj0y+9UbMAXJR8yjpB2Osu3SAjXlDTdx52BaofG/o7Qt3fJyb3eZVEnQYnPBrCx LFGcc9hgdAdaPdncKx8pNCJSxs9c018= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-562-k3_kMoBfPWi5WEEYou2aIg-1; Wed, 02 Feb 2022 04:52:09 -0500 X-MC-Unique: k3_kMoBfPWi5WEEYou2aIg-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C1BB3363A4; Wed, 2 Feb 2022 09:52:07 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.240]) by smtp.corp.redhat.com (Postfix) with ESMTP id CACC2752AA; Wed, 2 Feb 2022 09:51:48 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Maxim Levitsky , Vineeth Pillai , linux-kernel@vger.kernel.org Subject: [PATCH v2 3/4] KVM: nSVM: Split off common definitions for Hyper-V on KVM and KVM on Hyper-V Date: Wed, 2 Feb 2022 10:50:59 +0100 Message-Id: <20220202095100.129834-4-vkuznets@redhat.com> In-Reply-To: <20220202095100.129834-1-vkuznets@redhat.com> References: <20220202095100.129834-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" In preparation to implementing Enlightened MSR-Bitmap feature for Hyper-V on KVM, split off the required definitions into common 'svm/hyperv.h' header. No functional change intended. Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/svm/hyperv.h | 35 +++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm_onhyperv.h | 25 +---------------------- 2 files changed, 36 insertions(+), 24 deletions(-) create mode 100644 arch/x86/kvm/svm/hyperv.h diff --git a/arch/x86/kvm/svm/hyperv.h b/arch/x86/kvm/svm/hyperv.h new file mode 100644 index 000000000000..7d6d97968fb9 --- /dev/null +++ b/arch/x86/kvm/svm/hyperv.h @@ -0,0 +1,35 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Common Hyper-V on KVM and KVM on Hyper-V definitions (SVM). + */ + +#ifndef __ARCH_X86_KVM_SVM_HYPERV_H__ +#define __ARCH_X86_KVM_SVM_HYPERV_H__ + +#include + +#include "../hyperv.h" + +/* + * Hyper-V uses the software reserved 32 bytes in VMCB + * control area to expose SVM enlightenments to guests. + */ +struct hv_enlightenments { + struct __packed hv_enlightenments_control { + u32 nested_flush_hypercall:1; + u32 msr_bitmap:1; + u32 enlightened_npt_tlb: 1; + u32 reserved:29; + } __packed hv_enlightenments_control; + u32 hv_vp_id; + u64 hv_vm_id; + u64 partition_assist_page; + u64 reserved; +} __packed; + +/* + * Hyper-V uses the software reserved clean bit in VMCB + */ +#define VMCB_HV_NESTED_ENLIGHTENMENTS VMCB_SW + +#endif /* __ARCH_X86_KVM_SVM_HYPERV_H__ */ diff --git a/arch/x86/kvm/svm/svm_onhyperv.h b/arch/x86/kvm/svm/svm_onhyper= v.h index c53b8bf8d013..c787c032f68d 100644 --- a/arch/x86/kvm/svm/svm_onhyperv.h +++ b/arch/x86/kvm/svm/svm_onhyperv.h @@ -7,35 +7,12 @@ #define __ARCH_X86_KVM_SVM_ONHYPERV_H__ =20 #if IS_ENABLED(CONFIG_HYPERV) -#include =20 -#include "hyperv.h" #include "kvm_onhyperv.h" +#include "svm/hyperv.h" =20 static struct kvm_x86_ops svm_x86_ops; =20 -/* - * Hyper-V uses the software reserved 32 bytes in VMCB - * control area to expose SVM enlightenments to guests. - */ -struct hv_enlightenments { - struct __packed hv_enlightenments_control { - u32 nested_flush_hypercall:1; - u32 msr_bitmap:1; - u32 enlightened_npt_tlb: 1; - u32 reserved:29; - } __packed hv_enlightenments_control; - u32 hv_vp_id; - u64 hv_vm_id; - u64 partition_assist_page; - u64 reserved; -} __packed; - -/* - * Hyper-V uses the software reserved clean bit in VMCB - */ -#define VMCB_HV_NESTED_ENLIGHTENMENTS VMCB_SW - int svm_hv_enable_direct_tlbflush(struct kvm_vcpu *vcpu); =20 static inline void svm_hv_init_vmcb(struct vmcb *vmcb) --=20 2.34.1 From nobody Mon Jun 29 22:04:19 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D35CBC433EF for ; Wed, 2 Feb 2022 09:52:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245690AbiBBJwn (ORCPT ); Wed, 2 Feb 2022 04:52:43 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]:60032 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245645AbiBBJwZ (ORCPT ); Wed, 2 Feb 2022 04:52:25 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1643795545; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=fKKUKbYAx10NZBmqUNI8MqZqdsr2f4RjKNSF3VFdLUk=; b=b1VmER6wwG3lP/7ucpxV9dCgZa8kL4xu/GSU8Meamuv8tC7TStkuK2eFGkQWCmAIfW82Rm /JJXLEybPKLPCkgd0I8jA41Z5e6l4Q9zwCz6Tb8fLV2/vDkA3SAlmi2J6FVjc5g6fNb9/b OgtTV1bE+LWdYt0kjTw8EJz2WTeOgxI= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-359-8McRE6-iPW-k7kuGaVqgAg-1; Wed, 02 Feb 2022 04:52:22 -0500 X-MC-Unique: 8McRE6-iPW-k7kuGaVqgAg-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1BBD4363A6; Wed, 2 Feb 2022 09:52:21 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.240]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2DBF1752C8; Wed, 2 Feb 2022 09:52:07 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Maxim Levitsky , Vineeth Pillai , linux-kernel@vger.kernel.org Subject: [PATCH v2 4/4] KVM: nSVM: Implement Enlightened MSR-Bitmap feature Date: Wed, 2 Feb 2022 10:51:00 +0100 Message-Id: <20220202095100.129834-5-vkuznets@redhat.com> In-Reply-To: <20220202095100.129834-1-vkuznets@redhat.com> References: <20220202095100.129834-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Similar to nVMX commit 502d2bf5f2fd ("KVM: nVMX: Implement Enlightened MSR Bitmap feature"), add support for the feature for nSVM (Hyper-V on KVM). Notable differences from nVMX implementation: - As the feature uses SW reserved fields in VMCB control, KVM needs to make sure it's dealing with a Hyper-V guest (kvm_hv_hypercall_enabled()). - 'msrpm_base_pa' needs to be always be overwritten in nested_svm_vmrun_msrpm(), even when the update is skipped. As an optimization, nested_vmcb02_prepare_control() copies it from VMCB01 so when MSR-Bitmap feature for L2 is disabled nothing needs to be done. - 'struct vmcb_ctrl_area_cached' needs to be extended with clean fields/sw reserved data and __nested_copy_vmcb_control_to_cache() needs to copy it so nested_svm_vmrun_msrpm() can use it later. Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/hyperv.c | 7 +------ arch/x86/kvm/svm/nested.c | 41 ++++++++++++++++++++++++++++++++------- arch/x86/kvm/svm/svm.h | 2 ++ 3 files changed, 37 insertions(+), 13 deletions(-) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index ec01ec9992d4..9192b706be58 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -2412,10 +2412,6 @@ int kvm_get_hv_cpuid(struct kvm_vcpu *vcpu, struct k= vm_cpuid2 *cpuid, if (kvm_x86_ops.nested_ops->get_evmcs_version) evmcs_ver =3D kvm_x86_ops.nested_ops->get_evmcs_version(vcpu); =20 - /* Skip NESTED_FEATURES if eVMCS is not supported */ - if (!evmcs_ver) - --nent; - if (cpuid->nent < nent) return -E2BIG; =20 @@ -2515,8 +2511,7 @@ int kvm_get_hv_cpuid(struct kvm_vcpu *vcpu, struct kv= m_cpuid2 *cpuid, =20 case HYPERV_CPUID_NESTED_FEATURES: ent->eax =3D evmcs_ver; - if (evmcs_ver) - ent->eax |=3D HV_X64_NESTED_MSR_BITMAP; + ent->eax |=3D HV_X64_NESTED_MSR_BITMAP; =20 break; =20 diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index f27323728be2..7b26a4b518f7 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -28,6 +28,7 @@ #include "cpuid.h" #include "lapic.h" #include "svm.h" +#include "hyperv.h" =20 #define CC KVM_NESTED_VMENTER_CONSISTENCY_CHECK =20 @@ -165,14 +166,30 @@ void recalc_intercepts(struct vcpu_svm *svm) vmcb_set_intercept(c, INTERCEPT_VMSAVE); } =20 +/* + * Merge L0's (KVM) and L1's (Nested VMCB) MSR permission bitmaps. The fun= ction + * is optimized in that it only merges the parts where KVM MSR permission = bitmap + * may contain zero bits. + */ static bool nested_svm_vmrun_msrpm(struct vcpu_svm *svm) { + struct hv_enlightenments *hve =3D + (struct hv_enlightenments *)svm->nested.ctl.reserved_sw; + int i; + /* - * This function merges the msr permission bitmaps of kvm and the - * nested vmcb. It is optimized in that it only merges the parts where - * the kvm msr permission bitmap may contain zero bits + * MSR bitmap update can be skipped when: + * - MSR bitmap for L1 hasn't changed. + * - Nested hypervisor (L1) is attempting to launch the same L2 as + * before. + * - Nested hypervisor (L1) is using Hyper-V emulation interface and + * tells KVM (L0) there were no changes in MSR bitmap for L2. */ - int i; + if (!svm->nested.force_msr_bitmap_recalc && + kvm_hv_hypercall_enabled(&svm->vcpu) && + hve->hv_enlightenments_control.msr_bitmap && + (svm->nested.ctl.clean & VMCB_HV_NESTED_ENLIGHTENMENTS)) + goto set_msrpm_base_pa; =20 if (!(vmcb12_is_intercept(&svm->nested.ctl, INTERCEPT_MSR_PROT))) return true; @@ -195,6 +212,7 @@ static bool nested_svm_vmrun_msrpm(struct vcpu_svm *svm) =20 svm->nested.force_msr_bitmap_recalc =3D false; =20 +set_msrpm_base_pa: svm->vmcb->control.msrpm_base_pa =3D __sme_set(__pa(svm->nested.msrpm)); =20 return true; @@ -300,7 +318,8 @@ static bool nested_vmcb_check_controls(struct kvm_vcpu = *vcpu) } =20 static -void __nested_copy_vmcb_control_to_cache(struct vmcb_ctrl_area_cached *to, +void __nested_copy_vmcb_control_to_cache(struct kvm_vcpu *vcpu, + struct vmcb_ctrl_area_cached *to, struct vmcb_control_area *from) { unsigned int i; @@ -333,12 +352,19 @@ void __nested_copy_vmcb_control_to_cache(struct vmcb_= ctrl_area_cached *to, to->asid =3D from->asid; to->msrpm_base_pa &=3D ~0x0fffULL; to->iopm_base_pa &=3D ~0x0fffULL; + + /* Hyper-V extensions (Enlightened VMCB) */ + if (kvm_hv_hypercall_enabled(vcpu)) { + to->clean =3D from->clean; + memcpy(to->reserved_sw, from->reserved_sw, + sizeof(struct hv_enlightenments)); + } } =20 void nested_copy_vmcb_control_to_cache(struct vcpu_svm *svm, struct vmcb_control_area *control) { - __nested_copy_vmcb_control_to_cache(&svm->nested.ctl, control); + __nested_copy_vmcb_control_to_cache(&svm->vcpu, &svm->nested.ctl, control= ); } =20 static void __nested_copy_vmcb_save_to_cache(struct vmcb_save_area_cached = *to, @@ -1305,6 +1331,7 @@ static void nested_copy_vmcb_cache_to_control(struct = vmcb_control_area *dst, dst->virt_ext =3D from->virt_ext; dst->pause_filter_count =3D from->pause_filter_count; dst->pause_filter_thresh =3D from->pause_filter_thresh; + /* 'clean' and 'reserved_sw' are not changed by KVM */ } =20 static int svm_get_nested_state(struct kvm_vcpu *vcpu, @@ -1437,7 +1464,7 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu, goto out_free; =20 ret =3D -EINVAL; - __nested_copy_vmcb_control_to_cache(&ctl_cached, ctl); + __nested_copy_vmcb_control_to_cache(vcpu, &ctl_cached, ctl); if (!__nested_vmcb_check_controls(vcpu, &ctl_cached)) goto out_free; =20 diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 92fc4f554634..96473ecb2c6e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -137,6 +137,8 @@ struct vmcb_ctrl_area_cached { u32 event_inj_err; u64 nested_cr3; u64 virt_ext; + u32 clean; + u8 reserved_sw[32]; }; =20 struct svm_nested_state { --=20 2.34.1