From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7B0D1ECAAD4 for ; Tue, 30 Aug 2022 13:38:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230399AbiH3NiG (ORCPT ); Tue, 30 Aug 2022 09:38:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40844 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230386AbiH3Nhu (ORCPT ); Tue, 30 Aug 2022 09:37:50 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6F98CDF654 for ; Tue, 30 Aug 2022 06:37:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866667; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lBfk0pCJcxd+IXkweQYA2CUcfZDQLjGgNG0Yc1jzMWE=; b=TENPxySuwvcbtZUAO4k8WgBy7aX5qXGL30YJ217+QcDJSKRBMF1Rt4131X9CsX3PRcfJ6l Uh2zaTFPbPuemembZ3Nxg6dY/j633rsUpesyGeA1DCAS8XM4yMqsxyAY5FZeY2Hyuz1l8P Tj3mzQQHacGqNUpBOw8ZY5x8SbvITJI= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-396-fqRmLpHXN9iANVHo2wrVdA-1; Tue, 30 Aug 2022 09:37:43 -0400 X-MC-Unique: fqRmLpHXN9iANVHo2wrVdA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AE12385A589; Tue, 30 Aug 2022 13:37:42 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id B7F5D2166B26; Tue, 30 Aug 2022 13:37:40 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 01/33] x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition Date: Tue, 30 Aug 2022 15:37:05 +0200 Message-Id: <20220830133737.1539624-2-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Section 1.9 of TLFS v6.0b says: "All structures are padded in such a way that fields are aligned naturally (that is, an 8-byte field is aligned to an offset of 8 bytes and so on)". 'struct enlightened_vmcs' has a glitch: ... struct { u32 nested_flush_hypercall:1; /* 836: 0 4= */ u32 msr_bitmap:1; /* 836: 1 4 */ u32 reserved:30; /* 836: 2 4 */ } hv_enlightenments_control; /* 836 4 */ u32 hv_vp_id; /* 840 4 */ u64 hv_vm_id; /* 844 8 */ u64 partition_assist_page; /* 852 8 */ ... And the observed values in 'partition_assist_page' make no sense at all. Fix the layout by padding the structure properly. Fixes: 68d1eb72ee99 ("x86/hyper-v: define struct hv_enlightened_vmcs and cl= ean field bits") Reviewed-by: Maxim Levitsky Reviewed-by: Michael Kelley Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/include/asm/hyperv-tlfs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hype= rv-tlfs.h index 0a9407dc0859..6f0acc45e67a 100644 --- a/arch/x86/include/asm/hyperv-tlfs.h +++ b/arch/x86/include/asm/hyperv-tlfs.h @@ -546,7 +546,7 @@ struct hv_enlightened_vmcs { u64 guest_rip; =20 u32 hv_clean_fields; - u32 hv_padding_32; + u32 padding32_1; u32 hv_synthetic_controls; struct { u32 nested_flush_hypercall:1; @@ -554,7 +554,7 @@ struct hv_enlightened_vmcs { u32 reserved:30; } __packed hv_enlightenments_control; u32 hv_vp_id; - + u32 padding32_2; u64 hv_vm_id; u64 partition_assist_page; u64 padding64_4[4]; --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55E59ECAAD1 for ; Tue, 30 Aug 2022 13:38:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229877AbiH3NiK (ORCPT ); Tue, 30 Aug 2022 09:38:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40916 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230150AbiH3Nhw (ORCPT ); Tue, 30 Aug 2022 09:37:52 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08921E833A for ; Tue, 30 Aug 2022 06:37:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866668; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xT/Z1OVYlVoOOLO+opUmyDYeXUAC+ZDM47Iv2objFik=; b=An2spsmbK8QxEFwHpk/L40Gm5LIWrG/OfqdU+ejCRUlCw7Zmu3krU0V4smP5B2p/HOjwxj +ZBkX/MaVyAMjWAeUOPLwmnhJ+QKcOAxRivQRF0F+seCyQxNjRNE/fIMU/3lPtmjPGY6yZ dn8QAWsJC5GH1KLOsj12UAhjcj8vQ8w= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-589-BW-Rh0rPNvSMZIxgjdL3yg-1; Tue, 30 Aug 2022 09:37:45 -0400 X-MC-Unique: BW-Rh0rPNvSMZIxgjdL3yg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id ED1CD1020BA5; Tue, 30 Aug 2022 13:37:44 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1A7212166B26; Tue, 30 Aug 2022 13:37:42 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 02/33] x86/hyperv: Update 'struct hv_enlightened_vmcs' definition Date: Tue, 30 Aug 2022 15:37:06 +0200 Message-Id: <20220830133737.1539624-3-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Updated Hyper-V Enlightened VMCS specification lists several new fields for the following features: - PerfGlobalCtrl - EnclsExitingBitmap - Tsc Scaling - GuestLbrCtl - CET - SSP Update the definition. Note, the updated spec also provides an additional CPUID feature flag, CPUIDD.0x4000000A.EBX BIT(0), for PerfGlobalCtrl to workaround a Windows 11 quirk. Despite what the TLFS says: Indicates support for the GuestPerfGlobalCtrl and HostPerfGlobalCtrl fields in the enlightened VMCS. guests can safely use the fields if they are enumerated in the architectural VMX MSRs. I.e. KVM-on-HyperV doesn't need to check the CPUID bit, but KVM-as-HyperV must ensure the bit is set if PerfGlobalCtrl fields are exposed to L1. https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/tlfs Signed-off-by: Vitaly Kuznetsov [sean: tweak CPUID name to make it PerfGlobalCtrl only] Signed-off-by: Sean Christopherson Acked-by: Wei Liu --- arch/x86/include/asm/hyperv-tlfs.h | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hype= rv-tlfs.h index 6f0acc45e67a..3089ec352743 100644 --- a/arch/x86/include/asm/hyperv-tlfs.h +++ b/arch/x86/include/asm/hyperv-tlfs.h @@ -138,6 +138,9 @@ #define HV_X64_NESTED_GUEST_MAPPING_FLUSH BIT(18) #define HV_X64_NESTED_MSR_BITMAP BIT(19) =20 +/* Nested features #2. These are HYPERV_CPUID_NESTED_FEATURES.EBX bits. */ +#define HV_X64_NESTED_EVMCS1_PERF_GLOBAL_CTRL BIT(0) + /* * This is specific to AMD and specifies that enlightened TLB flush is * supported. If guest opts in to this feature, ASID invalidations only @@ -559,9 +562,20 @@ struct hv_enlightened_vmcs { u64 partition_assist_page; u64 padding64_4[4]; u64 guest_bndcfgs; - u64 padding64_5[7]; + u64 guest_ia32_perf_global_ctrl; + u64 guest_ia32_s_cet; + u64 guest_ssp; + u64 guest_ia32_int_ssp_table_addr; + u64 guest_ia32_lbr_ctl; + u64 padding64_5[2]; u64 xss_exit_bitmap; - u64 padding64_6[7]; + u64 encls_exiting_bitmap; + u64 host_ia32_perf_global_ctrl; + u64 tsc_multiplier; + u64 host_ia32_s_cet; + u64 host_ssp; + u64 host_ia32_int_ssp_table_addr; + u64 padding64_6; } __packed; =20 #define HV_VMX_ENLIGHTENED_CLEAN_FIELD_NONE 0 --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9345AC0502C for ; Tue, 30 Aug 2022 13:38:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229984AbiH3NiY (ORCPT ); Tue, 30 Aug 2022 09:38:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41332 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230411AbiH3NiE (ORCPT ); Tue, 30 Aug 2022 09:38:04 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CFB55EC4F9 for ; Tue, 30 Aug 2022 06:37:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866673; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=LrzmbPm+tycZBHhI1G8vuHQjq7oQ9rfR1GCodDG7KWI=; b=a1u4PsdWP8eswdPFyG+pCD5KIib3Ks7T9u+tjJx6ieTfmFJVrI+6FKn6zqA2+JeUY7XWwZ y1XWh95rPD4Dl7fe2xbvlIDPOi9mdSA3dxZwQoUGN0YJtQXenEfEftMHkX/0iZ7xLIhM4O ry79rr88pYNLPsVylModU/umYVaJRp4= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-214-NbRcTKNIPVa_7kabNhyQYQ-1; Tue, 30 Aug 2022 09:37:47 -0400 X-MC-Unique: NbRcTKNIPVa_7kabNhyQYQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 358EF85A58A; Tue, 30 Aug 2022 13:37:47 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 34A962166B26; Tue, 30 Aug 2022 13:37:45 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 03/33] KVM: x86: Zero out entire Hyper-V CPUID cache before processing entries Date: Tue, 30 Aug 2022 15:37:07 +0200 Message-Id: <20220830133737.1539624-4-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Wipe the whole 'hv_vcpu->cpuid_cache' with memset() instead of having to zero each particular member when the corresponding CPUID entry was not found. No functional change intended. Signed-off-by: Vitaly Kuznetsov [sean: split to separate patch] Signed-off-by: Sean Christopherson Reviewed-by: Wei Liu --- arch/x86/kvm/hyperv.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index ed804447589c..611c349a08bf 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -2005,31 +2005,24 @@ void kvm_hv_set_cpuid(struct kvm_vcpu *vcpu) =20 hv_vcpu =3D to_hv_vcpu(vcpu); =20 + memset(&hv_vcpu->cpuid_cache, 0, sizeof(hv_vcpu->cpuid_cache)); + entry =3D kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_FEATURES); if (entry) { hv_vcpu->cpuid_cache.features_eax =3D entry->eax; hv_vcpu->cpuid_cache.features_ebx =3D entry->ebx; hv_vcpu->cpuid_cache.features_edx =3D entry->edx; - } else { - hv_vcpu->cpuid_cache.features_eax =3D 0; - hv_vcpu->cpuid_cache.features_ebx =3D 0; - hv_vcpu->cpuid_cache.features_edx =3D 0; } =20 entry =3D kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_ENLIGHTMENT_INFO); if (entry) { hv_vcpu->cpuid_cache.enlightenments_eax =3D entry->eax; hv_vcpu->cpuid_cache.enlightenments_ebx =3D entry->ebx; - } else { - hv_vcpu->cpuid_cache.enlightenments_eax =3D 0; - hv_vcpu->cpuid_cache.enlightenments_ebx =3D 0; } =20 entry =3D kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_SYNDBG_PLATFORM_CAPABIL= ITIES); if (entry) hv_vcpu->cpuid_cache.syndbg_cap_eax =3D entry->eax; - else - hv_vcpu->cpuid_cache.syndbg_cap_eax =3D 0; } =20 int kvm_hv_set_enforce_cpuid(struct kvm_vcpu *vcpu, bool enforce) --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7F14AECAAD4 for ; Tue, 30 Aug 2022 13:38:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230392AbiH3Ni2 (ORCPT ); Tue, 30 Aug 2022 09:38:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41422 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230181AbiH3NiG (ORCPT ); Tue, 30 Aug 2022 09:38:06 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 19BD0ED01D for ; Tue, 30 Aug 2022 06:37:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866673; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=chPmOM7qhlrImHiruqIlAyoMO1lUXpPxIodNACRsyik=; b=MIoZct1hLLa0RhQuDAkmUPg0o+HXVEVRb7I8o5sKVVlG1PBOapD1dXZ9cU47FSn3UZMkac J6Wa/BSPFeMQMCQ3wdfe7w/EnwU0llAEz2oI4Y1vK3BnQWvkW+QG7eDG7Bvg96AbqBJ+Uj X4CvVscbTVwzGnVBa/BAd8KvYkv9VU4= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-673-6ItNH4xKPFKIhrgQYBZXKQ-1; Tue, 30 Aug 2022 09:37:50 -0400 X-MC-Unique: 6ItNH4xKPFKIhrgQYBZXKQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9C2A72999B44; Tue, 30 Aug 2022 13:37:49 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7D0612166B26; Tue, 30 Aug 2022 13:37:47 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 04/33] KVM: x86: Check for existing Hyper-V vCPU in kvm_hv_vcpu_init() Date: Tue, 30 Aug 2022 15:37:08 +0200 Message-Id: <20220830133737.1539624-5-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson When potentially allocating/initializing the Hyper-V vCPU struct, check for an existing instance in kvm_hv_vcpu_init() instead of requiring callers to perform the check. Relying on callers to do the check is risky as it's all too easy for KVM to overwrite vcpu->arch.hyperv and leak memory, and it adds additional burden on callers without much benefit. No functional change intended. Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov Reviewed-by: Wei Liu --- arch/x86/kvm/hyperv.c | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index 611c349a08bf..8aadd31ed058 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -936,9 +936,12 @@ static void stimer_init(struct kvm_vcpu_hv_stimer *sti= mer, int timer_index) =20 static int kvm_hv_vcpu_init(struct kvm_vcpu *vcpu) { - struct kvm_vcpu_hv *hv_vcpu; + struct kvm_vcpu_hv *hv_vcpu =3D to_hv_vcpu(vcpu); int i; =20 + if (hv_vcpu) + return 0; + hv_vcpu =3D kzalloc(sizeof(struct kvm_vcpu_hv), GFP_KERNEL_ACCOUNT); if (!hv_vcpu) return -ENOMEM; @@ -962,11 +965,9 @@ int kvm_hv_activate_synic(struct kvm_vcpu *vcpu, bool = dont_zero_synic_pages) struct kvm_vcpu_hv_synic *synic; int r; =20 - if (!to_hv_vcpu(vcpu)) { - r =3D kvm_hv_vcpu_init(vcpu); - if (r) - return r; - } + r =3D kvm_hv_vcpu_init(vcpu); + if (r) + return r; =20 synic =3D to_hv_synic(vcpu); =20 @@ -1660,10 +1661,8 @@ int kvm_hv_set_msr_common(struct kvm_vcpu *vcpu, u32= msr, u64 data, bool host) if (!host && !vcpu->arch.hyperv_enabled) return 1; =20 - if (!to_hv_vcpu(vcpu)) { - if (kvm_hv_vcpu_init(vcpu)) - return 1; - } + if (kvm_hv_vcpu_init(vcpu)) + return 1; =20 if (kvm_hv_msr_partition_wide(msr)) { int r; @@ -1683,10 +1682,8 @@ int kvm_hv_get_msr_common(struct kvm_vcpu *vcpu, u32= msr, u64 *pdata, bool host) if (!host && !vcpu->arch.hyperv_enabled) return 1; =20 - if (!to_hv_vcpu(vcpu)) { - if (kvm_hv_vcpu_init(vcpu)) - return 1; - } + if (kvm_hv_vcpu_init(vcpu)) + return 1; =20 if (kvm_hv_msr_partition_wide(msr)) { int r; @@ -2000,7 +1997,7 @@ void kvm_hv_set_cpuid(struct kvm_vcpu *vcpu) return; } =20 - if (!to_hv_vcpu(vcpu) && kvm_hv_vcpu_init(vcpu)) + if (kvm_hv_vcpu_init(vcpu)) return; =20 hv_vcpu =3D to_hv_vcpu(vcpu); --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06A6BECAAD1 for ; Tue, 30 Aug 2022 13:38:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230446AbiH3Nig (ORCPT ); Tue, 30 Aug 2022 09:38:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230440AbiH3NiW (ORCPT ); Tue, 30 Aug 2022 09:38:22 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F05AFF72CE for ; Tue, 30 Aug 2022 06:37:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866678; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GI0F/z6HYXFcKCvY3bdnL7mnFBLdvVIvPxsQq6nQylE=; b=Gp0Gcnlxvw/o6Wmeh8zsGyUPTUwxnD9o1Ue+Zw7qHTLjTMP28dPNMT6yRHaHmwONlQcFtj GW67iDTpLIgqImysQs8NN800ek9rXIoVzjqQmMCATEQLrE6t6m83IPSIaXcAs77HqaNYwe +eUpmfrSyfx1MTZnuCZIledw4nmdCtY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-155-g6RkMMAIOfKgtWgQVwjCVg-1; Tue, 30 Aug 2022 09:37:53 -0400 X-MC-Unique: g6RkMMAIOfKgtWgQVwjCVg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 542C51020BA2; Tue, 30 Aug 2022 13:37:52 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id ECADA2166B26; Tue, 30 Aug 2022 13:37:49 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 05/33] KVM: x86: Report error when setting CPUID if Hyper-V allocation fails Date: Tue, 30 Aug 2022 15:37:09 +0200 Message-Id: <20220830133737.1539624-6-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Return -ENOMEM back to userspace if allocating the Hyper-V vCPU struct fails when enabling Hyper-V in guest CPUID. Silently ignoring failure means that KVM will not have an up-to-date CPUID cache if allocating the struct succeeds later on, e.g. when activating SynIC. Rejecting the CPUID operation also guarantess that vcpu->arch.hyperv is non-NULL if hyperv_enabled is true, which will allow for additional cleanup, e.g. in the eVMCS code. Note, the initialization needs to be done before CPUID is set, and more subtly before kvm_check_cpuid(), which potentially enables dynamic XFEATURES. Sadly, there's no easy way to avoid exposing Hyper-V details to CPUID or vice versa. Expose kvm_hv_vcpu_init() and the Hyper-V CPUID signature to CPUID instead of exposing cpuid_entry2_find() outside of CPUID code. It's hard to envision kvm_hv_vcpu_init() being misused, whereas cpuid_entry2_find() absolutely shouldn't be used outside of core CPUID code. Fixes: 10d7bf1e46dc ("KVM: x86: hyper-v: Cache guest CPUID leaves determini= ng features availability") Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/cpuid.c | 18 +++++++++++++++++- arch/x86/kvm/hyperv.c | 30 ++++++++++++++---------------- arch/x86/kvm/hyperv.h | 6 +++++- 3 files changed, 36 insertions(+), 18 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 75dcf7a72605..ffdc28684cb7 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -311,6 +311,15 @@ void kvm_update_cpuid_runtime(struct kvm_vcpu *vcpu) } EXPORT_SYMBOL_GPL(kvm_update_cpuid_runtime); =20 +static bool kvm_cpuid_has_hyperv(struct kvm_cpuid_entry2 *entries, int nen= t) +{ + struct kvm_cpuid_entry2 *entry; + + entry =3D cpuid_entry2_find(entries, nent, HYPERV_CPUID_INTERFACE, + KVM_CPUID_INDEX_NOT_SIGNIFICANT); + return entry && entry->eax =3D=3D HYPERV_CPUID_SIGNATURE_EAX; +} + static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) { struct kvm_lapic *apic =3D vcpu->arch.apic; @@ -341,7 +350,8 @@ static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *v= cpu) vcpu->arch.cr4_guest_rsvd_bits =3D __cr4_reserved_bits(guest_cpuid_has, vcpu); =20 - kvm_hv_set_cpuid(vcpu); + kvm_hv_set_cpuid(vcpu, kvm_cpuid_has_hyperv(vcpu->arch.cpuid_entries, + vcpu->arch.cpuid_nent)); =20 /* Invoke the vendor callback only after the above state is updated. */ static_call(kvm_x86_vcpu_after_set_cpuid)(vcpu); @@ -404,6 +414,12 @@ static int kvm_set_cpuid(struct kvm_vcpu *vcpu, struct= kvm_cpuid_entry2 *e2, return 0; } =20 + if (kvm_cpuid_has_hyperv(e2, nent)) { + r =3D kvm_hv_vcpu_init(vcpu); + if (r) + return r; + } + r =3D kvm_check_cpuid(vcpu, e2, nent); if (r) return r; diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index 8aadd31ed058..bf4729e8cc80 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -38,9 +38,6 @@ #include "irq.h" #include "fpu.h" =20 -/* "Hv#1" signature */ -#define HYPERV_CPUID_SIGNATURE_EAX 0x31237648 - #define KVM_HV_MAX_SPARSE_VCPU_SET_BITS DIV_ROUND_UP(KVM_MAX_VCPUS, 64) =20 static void stimer_mark_pending(struct kvm_vcpu_hv_stimer *stimer, @@ -934,7 +931,7 @@ static void stimer_init(struct kvm_vcpu_hv_stimer *stim= er, int timer_index) stimer_prepare_msg(stimer); } =20 -static int kvm_hv_vcpu_init(struct kvm_vcpu *vcpu) +int kvm_hv_vcpu_init(struct kvm_vcpu *vcpu) { struct kvm_vcpu_hv *hv_vcpu =3D to_hv_vcpu(vcpu); int i; @@ -1984,26 +1981,27 @@ static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, s= truct kvm_hv_hcall *hc) return HV_STATUS_SUCCESS; } =20 -void kvm_hv_set_cpuid(struct kvm_vcpu *vcpu) +void kvm_hv_set_cpuid(struct kvm_vcpu *vcpu, bool hyperv_enabled) { + struct kvm_vcpu_hv *hv_vcpu =3D to_hv_vcpu(vcpu); struct kvm_cpuid_entry2 *entry; - struct kvm_vcpu_hv *hv_vcpu; =20 - entry =3D kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_INTERFACE); - if (entry && entry->eax =3D=3D HYPERV_CPUID_SIGNATURE_EAX) { - vcpu->arch.hyperv_enabled =3D true; - } else { - vcpu->arch.hyperv_enabled =3D false; - return; - } + vcpu->arch.hyperv_enabled =3D hyperv_enabled; =20 - if (kvm_hv_vcpu_init(vcpu)) + if (!hv_vcpu) { + /* + * KVM should have already allocated kvm_vcpu_hv if Hyper-V is + * enabled in CPUID. + */ + WARN_ON_ONCE(vcpu->arch.hyperv_enabled); return; - - hv_vcpu =3D to_hv_vcpu(vcpu); + } =20 memset(&hv_vcpu->cpuid_cache, 0, sizeof(hv_vcpu->cpuid_cache)); =20 + if (!vcpu->arch.hyperv_enabled) + return; + entry =3D kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_FEATURES); if (entry) { hv_vcpu->cpuid_cache.features_eax =3D entry->eax; diff --git a/arch/x86/kvm/hyperv.h b/arch/x86/kvm/hyperv.h index da2737f2a956..1030b1b50552 100644 --- a/arch/x86/kvm/hyperv.h +++ b/arch/x86/kvm/hyperv.h @@ -23,6 +23,9 @@ =20 #include =20 +/* "Hv#1" signature */ +#define HYPERV_CPUID_SIGNATURE_EAX 0x31237648 + /* * The #defines related to the synthetic debugger are required by KDNet, b= ut * they are not documented in the Hyper-V TLFS because the synthetic debug= ger @@ -141,7 +144,8 @@ void kvm_hv_request_tsc_page_update(struct kvm *kvm); =20 void kvm_hv_init_vm(struct kvm *kvm); void kvm_hv_destroy_vm(struct kvm *kvm); -void kvm_hv_set_cpuid(struct kvm_vcpu *vcpu); +int kvm_hv_vcpu_init(struct kvm_vcpu *vcpu); +void kvm_hv_set_cpuid(struct kvm_vcpu *vcpu, bool hyperv_enabled); int kvm_hv_set_enforce_cpuid(struct kvm_vcpu *vcpu, bool enforce); int kvm_vm_ioctl_hv_eventfd(struct kvm *kvm, struct kvm_hyperv_eventfd *ar= gs); int kvm_get_hv_cpuid(struct kvm_vcpu *vcpu, struct kvm_cpuid2 *cpuid, --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36E6DECAAD1 for ; Tue, 30 Aug 2022 13:38:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230417AbiH3Nic (ORCPT ); Tue, 30 Aug 2022 09:38:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41338 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229973AbiH3NiU (ORCPT ); Tue, 30 Aug 2022 09:38:20 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EAB32EF9DA for ; Tue, 30 Aug 2022 06:37:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866676; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JZuyXBgJ7ZSGVJbH5YvhLNIwOw2OQmbmprSDoPPPs2I=; b=Y46BCVB7rj8cnmdCMqyvft+BinQBXs9lYk8cyCbS32mNRrPODaWU+ZGAS419Nr5VLRjx6y 3oFh9nF95M08Fb/7gM9U6B9nQN31djjhdd8KMcLa+e3CzoOV02Gwgltaj1NnP8EojksQ+t ipQAk5+YMS3KeY6AJY7ki6r2/rf9JxY= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-115-kGyDQ548O52yG2sDMeOI7w-1; Tue, 30 Aug 2022 09:37:55 -0400 X-MC-Unique: kGyDQ548O52yG2sDMeOI7w-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1998A3C0D855; Tue, 30 Aug 2022 13:37:55 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id B94942166B26; Tue, 30 Aug 2022 13:37:52 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 06/33] KVM: nVMX: Treat eVMCS as enabled for guest iff Hyper-V is also enabled Date: Tue, 30 Aug 2022 15:37:10 +0200 Message-Id: <20220830133737.1539624-7-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson When querying whether or not eVMCS is enabled on behalf of the guest, treat eVMCS as enable if and only if Hyper-V is enabled/exposed to the guest. Note, flows that come from the host, e.g. KVM_SET_NESTED_STATE, must NOT check for Hyper-V being enabled as KVM doesn't require guest CPUID to be set before most ioctls(). Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/vmx/evmcs.c | 3 +++ arch/x86/kvm/vmx/nested.c | 8 ++++---- arch/x86/kvm/vmx/vmx.c | 3 +-- arch/x86/kvm/vmx/vmx.h | 10 ++++++++++ 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index 6a61b1ae7942..9139c70b6008 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -334,6 +334,9 @@ uint16_t nested_get_evmcs_version(struct kvm_vcpu *vcpu) * versions: lower 8 bits is the minimal version, higher 8 bits is the * maximum supported version. KVM supports versions from 1 to * KVM_EVMCS_VERSION. + * + * Note, do not check the Hyper-V is fully enabled in guest CPUID, this + * helper is used to _get_ the vCPU's supported CPUID. */ if (kvm_cpu_cap_get(X86_FEATURE_VMX) && (!vcpu || to_vmx(vcpu)->nested.enlightened_vmcs_enabled)) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index ddd4367d4826..28f9d64851b3 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -1982,7 +1982,7 @@ static enum nested_evmptrld_status nested_vmx_handle_= enlightened_vmptrld( bool evmcs_gpa_changed =3D false; u64 evmcs_gpa; =20 - if (likely(!vmx->nested.enlightened_vmcs_enabled)) + if (likely(!guest_cpuid_has_evmcs(vcpu))) return EVMPTRLD_DISABLED; =20 if (!nested_enlightened_vmentry(vcpu, &evmcs_gpa)) { @@ -2863,7 +2863,7 @@ static int nested_vmx_check_controls(struct kvm_vcpu = *vcpu, nested_check_vm_entry_controls(vcpu, vmcs12)) return -EINVAL; =20 - if (to_vmx(vcpu)->nested.enlightened_vmcs_enabled) + if (guest_cpuid_has_evmcs(vcpu)) return nested_evmcs_check_controls(vmcs12); =20 return 0; @@ -3145,7 +3145,7 @@ static bool nested_get_evmcs_page(struct kvm_vcpu *vc= pu) * L2 was running), map it here to make sure vmcs12 changes are * properly reflected. */ - if (vmx->nested.enlightened_vmcs_enabled && + if (guest_cpuid_has_evmcs(vcpu) && vmx->nested.hv_evmcs_vmptr =3D=3D EVMPTR_MAP_PENDING) { enum nested_evmptrld_status evmptrld_status =3D nested_vmx_handle_enlightened_vmptrld(vcpu, false); @@ -5067,7 +5067,7 @@ static int handle_vmclear(struct kvm_vcpu *vcpu) * state. It is possible that the area will stay mapped as * vmx->nested.hv_evmcs but this shouldn't be a problem. */ - if (likely(!vmx->nested.enlightened_vmcs_enabled || + if (likely(!guest_cpuid_has_evmcs(vcpu) || !nested_enlightened_vmentry(vcpu, &evmcs_gpa))) { if (vmptr =3D=3D vmx->nested.current_vmptr) nested_release_vmcs12(vcpu); diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index c9b49a09e6b5..d4ed802947d7 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1930,8 +1930,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) * sanity checking and refuse to boot. Filter all unsupported * features out. */ - if (!msr_info->host_initiated && - vmx->nested.enlightened_vmcs_enabled) + if (!msr_info->host_initiated && guest_cpuid_has_evmcs(vcpu)) nested_evmcs_filter_control_msr(msr_info->index, &msr_info->data); break; diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 24d58c2ffaa3..35c7e6aef301 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -626,4 +626,14 @@ static inline bool vmx_can_use_ipiv(struct kvm_vcpu *v= cpu) return lapic_in_kernel(vcpu) && enable_ipiv; } =20 +static inline bool guest_cpuid_has_evmcs(struct kvm_vcpu *vcpu) +{ + /* + * eVMCS is exposed to the guest if Hyper-V is enabled in CPUID and + * eVMCS has been explicitly enabled by userspace. + */ + return vcpu->arch.hyperv_enabled && + to_vmx(vcpu)->nested.enlightened_vmcs_enabled; +} + #endif /* __KVM_X86_VMX_H */ --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BEA36ECAAD1 for ; Tue, 30 Aug 2022 13:39:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230034AbiH3NjB (ORCPT ); Tue, 30 Aug 2022 09:39:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42004 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230465AbiH3NiZ (ORCPT ); Tue, 30 Aug 2022 09:38:25 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6482AE724D for ; Tue, 30 Aug 2022 06:38:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866682; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FqmqdlDTDI5z0ZN2Br8ZM1fyndGHGtgHR1grcbr3ajc=; b=GXD8BmSH0FQjhYzpF5SiGm0cE9CQRT0bVq5W6xxsNU90DKnqRzLJQhdry5ExsLfyzgsSAY 9kPWkrpwn1yWE+DWcCKhVStfMD2Gt7GCfPrepJW+JecTGoDewvVXEOmjJNB11s8pMMR7+E hAfoLwkz7Jn/CEnSsvoQAde5lXDUR1Q= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-610-m-Qanej8N6WppPH-RF8-0g-1; Tue, 30 Aug 2022 09:37:58 -0400 X-MC-Unique: m-Qanej8N6WppPH-RF8-0g-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A64CD382ECC6; Tue, 30 Aug 2022 13:37:57 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 687192166B26; Tue, 30 Aug 2022 13:37:55 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 07/33] KVM: nVMX: Refactor unsupported eVMCS controls logic to use 2-d array Date: Tue, 30 Aug 2022 15:37:11 +0200 Message-Id: <20220830133737.1539624-8-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Refactor the handling of unsupported eVMCS to use a 2-d array to store the set of unsupported controls. KVM's handling of eVMCS is completely broken as there is no way for userspace to query which features are unsupported, nor does KVM prevent userspace from attempting to enable unsupported features. A future commit will remedy that by filtering and enforcing unsupported features when eVMCS, but that needs to be opt-in from userspace to avoid breakage, i.e. KVM needs to maintain its legacy behavior by snapshotting the exact set of controls that are currently (un)supported by eVMCS. No functional change intended. Suggested-by: Paolo Bonzini Signed-off-by: Vitaly Kuznetsov [sean: split to standalone patch, write changelog] Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/evmcs.c | 60 +++++++++++++++++++++++++++++++++------- 1 file changed, 50 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index 9139c70b6008..a82af2482f84 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -345,6 +345,45 @@ uint16_t nested_get_evmcs_version(struct kvm_vcpu *vcp= u) return 0; } =20 +enum evmcs_revision { + EVMCSv1_LEGACY, + NR_EVMCS_REVISIONS, +}; + +enum evmcs_ctrl_type { + EVMCS_EXIT_CTRLS, + EVMCS_ENTRY_CTRLS, + EVMCS_2NDEXEC, + EVMCS_PINCTRL, + EVMCS_VMFUNC, + NR_EVMCS_CTRLS, +}; + +static const u32 evmcs_unsupported_ctrls[NR_EVMCS_CTRLS][NR_EVMCS_REVISION= S] =3D { + [EVMCS_EXIT_CTRLS] =3D { + [EVMCSv1_LEGACY] =3D EVMCS1_UNSUPPORTED_VMEXIT_CTRL, + }, + [EVMCS_ENTRY_CTRLS] =3D { + [EVMCSv1_LEGACY] =3D EVMCS1_UNSUPPORTED_VMENTRY_CTRL, + }, + [EVMCS_2NDEXEC] =3D { + [EVMCSv1_LEGACY] =3D EVMCS1_UNSUPPORTED_2NDEXEC, + }, + [EVMCS_PINCTRL] =3D { + [EVMCSv1_LEGACY] =3D EVMCS1_UNSUPPORTED_PINCTRL, + }, + [EVMCS_VMFUNC] =3D { + [EVMCSv1_LEGACY] =3D EVMCS1_UNSUPPORTED_VMFUNC, + }, +}; + +static u32 evmcs_get_unsupported_ctls(enum evmcs_ctrl_type ctrl_type) +{ + enum evmcs_revision evmcs_rev =3D EVMCSv1_LEGACY; + + return evmcs_unsupported_ctrls[ctrl_type][evmcs_rev]; +} + void nested_evmcs_filter_control_msr(u32 msr_index, u64 *pdata) { u32 ctl_low =3D (u32)*pdata; @@ -357,21 +396,21 @@ void nested_evmcs_filter_control_msr(u32 msr_index, u= 64 *pdata) switch (msr_index) { case MSR_IA32_VMX_EXIT_CTLS: case MSR_IA32_VMX_TRUE_EXIT_CTLS: - ctl_high &=3D ~EVMCS1_UNSUPPORTED_VMEXIT_CTRL; + ctl_high &=3D ~evmcs_get_unsupported_ctls(EVMCS_EXIT_CTRLS); break; case MSR_IA32_VMX_ENTRY_CTLS: case MSR_IA32_VMX_TRUE_ENTRY_CTLS: - ctl_high &=3D ~EVMCS1_UNSUPPORTED_VMENTRY_CTRL; + ctl_high &=3D ~evmcs_get_unsupported_ctls(EVMCS_ENTRY_CTRLS); break; case MSR_IA32_VMX_PROCBASED_CTLS2: - ctl_high &=3D ~EVMCS1_UNSUPPORTED_2NDEXEC; + ctl_high &=3D ~evmcs_get_unsupported_ctls(EVMCS_2NDEXEC); break; case MSR_IA32_VMX_TRUE_PINBASED_CTLS: case MSR_IA32_VMX_PINBASED_CTLS: - ctl_high &=3D ~EVMCS1_UNSUPPORTED_PINCTRL; + ctl_high &=3D ~evmcs_get_unsupported_ctls(EVMCS_PINCTRL); break; case MSR_IA32_VMX_VMFUNC: - ctl_low &=3D ~EVMCS1_UNSUPPORTED_VMFUNC; + ctl_low &=3D ~evmcs_get_unsupported_ctls(EVMCS_VMFUNC); break; } =20 @@ -384,7 +423,7 @@ int nested_evmcs_check_controls(struct vmcs12 *vmcs12) u32 unsupp_ctl; =20 unsupp_ctl =3D vmcs12->pin_based_vm_exec_control & - EVMCS1_UNSUPPORTED_PINCTRL; + evmcs_get_unsupported_ctls(EVMCS_PINCTRL); if (unsupp_ctl) { trace_kvm_nested_vmenter_failed( "eVMCS: unsupported pin-based VM-execution controls", @@ -393,7 +432,7 @@ int nested_evmcs_check_controls(struct vmcs12 *vmcs12) } =20 unsupp_ctl =3D vmcs12->secondary_vm_exec_control & - EVMCS1_UNSUPPORTED_2NDEXEC; + evmcs_get_unsupported_ctls(EVMCS_2NDEXEC); if (unsupp_ctl) { trace_kvm_nested_vmenter_failed( "eVMCS: unsupported secondary VM-execution controls", @@ -402,7 +441,7 @@ int nested_evmcs_check_controls(struct vmcs12 *vmcs12) } =20 unsupp_ctl =3D vmcs12->vm_exit_controls & - EVMCS1_UNSUPPORTED_VMEXIT_CTRL; + evmcs_get_unsupported_ctls(EVMCS_EXIT_CTRLS); if (unsupp_ctl) { trace_kvm_nested_vmenter_failed( "eVMCS: unsupported VM-exit controls", @@ -411,7 +450,7 @@ int nested_evmcs_check_controls(struct vmcs12 *vmcs12) } =20 unsupp_ctl =3D vmcs12->vm_entry_controls & - EVMCS1_UNSUPPORTED_VMENTRY_CTRL; + evmcs_get_unsupported_ctls(EVMCS_ENTRY_CTRLS); if (unsupp_ctl) { trace_kvm_nested_vmenter_failed( "eVMCS: unsupported VM-entry controls", @@ -419,7 +458,8 @@ int nested_evmcs_check_controls(struct vmcs12 *vmcs12) ret =3D -EINVAL; } =20 - unsupp_ctl =3D vmcs12->vm_function_control & EVMCS1_UNSUPPORTED_VMFUNC; + unsupp_ctl =3D vmcs12->vm_function_control & + evmcs_get_unsupported_ctls(EVMCS_VMFUNC); if (unsupp_ctl) { trace_kvm_nested_vmenter_failed( "eVMCS: unsupported VM-function controls", --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55DB8ECAAD1 for ; Tue, 30 Aug 2022 13:39:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230465AbiH3NjK (ORCPT ); Tue, 30 Aug 2022 09:39:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41320 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230489AbiH3Nib (ORCPT ); Tue, 30 Aug 2022 09:38:31 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B01D9FE05C for ; Tue, 30 Aug 2022 06:38:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866687; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=spABDc82uqtVdtz60huBLMXsnXofvcWaFNGz++WjUa8=; b=P4tzYaCvlFNe6JcUKyllkJ72zLnnEt50UBPgDzvW0kGwbUx8O59EJA+433lEXhMED2Mldm tyw1NBP/PKJFgS4ra5v6lQkDLFMkpEUD42I+OEKLJnUhEq50HboJo68NeMGNHoHj7a6MIA pZ493wtmgapGQUw3p13X8mqdbyqg5Yo= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-142-jbBYwNy-OtKyjM_o0xIChA-1; Tue, 30 Aug 2022 09:38:01 -0400 X-MC-Unique: jbBYwNy-OtKyjM_o0xIChA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9375A382ECC5; Tue, 30 Aug 2022 13:38:00 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id F3E872166B26; Tue, 30 Aug 2022 13:37:57 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 08/33] KVM: nVMX: Use CC() macro to handle eVMCS unsupported controls checks Date: Tue, 30 Aug 2022 15:37:12 +0200 Message-Id: <20220830133737.1539624-9-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Locally #define and use the nested virtualization Consistency Check (CC) macro to handle eVMCS unsupported controls checks. Using the macro loses the existing printing of the unsupported controls, but that's a feature and not a bug. The existing approach is flawed because the @err param to trace_kvm_nested_vmenter_failed() is the error code, not the error value. The eVMCS trickery mostly works as __print_symbolic() falls back to printing the raw hex value, but that subtly relies on not having a match between the unsupported value and VMX_VMENTER_INSTRUCTION_ERRORS. If it's really truly necessary to snapshot the bad value, then the tracepoint can be extended in the future. Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/vmx/evmcs.c | 68 ++++++++++++++-------------------------- 1 file changed, 24 insertions(+), 44 deletions(-) diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index a82af2482f84..b620880a8af3 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -10,6 +10,8 @@ #include "vmx.h" #include "trace.h" =20 +#define CC KVM_NESTED_VMENTER_CONSISTENCY_CHECK + DEFINE_STATIC_KEY_FALSE(enable_evmcs); =20 #define EVMCS1_OFFSET(x) offsetof(struct hv_enlightened_vmcs, x) @@ -417,57 +419,35 @@ void nested_evmcs_filter_control_msr(u32 msr_index, u= 64 *pdata) *pdata =3D ctl_low | ((u64)ctl_high << 32); } =20 +static bool nested_evmcs_is_valid_controls(enum evmcs_ctrl_type ctrl_type, + u32 val) +{ + return !(val & evmcs_get_unsupported_ctls(ctrl_type)); +} + int nested_evmcs_check_controls(struct vmcs12 *vmcs12) { - int ret =3D 0; - u32 unsupp_ctl; - - unsupp_ctl =3D vmcs12->pin_based_vm_exec_control & - evmcs_get_unsupported_ctls(EVMCS_PINCTRL); - if (unsupp_ctl) { - trace_kvm_nested_vmenter_failed( - "eVMCS: unsupported pin-based VM-execution controls", - unsupp_ctl); - ret =3D -EINVAL; - } + if (CC(!nested_evmcs_is_valid_controls(EVMCS_PINCTRL, + vmcs12->pin_based_vm_exec_control))) + return -EINVAL; =20 - unsupp_ctl =3D vmcs12->secondary_vm_exec_control & - evmcs_get_unsupported_ctls(EVMCS_2NDEXEC); - if (unsupp_ctl) { - trace_kvm_nested_vmenter_failed( - "eVMCS: unsupported secondary VM-execution controls", - unsupp_ctl); - ret =3D -EINVAL; - } + if (CC(!nested_evmcs_is_valid_controls(EVMCS_2NDEXEC, + vmcs12->secondary_vm_exec_control))) + return -EINVAL; =20 - unsupp_ctl =3D vmcs12->vm_exit_controls & - evmcs_get_unsupported_ctls(EVMCS_EXIT_CTRLS); - if (unsupp_ctl) { - trace_kvm_nested_vmenter_failed( - "eVMCS: unsupported VM-exit controls", - unsupp_ctl); - ret =3D -EINVAL; - } + if (CC(!nested_evmcs_is_valid_controls(EVMCS_EXIT_CTRLS, + vmcs12->vm_exit_controls))) + return -EINVAL; =20 - unsupp_ctl =3D vmcs12->vm_entry_controls & - evmcs_get_unsupported_ctls(EVMCS_ENTRY_CTRLS); - if (unsupp_ctl) { - trace_kvm_nested_vmenter_failed( - "eVMCS: unsupported VM-entry controls", - unsupp_ctl); - ret =3D -EINVAL; - } + if (CC(!nested_evmcs_is_valid_controls(EVMCS_ENTRY_CTRLS, + vmcs12->vm_entry_controls))) + return -EINVAL; =20 - unsupp_ctl =3D vmcs12->vm_function_control & - evmcs_get_unsupported_ctls(EVMCS_VMFUNC); - if (unsupp_ctl) { - trace_kvm_nested_vmenter_failed( - "eVMCS: unsupported VM-function controls", - unsupp_ctl); - ret =3D -EINVAL; - } + if (CC(!nested_evmcs_is_valid_controls(EVMCS_VMFUNC, + vmcs12->vm_function_control))) + return -EINVAL; =20 - return ret; + return 0; } =20 int nested_enable_evmcs(struct kvm_vcpu *vcpu, --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0D392ECAAA1 for ; Tue, 30 Aug 2022 13:39:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230457AbiH3NjD (ORCPT ); Tue, 30 Aug 2022 09:39:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42562 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230521AbiH3Nim (ORCPT ); Tue, 30 Aug 2022 09:38:42 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B0150F5CE7 for ; Tue, 30 Aug 2022 06:38:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866685; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZeZqsjsdUoFX2DQU6MI+pv3ZUB8PpCq2LnLLicQ0AFk=; b=FGTlBHygCbInsaLKuNi7XHiKiGuKBj7atyFu2akctNtoICqt4bhSJkERJE95P6PgFokvif 3lR/SEJct0RJKXt5OhcThqV86Xsi2wXFDtaqkS9f6h5bPk++xldt7Cc+s0bocSJ4YbZFi/ 3SB7Os82xNOQoEtsAefcQmQ+w037mbo= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-489-qS_8Moz4MgGr1dMzT1j9mw-1; Tue, 30 Aug 2022 09:38:04 -0400 X-MC-Unique: qS_8Moz4MgGr1dMzT1j9mw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4866C85A58A; Tue, 30 Aug 2022 13:38:03 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id D0A152166B26; Tue, 30 Aug 2022 13:38:00 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 09/33] KVM: VMX: Define VMCS-to-EVMCS conversion for the new fields Date: Tue, 30 Aug 2022 15:37:13 +0200 Message-Id: <20220830133737.1539624-10-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Enlightened VMCS v1 definition was updated with new fields, support them in KVM by defining VMCS-to-EVMCS conversion. Note: SSP, CET and Guest LBR features are not supported by KVM yet and the corresponding fields are not defined in 'enum vmcs_field', leave them commented out for now. Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/evmcs.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index b620880a8af3..c3a5309f6e82 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -30,6 +30,8 @@ const struct evmcs_field vmcs_field_to_evmcs_1[] =3D { HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST_GRP1), EVMCS1_FIELD(HOST_IA32_EFER, host_ia32_efer, HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST_GRP1), + EVMCS1_FIELD(HOST_IA32_PERF_GLOBAL_CTRL, host_ia32_perf_global_ctrl, + HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST_GRP1), EVMCS1_FIELD(HOST_CR0, host_cr0, HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST_GRP1), EVMCS1_FIELD(HOST_CR3, host_cr3, @@ -80,6 +82,8 @@ const struct evmcs_field vmcs_field_to_evmcs_1[] =3D { HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), EVMCS1_FIELD(GUEST_IA32_EFER, guest_ia32_efer, HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), + EVMCS1_FIELD(GUEST_IA32_PERF_GLOBAL_CTRL, guest_ia32_perf_global_ctrl, + HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), EVMCS1_FIELD(GUEST_PDPTR0, guest_pdptr0, HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), EVMCS1_FIELD(GUEST_PDPTR1, guest_pdptr1, @@ -128,6 +132,28 @@ const struct evmcs_field vmcs_field_to_evmcs_1[] =3D { HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), EVMCS1_FIELD(XSS_EXIT_BITMAP, xss_exit_bitmap, HV_VMX_ENLIGHTENED_CLEAN_FIELD_CONTROL_GRP2), + EVMCS1_FIELD(ENCLS_EXITING_BITMAP, encls_exiting_bitmap, + HV_VMX_ENLIGHTENED_CLEAN_FIELD_CONTROL_GRP2), + EVMCS1_FIELD(TSC_MULTIPLIER, tsc_multiplier, + HV_VMX_ENLIGHTENED_CLEAN_FIELD_CONTROL_GRP2), + /* + * Not used by KVM: + * + * EVMCS1_FIELD(0x00006828, guest_ia32_s_cet, + * HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), + * EVMCS1_FIELD(0x0000682A, guest_ssp, + * HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_BASIC), + * EVMCS1_FIELD(0x0000682C, guest_ia32_int_ssp_table_addr, + * HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), + * EVMCS1_FIELD(0x00002816, guest_ia32_lbr_ctl, + * HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP1), + * EVMCS1_FIELD(0x00006C18, host_ia32_s_cet, + * HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST_GRP1), + * EVMCS1_FIELD(0x00006C1A, host_ssp, + * HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST_GRP1), + * EVMCS1_FIELD(0x00006C1C, host_ia32_int_ssp_table_addr, + * HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST_GRP1), + */ =20 /* 64 bit read only */ EVMCS1_FIELD(GUEST_PHYSICAL_ADDRESS, guest_physical_address, --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47B0DECAAD1 for ; Tue, 30 Aug 2022 13:39:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229995AbiH3NjS (ORCPT ); Tue, 30 Aug 2022 09:39:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41980 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230518AbiH3Nim (ORCPT ); Tue, 30 Aug 2022 09:38:42 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 54429EC4FA for ; Tue, 30 Aug 2022 06:38:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866690; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=e+Q+YEfUkgOVSuw0G8qdju7poxRWKgzYe6gqmaV6CW0=; b=MdPh2CBCF9eV+DZYrqk/VNFLKbx7FiDDJYUtx6OxD/09h07IbAubzbrbIJFO+Ob6LrAKtV JYVNgJlIDK1UGTpHReXYajijIbuokzs9+uHFslWzSb6Q4oTQgRsRNuWh3wRPCVX/04MCpo vR+YTxyhkfuLaBdXsonOiVUaZPBe7WA= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-470-IL94irvBMEewilXpwdNkgg-1; Tue, 30 Aug 2022 09:38:06 -0400 X-MC-Unique: IL94irvBMEewilXpwdNkgg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1277C1C006AD; Tue, 30 Aug 2022 13:38:06 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id B0B7D2166B26; Tue, 30 Aug 2022 13:38:03 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 10/33] KVM: nVMX: Support several new fields in eVMCSv1 Date: Tue, 30 Aug 2022 15:37:14 +0200 Message-Id: <20220830133737.1539624-11-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Enlightened VMCS v1 definition was updated with new fields, add support for them for Hyper-V on KVM. Note: SSP, CET and Guest LBR features are not supported by KVM yet and 'struct vmcs12' has no corresponding fields. Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 28f9d64851b3..58821cd10603 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -1607,6 +1607,10 @@ static void copy_enlightened_to_vmcs12(struct vcpu_v= mx *vmx, u32 hv_clean_fields vmcs12->guest_rflags =3D evmcs->guest_rflags; vmcs12->guest_interruptibility_info =3D evmcs->guest_interruptibility_info; + /* + * Not present in struct vmcs12: + * vmcs12->guest_ssp =3D evmcs->guest_ssp; + */ } =20 if (unlikely(!(hv_clean_fields & @@ -1653,6 +1657,13 @@ static void copy_enlightened_to_vmcs12(struct vcpu_v= mx *vmx, u32 hv_clean_fields vmcs12->host_fs_selector =3D evmcs->host_fs_selector; vmcs12->host_gs_selector =3D evmcs->host_gs_selector; vmcs12->host_tr_selector =3D evmcs->host_tr_selector; + vmcs12->host_ia32_perf_global_ctrl =3D evmcs->host_ia32_perf_global_ctrl; + /* + * Not present in struct vmcs12: + * vmcs12->host_ia32_s_cet =3D evmcs->host_ia32_s_cet; + * vmcs12->host_ssp =3D evmcs->host_ssp; + * vmcs12->host_ia32_int_ssp_table_addr =3D evmcs->host_ia32_int_ssp_tab= le_addr; + */ } =20 if (unlikely(!(hv_clean_fields & @@ -1720,6 +1731,8 @@ static void copy_enlightened_to_vmcs12(struct vcpu_vm= x *vmx, u32 hv_clean_fields vmcs12->tsc_offset =3D evmcs->tsc_offset; vmcs12->virtual_apic_page_addr =3D evmcs->virtual_apic_page_addr; vmcs12->xss_exit_bitmap =3D evmcs->xss_exit_bitmap; + vmcs12->encls_exiting_bitmap =3D evmcs->encls_exiting_bitmap; + vmcs12->tsc_multiplier =3D evmcs->tsc_multiplier; } =20 if (unlikely(!(hv_clean_fields & @@ -1767,6 +1780,13 @@ static void copy_enlightened_to_vmcs12(struct vcpu_v= mx *vmx, u32 hv_clean_fields vmcs12->guest_bndcfgs =3D evmcs->guest_bndcfgs; vmcs12->guest_activity_state =3D evmcs->guest_activity_state; vmcs12->guest_sysenter_cs =3D evmcs->guest_sysenter_cs; + vmcs12->guest_ia32_perf_global_ctrl =3D evmcs->guest_ia32_perf_global_ct= rl; + /* + * Not present in struct vmcs12: + * vmcs12->guest_ia32_s_cet =3D evmcs->guest_ia32_s_cet; + * vmcs12->guest_ia32_lbr_ctl =3D evmcs->guest_ia32_lbr_ctl; + * vmcs12->guest_ia32_int_ssp_table_addr =3D evmcs->guest_ia32_int_ssp_t= able_addr; + */ } =20 /* @@ -1869,12 +1889,23 @@ static void copy_vmcs12_to_enlightened(struct vcpu_= vmx *vmx) * evmcs->vm_exit_msr_store_count =3D vmcs12->vm_exit_msr_store_count; * evmcs->vm_exit_msr_load_count =3D vmcs12->vm_exit_msr_load_count; * evmcs->vm_entry_msr_load_count =3D vmcs12->vm_entry_msr_load_count; + * evmcs->guest_ia32_perf_global_ctrl =3D vmcs12->guest_ia32_perf_global_= ctrl; + * evmcs->host_ia32_perf_global_ctrl =3D vmcs12->host_ia32_perf_global_ct= rl; + * evmcs->encls_exiting_bitmap =3D vmcs12->encls_exiting_bitmap; + * evmcs->tsc_multiplier =3D vmcs12->tsc_multiplier; * * Not present in struct vmcs12: * evmcs->exit_io_instruction_ecx =3D vmcs12->exit_io_instruction_ecx; * evmcs->exit_io_instruction_esi =3D vmcs12->exit_io_instruction_esi; * evmcs->exit_io_instruction_edi =3D vmcs12->exit_io_instruction_edi; * evmcs->exit_io_instruction_eip =3D vmcs12->exit_io_instruction_eip; + * evmcs->host_ia32_s_cet =3D vmcs12->host_ia32_s_cet; + * evmcs->host_ssp =3D vmcs12->host_ssp; + * evmcs->host_ia32_int_ssp_table_addr =3D vmcs12->host_ia32_int_ssp_tabl= e_addr; + * evmcs->guest_ia32_s_cet =3D vmcs12->guest_ia32_s_cet; + * evmcs->guest_ia32_lbr_ctl =3D vmcs12->guest_ia32_lbr_ctl; + * evmcs->guest_ia32_int_ssp_table_addr =3D vmcs12->guest_ia32_int_ssp_ta= ble_addr; + * evmcs->guest_ssp =3D vmcs12->guest_ssp; */ =20 evmcs->guest_es_selector =3D vmcs12->guest_es_selector; --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 435AFECAAD1 for ; Tue, 30 Aug 2022 13:39:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229792AbiH3NjV (ORCPT ); Tue, 30 Aug 2022 09:39:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42190 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230480AbiH3Nia (ORCPT ); Tue, 30 Aug 2022 09:38:30 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6CCDA122BE0 for ; Tue, 30 Aug 2022 06:38:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866692; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ulI4OCgKqIVxM9WoKebIspF1Dr2xt9w+1lZ1nsd/Vxo=; b=SWw5MKhkgQZdlU1yJM7k0H2tDJ9xSzs2vSgFKPSGVw9ef7R/aH0QfqBly6jv3lr7X5H0vV vE9TIyhBl25TUugQvqivpmbZIwzml867/P+lI0qxOf3m1XtXEFgE2mZdnXr0CN5JbmF1IS a4uZX7Zyz1z6JgmMryouauTOM/6pecc= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-573-uFnFD6x6OJKNibyTq8keVA-1; Tue, 30 Aug 2022 09:38:09 -0400 X-MC-Unique: uFnFD6x6OJKNibyTq8keVA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C9D9B8039B2; Tue, 30 Aug 2022 13:38:08 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 753C72166B26; Tue, 30 Aug 2022 13:38:06 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 11/33] KVM: x86: hyper-v: Cache HYPERV_CPUID_NESTED_FEATURES CPUID leaf Date: Tue, 30 Aug 2022 15:37:15 +0200 Message-Id: <20220830133737.1539624-12-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" KVM has to check guest visible HYPERV_CPUID_NESTED_FEATURES.EBX CPUID leaf to know which Enlightened VMCS definition to use (original or 2022 update). Cache the leaf along with other Hyper-V CPUID feature leaves to make the check quick. Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/hyperv.c | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 2c96c43c313a..9411348e4223 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -615,6 +615,8 @@ struct kvm_vcpu_hv { u32 enlightenments_eax; /* HYPERV_CPUID_ENLIGHTMENT_INFO.EAX */ u32 enlightenments_ebx; /* HYPERV_CPUID_ENLIGHTMENT_INFO.EBX */ u32 syndbg_cap_eax; /* HYPERV_CPUID_SYNDBG_PLATFORM_CAPABILITIES.EAX */ + u32 nested_eax; /* HYPERV_CPUID_NESTED_FEATURES.EAX */ + u32 nested_ebx; /* HYPERV_CPUID_NESTED_FEATURES.EBX */ } cpuid_cache; }; =20 diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index bf4729e8cc80..a7478b61088b 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -2018,6 +2018,12 @@ void kvm_hv_set_cpuid(struct kvm_vcpu *vcpu, bool hy= perv_enabled) entry =3D kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_SYNDBG_PLATFORM_CAPABIL= ITIES); if (entry) hv_vcpu->cpuid_cache.syndbg_cap_eax =3D entry->eax; + + entry =3D kvm_find_cpuid_entry(vcpu, HYPERV_CPUID_NESTED_FEATURES); + if (entry) { + hv_vcpu->cpuid_cache.nested_eax =3D entry->eax; + hv_vcpu->cpuid_cache.nested_ebx =3D entry->ebx; + } } =20 int kvm_hv_set_enforce_cpuid(struct kvm_vcpu *vcpu, bool enforce) --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2575EECAAD1 for ; Tue, 30 Aug 2022 13:39:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230518AbiH3Njc (ORCPT ); Tue, 30 Aug 2022 09:39:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42164 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231183AbiH3Nir (ORCPT ); Tue, 30 Aug 2022 09:38:47 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 91C9EFE049 for ; Tue, 30 Aug 2022 06:38:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866695; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AmtZZWWgZ7qaCso8+kvKdlZoMVyYcsEDUIvcJNe3V4g=; b=ST5ujLmzCLbAvr6/VZEfzo2f2WQsDhcyb7KacRB4cbtZkMjK1dX97qE7G16Irqqb13Tvk7 +d48zLqCUAwltEo70T1jU8a8yGN7w+cmllID8aA/dNYUjTUjFxo/GmHe/yO2N1Om/zrRQ0 N5e4JjhLAmDEFnYZ3hItD6aIekplIu8= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-395-8kGWZCSmMl2UC9Q2zmRwNQ-1; Tue, 30 Aug 2022 09:38:12 -0400 X-MC-Unique: 8kGWZCSmMl2UC9Q2zmRwNQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id ADCEC8037AF; Tue, 30 Aug 2022 13:38:11 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4ED472166B26; Tue, 30 Aug 2022 13:38:09 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 12/33] KVM: selftests: Add ENCLS_EXITING_BITMAP{,HIGH} VMCS fields Date: Tue, 30 Aug 2022 15:37:16 +0200 Message-Id: <20220830133737.1539624-13-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" The updated Enlightened VMCS definition has 'encls_exiting_bitmap' field which needs mapping to VMCS, add the missing encoding. Reviewed-by: Maxim Levitsky Reviewed-by: Kai Huang Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/include/x86_64/vmx.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/vmx.h b/tools/testi= ng/selftests/kvm/include/x86_64/vmx.h index 99fa1410964c..7d8c980317f7 100644 --- a/tools/testing/selftests/kvm/include/x86_64/vmx.h +++ b/tools/testing/selftests/kvm/include/x86_64/vmx.h @@ -208,6 +208,8 @@ enum vmcs_field { VMWRITE_BITMAP_HIGH =3D 0x00002029, XSS_EXIT_BITMAP =3D 0x0000202C, XSS_EXIT_BITMAP_HIGH =3D 0x0000202D, + ENCLS_EXITING_BITMAP =3D 0x0000202E, + ENCLS_EXITING_BITMAP_HIGH =3D 0x0000202F, TSC_MULTIPLIER =3D 0x00002032, TSC_MULTIPLIER_HIGH =3D 0x00002033, GUEST_PHYSICAL_ADDRESS =3D 0x00002400, --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B66BECAAD1 for ; Tue, 30 Aug 2022 13:39:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231156AbiH3Njl (ORCPT ); Tue, 30 Aug 2022 09:39:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41854 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231235AbiH3Nix (ORCPT ); Tue, 30 Aug 2022 09:38:53 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B0745EE48C for ; Tue, 30 Aug 2022 06:38:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866696; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UjJx3TQUZwRw+Nu3JII3C5jNsdZjj1ZPQ7TYTS/mAds=; b=LrDt31BMMagZLbwrDutnVOEjNMrqfCxjDYLyM1wpVQYmhlqCBv+gHIyZJCTwWHtXHnmm+K z7QBGEaW9XifQr/4+QwNi9MCvbJ9Rcd7pEQOCmi+YHRYxYy8tjhr2AVmWdC35uC7aEJBTn aT9I1sqPleRwcyQU1GIAg8YYR/paoXU= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-520-wHJVYN7xP4u_eRCMYFU3QA-1; Tue, 30 Aug 2022 09:38:15 -0400 X-MC-Unique: wHJVYN7xP4u_eRCMYFU3QA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8CF37101E989; Tue, 30 Aug 2022 13:38:14 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 155752166B26; Tue, 30 Aug 2022 13:38:11 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 13/33] KVM: selftests: Switch to updated eVMCSv1 definition Date: Tue, 30 Aug 2022 15:37:17 +0200 Message-Id: <20220830133737.1539624-14-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Update Enlightened VMCS definition in selftests from KVM. Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- .../selftests/kvm/include/x86_64/evmcs.h | 45 +++++++++++++++++-- 1 file changed, 42 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/evmcs.h b/tools/tes= ting/selftests/kvm/include/x86_64/evmcs.h index 3c9260f8e116..58db74f68af2 100644 --- a/tools/testing/selftests/kvm/include/x86_64/evmcs.h +++ b/tools/testing/selftests/kvm/include/x86_64/evmcs.h @@ -203,14 +203,25 @@ struct hv_enlightened_vmcs { u32 reserved:30; } hv_enlightenments_control; u32 hv_vp_id; - + u32 padding32_2; u64 hv_vm_id; u64 partition_assist_page; u64 padding64_4[4]; u64 guest_bndcfgs; - u64 padding64_5[7]; + u64 guest_ia32_perf_global_ctrl; + u64 guest_ia32_s_cet; + u64 guest_ssp; + u64 guest_ia32_int_ssp_table_addr; + u64 guest_ia32_lbr_ctl; + u64 padding64_5[2]; u64 xss_exit_bitmap; - u64 padding64_6[7]; + u64 encls_exiting_bitmap; + u64 host_ia32_perf_global_ctrl; + u64 tsc_multiplier; + u64 host_ia32_s_cet; + u64 host_ssp; + u64 host_ia32_int_ssp_table_addr; + u64 padding64_6; }; =20 #define HV_VMX_ENLIGHTENED_CLEAN_FIELD_NONE 0 @@ -656,6 +667,18 @@ static inline int evmcs_vmread(uint64_t encoding, uint= 64_t *value) case VIRTUAL_PROCESSOR_ID: *value =3D current_evmcs->virtual_processor_id; break; + case HOST_IA32_PERF_GLOBAL_CTRL: + *value =3D current_evmcs->host_ia32_perf_global_ctrl; + break; + case GUEST_IA32_PERF_GLOBAL_CTRL: + *value =3D current_evmcs->guest_ia32_perf_global_ctrl; + break; + case ENCLS_EXITING_BITMAP: + *value =3D current_evmcs->encls_exiting_bitmap; + break; + case TSC_MULTIPLIER: + *value =3D current_evmcs->tsc_multiplier; + break; default: return 1; } =20 @@ -1169,6 +1192,22 @@ static inline int evmcs_vmwrite(uint64_t encoding, u= int64_t value) current_evmcs->virtual_processor_id =3D value; current_evmcs->hv_clean_fields &=3D ~HV_VMX_ENLIGHTENED_CLEAN_FIELD_CONT= ROL_XLAT; break; + case HOST_IA32_PERF_GLOBAL_CTRL: + current_evmcs->host_ia32_perf_global_ctrl =3D value; + current_evmcs->hv_clean_fields &=3D ~HV_VMX_ENLIGHTENED_CLEAN_FIELD_HOST= _GRP1; + break; + case GUEST_IA32_PERF_GLOBAL_CTRL: + current_evmcs->guest_ia32_perf_global_ctrl =3D value; + current_evmcs->hv_clean_fields &=3D ~HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUES= T_GRP1; + break; + case ENCLS_EXITING_BITMAP: + current_evmcs->encls_exiting_bitmap =3D value; + current_evmcs->hv_clean_fields &=3D ~HV_VMX_ENLIGHTENED_CLEAN_FIELD_CONT= ROL_GRP2; + break; + case TSC_MULTIPLIER: + current_evmcs->tsc_multiplier =3D value; + current_evmcs->hv_clean_fields &=3D ~HV_VMX_ENLIGHTENED_CLEAN_FIELD_CONT= ROL_GRP2; + break; default: return 1; } =20 --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D35E1ECAAD1 for ; Tue, 30 Aug 2022 13:39:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229941AbiH3Nj4 (ORCPT ); Tue, 30 Aug 2022 09:39:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230473AbiH3NjO (ORCPT ); Tue, 30 Aug 2022 09:39:14 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4EB7714FCAE for ; Tue, 30 Aug 2022 06:38:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866699; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7h85PcHhqC17acYkgYlh5qRDnYIfh81R2bPVuDZg1T4=; b=fg16uMEH8TFdywmDQMlJwrddK51veT+VReyVHWyOzD4l0FYfomG//HvcOMlD3aur7sRNCY 5AFAxK6m+lzdKk97EJlkvDe0ZJ6Hcwx4KNLIhGVC/e7u6xscpossW5vU4a7KFnATP43WII OLbupnmBj0XyEGg6PxEduC8qWQIZFsU= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-359-arhrFy7VPuK2edH1Td5NRA-1; Tue, 30 Aug 2022 09:38:18 -0400 X-MC-Unique: arhrFy7VPuK2edH1Td5NRA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CA319811E83; Tue, 30 Aug 2022 13:38:16 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id C8FDA2166B26; Tue, 30 Aug 2022 13:38:14 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 14/33] KVM: nVMX: WARN once and fail VM-Enter if eVMCS sees VMFUNC[63:32] != 0 Date: Tue, 30 Aug 2022 15:37:18 +0200 Message-Id: <20220830133737.1539624-15-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson WARN and reject nested VM-Enter if KVM is using eVMCS and manages to allow a non-zero value in the upper 32 bits of VM-function controls. The eVMCS code assumes all inputs are 32-bit values and subtly drops the upper bits. WARN instead of adding proper "support", it's unlikely the upper bits will be defined/used in the next decade. Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/vmx/evmcs.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index c3a5309f6e82..b64e29f1359f 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -469,6 +469,14 @@ int nested_evmcs_check_controls(struct vmcs12 *vmcs12) vmcs12->vm_entry_controls))) return -EINVAL; =20 + /* + * VM-Func controls are 64-bit, but KVM currently doesn't support any + * controls in bits 63:32, i.e. dropping those bits on the consistency + * check is intentional. + */ + if (WARN_ON_ONCE(vmcs12->vm_function_control >> 32)) + return -EINVAL; + if (CC(!nested_evmcs_is_valid_controls(EVMCS_VMFUNC, vmcs12->vm_function_control))) return -EINVAL; --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25FDDECAAA1 for ; Tue, 30 Aug 2022 13:40:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231179AbiH3NkM (ORCPT ); Tue, 30 Aug 2022 09:40:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42562 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231145AbiH3Njk (ORCPT ); Tue, 30 Aug 2022 09:39:40 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 78E30153D2A for ; Tue, 30 Aug 2022 06:38:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866703; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RrbqZ8b1MU/RgTHKuuE/Rlvqh7DaQSXPBuzp2K956cs=; b=bBJsmm03XjEOnjLZUM1PB3jl8aV5SZmiHj+tFP12lV2o+ZHp53Gnd1ZPcqN/sZ7Ov4nA0P QHw49/vtg+s4ZwvuN/tbaQT4jFkQjgy9XiHkBfWdUGr7h1aTTteAScGWTvRtjMFCY/AMno BXkifVlkPdsJEk8VHLWcU2oI0HRpqbM= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-477-0eR3qc3fPdqiUZYs09NtDg-1; Tue, 30 Aug 2022 09:38:20 -0400 X-MC-Unique: 0eR3qc3fPdqiUZYs09NtDg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E9BB43C0D850; Tue, 30 Aug 2022 13:38:19 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8ED702166B26; Tue, 30 Aug 2022 13:38:17 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 15/33] KVM: nVMX: Support PERF_GLOBAL_CTRL with enlightened VMCS Date: Tue, 30 Aug 2022 15:37:19 +0200 Message-Id: <20220830133737.1539624-16-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Enlightened VMCS v1 got updated and now includes the required fields for loading PERF_GLOBAL_CTRL upon VMENTER/VMEXIT features. For KVM on Hyper-V enablement, KVM can just observe VMX control MSRs and use the features (with or without eVMCS) when possible. Hyper-V on KVM is messier as Windows 11 guests fail to boot if the controls are advertised and a new PV feature flag, CPUID.0x4000000A.EBX BIT(0), is not set. Honor the Hyper-V CPUID feature flag to play nice with Windows guests. Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/hyperv.c | 2 +- arch/x86/kvm/vmx/evmcs.c | 30 +++++++++++++++++++++++++++--- arch/x86/kvm/vmx/evmcs.h | 9 +++------ arch/x86/kvm/vmx/vmx.c | 2 +- 4 files changed, 32 insertions(+), 11 deletions(-) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index a7478b61088b..0adf4a437e85 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -2546,7 +2546,7 @@ int kvm_get_hv_cpuid(struct kvm_vcpu *vcpu, struct kv= m_cpuid2 *cpuid, case HYPERV_CPUID_NESTED_FEATURES: ent->eax =3D evmcs_ver; ent->eax |=3D HV_X64_NESTED_MSR_BITMAP; - + ent->ebx |=3D HV_X64_NESTED_EVMCS1_PERF_GLOBAL_CTRL; break; =20 case HYPERV_CPUID_SYNDBG_VENDOR_AND_MAX_FUNCTIONS: diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index b64e29f1359f..5fc4834be1f6 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -412,10 +412,28 @@ static u32 evmcs_get_unsupported_ctls(enum evmcs_ctrl= _type ctrl_type) return evmcs_unsupported_ctrls[ctrl_type][evmcs_rev]; } =20 -void nested_evmcs_filter_control_msr(u32 msr_index, u64 *pdata) +static bool evmcs_has_perf_global_ctrl(struct kvm_vcpu *vcpu) +{ + struct kvm_vcpu_hv *hv_vcpu =3D to_hv_vcpu(vcpu); + + /* + * PERF_GLOBAL_CTRL has a quirk where some Windows guests may fail to + * boot if a PV CPUID feature flag is not also set. Treat the fields + * as unsupported if the flag is not set in guest CPUID. This should + * be called only for guest accesses, and all guest accesses should be + * gated on Hyper-V being enabled and initialized. + */ + if (WARN_ON_ONCE(!hv_vcpu)) + return false; + + return hv_vcpu->cpuid_cache.nested_ebx & HV_X64_NESTED_EVMCS1_PERF_GLOBAL= _CTRL; +} + +void nested_evmcs_filter_control_msr(struct kvm_vcpu *vcpu, u32 msr_index,= u64 *pdata) { u32 ctl_low =3D (u32)*pdata; u32 ctl_high =3D (u32)(*pdata >> 32); + u32 unsupported_ctrls; =20 /* * Hyper-V 2016 and 2019 try using these features even when eVMCS @@ -424,11 +442,17 @@ void nested_evmcs_filter_control_msr(u32 msr_index, u= 64 *pdata) switch (msr_index) { case MSR_IA32_VMX_EXIT_CTLS: case MSR_IA32_VMX_TRUE_EXIT_CTLS: - ctl_high &=3D ~evmcs_get_unsupported_ctls(EVMCS_EXIT_CTRLS); + unsupported_ctrls =3D evmcs_get_unsupported_ctls(EVMCS_EXIT_CTRLS); + if (!evmcs_has_perf_global_ctrl(vcpu)) + unsupported_ctrls |=3D VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; + ctl_high &=3D ~unsupported_ctrls; break; case MSR_IA32_VMX_ENTRY_CTLS: case MSR_IA32_VMX_TRUE_ENTRY_CTLS: - ctl_high &=3D ~evmcs_get_unsupported_ctls(EVMCS_ENTRY_CTRLS); + unsupported_ctrls =3D evmcs_get_unsupported_ctls(EVMCS_ENTRY_CTRLS); + if (!evmcs_has_perf_global_ctrl(vcpu)) + unsupported_ctrls |=3D VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; + ctl_high &=3D ~unsupported_ctrls; break; case MSR_IA32_VMX_PROCBASED_CTLS2: ctl_high &=3D ~evmcs_get_unsupported_ctls(EVMCS_2NDEXEC); diff --git a/arch/x86/kvm/vmx/evmcs.h b/arch/x86/kvm/vmx/evmcs.h index f886a8ff0342..d0b2861325a0 100644 --- a/arch/x86/kvm/vmx/evmcs.h +++ b/arch/x86/kvm/vmx/evmcs.h @@ -42,8 +42,6 @@ DECLARE_STATIC_KEY_FALSE(enable_evmcs); * PLE_GAP =3D 0x00004020, * PLE_WINDOW =3D 0x00004022, * VMX_PREEMPTION_TIMER_VALUE =3D 0x0000482E, - * GUEST_IA32_PERF_GLOBAL_CTRL =3D 0x00002808, - * HOST_IA32_PERF_GLOBAL_CTRL =3D 0x00002c04, * * Currently unsupported in KVM: * GUEST_IA32_RTIT_CTL =3D 0x00002814, @@ -61,9 +59,8 @@ DECLARE_STATIC_KEY_FALSE(enable_evmcs); SECONDARY_EXEC_TSC_SCALING | \ SECONDARY_EXEC_PAUSE_LOOP_EXITING) #define EVMCS1_UNSUPPORTED_VMEXIT_CTRL \ - (VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL | \ - VM_EXIT_SAVE_VMX_PREEMPTION_TIMER) -#define EVMCS1_UNSUPPORTED_VMENTRY_CTRL (VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CT= RL) + (VM_EXIT_SAVE_VMX_PREEMPTION_TIMER) +#define EVMCS1_UNSUPPORTED_VMENTRY_CTRL (0) #define EVMCS1_UNSUPPORTED_VMFUNC (VMX_VMFUNC_EPTP_SWITCHING) =20 struct evmcs_field { @@ -243,7 +240,7 @@ bool nested_enlightened_vmentry(struct kvm_vcpu *vcpu, = u64 *evmcs_gpa); uint16_t nested_get_evmcs_version(struct kvm_vcpu *vcpu); int nested_enable_evmcs(struct kvm_vcpu *vcpu, uint16_t *vmcs_version); -void nested_evmcs_filter_control_msr(u32 msr_index, u64 *pdata); +void nested_evmcs_filter_control_msr(struct kvm_vcpu *vcpu, u32 msr_index,= u64 *pdata); int nested_evmcs_check_controls(struct vmcs12 *vmcs12); =20 #endif /* __KVM_X86_VMX_EVMCS_H */ diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index d4ed802947d7..f91f09db6e65 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1931,7 +1931,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) * features out. */ if (!msr_info->host_initiated && guest_cpuid_has_evmcs(vcpu)) - nested_evmcs_filter_control_msr(msr_info->index, + nested_evmcs_filter_control_msr(vcpu, msr_info->index, &msr_info->data); break; case MSR_IA32_RTIT_CTL: --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1D140ECAAA1 for ; Tue, 30 Aug 2022 13:40:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230072AbiH3Nki (ORCPT ); Tue, 30 Aug 2022 09:40:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42168 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231164AbiH3Nj5 (ORCPT ); Tue, 30 Aug 2022 09:39:57 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F258FEC4E0 for ; Tue, 30 Aug 2022 06:38:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866713; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=UCGV86XISA1fQdZieDURuFlzKhkXare/GAkoPQ3X1FE=; b=Ep2yTEE1/iCGy/0a0yMg+1mkZFYF23IiA/e34Squa5H8NysVS+k/cYY3z+fKVpo747r+Ba tjkeyAaXimL9ibL/KdKZ4XkJbcl7oNHpCG98K1M8IUCusVbMgWpokCCBzqJtUTkUZlKGSf gmSHDpP/B8OcqagTn0eQfsaL5espX4M= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-622-VZc4BMeHM0-zYL93p19Cyw-1; Tue, 30 Aug 2022 09:38:22 -0400 X-MC-Unique: VZc4BMeHM0-zYL93p19Cyw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E4857811E81; Tue, 30 Aug 2022 13:38:21 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 32A1E2166B26; Tue, 30 Aug 2022 13:38:20 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 16/33] KVM: VMX: Get rid of eVMCS specific VMX controls sanitization Date: Tue, 30 Aug 2022 15:37:20 +0200 Message-Id: <20220830133737.1539624-17-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" With the updated eVMCSv1 definition, there's no known 'problematic' controls which are exposed in VMX control MSRs but are not present in eVMCSv1: all known Hyper-V versions either don't expose the new fields by not setting bits in the VMX feature controls or support the new eVMCS revision. Get rid of VMX control MSRs filtering for KVM on Hyper-V. Note: VMX control MSRs filtering for Hyper-V on KVM (nested_evmcs_filter_control_msr()) stays as even the updated eVMCSv1 definition doesn't have all the features implemented by KVM and some fields are still missing. Moreover, nested_evmcs_filter_control_msr() has to support the original eVMCSv1 version when VMM wishes so. Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/evmcs.c | 13 ------------- arch/x86/kvm/vmx/evmcs.h | 1 - arch/x86/kvm/vmx/vmx.c | 5 ----- 3 files changed, 19 deletions(-) diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index 5fc4834be1f6..d8b23c96d627 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -322,19 +322,6 @@ const struct evmcs_field vmcs_field_to_evmcs_1[] =3D { }; const unsigned int nr_evmcs_1_fields =3D ARRAY_SIZE(vmcs_field_to_evmcs_1); =20 -#if IS_ENABLED(CONFIG_HYPERV) -__init void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf) -{ - vmcs_conf->cpu_based_exec_ctrl &=3D ~EVMCS1_UNSUPPORTED_EXEC_CTRL; - vmcs_conf->pin_based_exec_ctrl &=3D ~EVMCS1_UNSUPPORTED_PINCTRL; - vmcs_conf->cpu_based_2nd_exec_ctrl &=3D ~EVMCS1_UNSUPPORTED_2NDEXEC; - vmcs_conf->cpu_based_3rd_exec_ctrl =3D 0; - - vmcs_conf->vmexit_ctrl &=3D ~EVMCS1_UNSUPPORTED_VMEXIT_CTRL; - vmcs_conf->vmentry_ctrl &=3D ~EVMCS1_UNSUPPORTED_VMENTRY_CTRL; -} -#endif - bool nested_enlightened_vmentry(struct kvm_vcpu *vcpu, u64 *evmcs_gpa) { struct hv_vp_assist_page assist_page; diff --git a/arch/x86/kvm/vmx/evmcs.h b/arch/x86/kvm/vmx/evmcs.h index d0b2861325a0..6f746ef3c038 100644 --- a/arch/x86/kvm/vmx/evmcs.h +++ b/arch/x86/kvm/vmx/evmcs.h @@ -209,7 +209,6 @@ static inline void evmcs_load(u64 phys_addr) vp_ap->enlighten_vmentry =3D 1; } =20 -__init void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf); #else /* !IS_ENABLED(CONFIG_HYPERV) */ static __always_inline void evmcs_write64(unsigned long field, u64 value) = {} static inline void evmcs_write32(unsigned long field, u32 value) {} diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f91f09db6e65..ae0c835d15ad 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2766,11 +2766,6 @@ static __init int setup_vmcs_config(struct vmcs_conf= ig *vmcs_conf, vmcs_conf->vmexit_ctrl =3D _vmexit_control; vmcs_conf->vmentry_ctrl =3D _vmentry_control; =20 -#if IS_ENABLED(CONFIG_HYPERV) - if (enlightened_vmcs) - evmcs_sanitize_exec_ctrls(vmcs_conf); -#endif - return 0; } =20 --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77F74ECAAD4 for ; Tue, 30 Aug 2022 13:40:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230089AbiH3NkS (ORCPT ); Tue, 30 Aug 2022 09:40:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41326 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229635AbiH3Njn (ORCPT ); Tue, 30 Aug 2022 09:39:43 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 096EAFAC4F for ; Tue, 30 Aug 2022 06:38:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866709; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wm0Dl688P6nkyuHi9GkDj7hF8c3dlkgEWBgNODgAbrA=; b=Lhm5qTZleoPeuFhhzT7JZ+SJoXYNLpMDv+nNO+2aoyRXbNjEIK5KExleZRCyir3SceDi+l sonAXhDKf99ZNf6lDlmosuuUSxBhqhO02aj88EjHQF/6vw7vwMpHFEal/iiU82XsOyk1fs z/0C9Y9fil1PAsclWH+m0ghKxnHOvsE= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-154-0BtSCp8ANcGihHu5JLul-A-1; Tue, 30 Aug 2022 09:38:25 -0400 X-MC-Unique: 0BtSCp8ANcGihHu5JLul-A-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7879C18E0050; Tue, 30 Aug 2022 13:38:24 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 376072166B26; Tue, 30 Aug 2022 13:38:22 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 17/33] KVM: nVMX: Don't propagate vmcs12's PERF_GLOBAL_CTRL settings to vmcs02 Date: Tue, 30 Aug 2022 15:37:21 +0200 Message-Id: <20220830133737.1539624-18-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Don't propagate vmcs12's VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL to vmcs02. KVM doesn't disallow L1 from using VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL even when KVM itself doesn't use the control, e.g. due to the various CPU errata that where the MSR can be corrupted on VM-Exit. Preserve KVM's (vmcs01) setting to hopefully avoid having to toggle the bit in vmcs02 at a later point. E.g. if KVM is loading PERF_GLOBAL_CTRL when running L1, then odds are good KVM will also load the MSR when running L2. Fixes: 8bf00a529967 ("KVM: VMX: add support for switching of PERF_GLOBAL_CT= RL") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/vmx/nested.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 58821cd10603..c9b17239c9e8 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2359,9 +2359,14 @@ static void prepare_vmcs02_early(struct vcpu_vmx *vm= x, struct loaded_vmcs *vmcs0 * are emulated by vmx_set_efer() in prepare_vmcs02(), but speculate * on the related bits (if supported by the CPU) in the hope that * we can avoid VMWrites during vmx_set_efer(). + * + * Similarly, take vmcs01's PERF_GLOBAL_CTRL in the hope that if KVM is + * loading PERF_GLOBAL_CTRL via the VMCS for L1, then KVM will want to + * do the same for L2. */ exec_control =3D __vm_entry_controls_get(vmcs01); - exec_control |=3D vmcs12->vm_entry_controls; + exec_control |=3D (vmcs12->vm_entry_controls & + ~VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL); exec_control &=3D ~(VM_ENTRY_IA32E_MODE | VM_ENTRY_LOAD_IA32_EFER); if (cpu_has_load_ia32_efer()) { if (guest_efer & EFER_LMA) --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9E1EECAAA1 for ; Tue, 30 Aug 2022 13:40:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229574AbiH3Nkb (ORCPT ); Tue, 30 Aug 2022 09:40:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45236 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230448AbiH3Njy (ORCPT ); Tue, 30 Aug 2022 09:39:54 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A73CFE345 for ; Tue, 30 Aug 2022 06:38:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866710; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CgW5RnPq93SjDOoyaTew0QAuHZFiRvh5YMiNccXT1qY=; b=DX5OAuaoHbjxt8SHUmFhX5IIxBzY09/zWpVs4HZxOUbcIZu2RBBnjQXhGJVnsUqDTFaEN3 whlrwuWRknlBJuoacGSP+yhjLuWrwj66xc+5lSq1bCoYz6AMH+a5x5YGZxYihP8tIDzuvZ cKe24BsRhKyBYFq5yufYk27ScwDHQwI= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-373-hka2J9cDOlqGMc2xbNKcUw-1; Tue, 30 Aug 2022 09:38:27 -0400 X-MC-Unique: hka2J9cDOlqGMc2xbNKcUw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1ED9C18E0045; Tue, 30 Aug 2022 13:38:27 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id F1E772166B26; Tue, 30 Aug 2022 13:38:24 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 18/33] KVM: nVMX: Always emulate PERF_GLOBAL_CTRL VM-Entry/VM-Exit controls Date: Tue, 30 Aug 2022 15:37:22 +0200 Message-Id: <20220830133737.1539624-19-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Advertise VM_{ENTRY,EXIT}_LOAD_IA32_PERF_GLOBAL_CTRL as being supported for nested VMs irrespective of hardware support. KVM fully emulates the controls, i.e. manually emulates MSR writes on entry/exit, and never propagates the guest settings directly to vmcs02. In addition to allowing L1 VMMs to use the controls on older hardware, unconditionally advertising the controls will also allow KVM to use its vmcs01 configuration as the basis for the nested VMX configuration without causing a regression (due the errata which causes KVM to "hide" the control from vmcs01 but not vmcs12). Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/vmx/nested.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index c9b17239c9e8..19a96cf65b99 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -6602,11 +6602,12 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_m= srs *msrs, u32 ept_caps) VM_EXIT_HOST_ADDR_SPACE_SIZE | #endif VM_EXIT_LOAD_IA32_PAT | VM_EXIT_SAVE_IA32_PAT | - VM_EXIT_CLEAR_BNDCFGS | VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; + VM_EXIT_CLEAR_BNDCFGS; msrs->exit_ctls_high |=3D VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR | VM_EXIT_LOAD_IA32_EFER | VM_EXIT_SAVE_IA32_EFER | - VM_EXIT_SAVE_VMX_PREEMPTION_TIMER | VM_EXIT_ACK_INTR_ON_EXIT; + VM_EXIT_SAVE_VMX_PREEMPTION_TIMER | VM_EXIT_ACK_INTR_ON_EXIT | + VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; =20 /* We support free control of debug control saving. */ msrs->exit_ctls_low &=3D ~VM_EXIT_SAVE_DEBUG_CONTROLS; @@ -6621,10 +6622,10 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_m= srs *msrs, u32 ept_caps) #ifdef CONFIG_X86_64 VM_ENTRY_IA32E_MODE | #endif - VM_ENTRY_LOAD_IA32_PAT | VM_ENTRY_LOAD_BNDCFGS | - VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; + VM_ENTRY_LOAD_IA32_PAT | VM_ENTRY_LOAD_BNDCFGS; msrs->entry_ctls_high |=3D - (VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR | VM_ENTRY_LOAD_IA32_EFER); + (VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR | VM_ENTRY_LOAD_IA32_EFER | + VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL); =20 /* We support free control of debug control loading. */ msrs->entry_ctls_low &=3D ~VM_ENTRY_LOAD_DEBUG_CONTROLS; --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55B47ECAAA1 for ; Tue, 30 Aug 2022 13:40:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230509AbiH3Nkm (ORCPT ); Tue, 30 Aug 2022 09:40:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41390 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231175AbiH3Nj6 (ORCPT ); Tue, 30 Aug 2022 09:39:58 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1B0B122BCF for ; Tue, 30 Aug 2022 06:38:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866713; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=50IO8Aohg295n/Bkbofu1FKRBppoGGwwpHpj2nofr4M=; b=J3SwKuftfW5z/DIW7UV5X2eh8xcpn73tAb2RMEzYQ41LG29kVj8QPjKtO9P5w6ttnNSO+H l7Y/kJqSjTX0BnVfRF3hJJbkEOZy9p23t5t9PYeauOfw2tdIwGfjhlaYlbeVwm7S/6s5Wq w2VuGvQsXP2e6ND2LkPiAYGX3ZeQTtA= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-587-VMhX9ObhM56CvWKzTBdphA-1; Tue, 30 Aug 2022 09:38:30 -0400 X-MC-Unique: VMhX9ObhM56CvWKzTBdphA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7CEA3823F18; Tue, 30 Aug 2022 13:38:29 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6D68C2166B26; Tue, 30 Aug 2022 13:38:27 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 19/33] KVM: VMX: Check VM_ENTRY_IA32E_MODE in setup_vmcs_config() Date: Tue, 30 Aug 2022 15:37:23 +0200 Message-Id: <20220830133737.1539624-20-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" VM_ENTRY_IA32E_MODE control is toggled dynamically by vmx_set_efer() and setup_vmcs_config() doesn't check its existence. On the contrary, nested_vmx_setup_ctls_msrs() doesn set it on x86_64. Add the missing check and filter the bit out in vmx_vmentry_ctrl(). No (real) functional change intended as all existing CPUs supporting long mode and VMX are supposed to have it. Reviewed-by: Maxim Levitsky Reviewed-by: Jim Mattson Reviewed-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index ae0c835d15ad..cb662943b83a 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2687,6 +2687,9 @@ static __init int setup_vmcs_config(struct vmcs_confi= g *vmcs_conf, _pin_based_exec_control &=3D ~PIN_BASED_POSTED_INTR; =20 min =3D VM_ENTRY_LOAD_DEBUG_CONTROLS; +#ifdef CONFIG_X86_64 + min |=3D VM_ENTRY_IA32E_MODE; +#endif opt =3D VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VM_ENTRY_LOAD_IA32_PAT | VM_ENTRY_LOAD_IA32_EFER | @@ -4321,9 +4324,14 @@ static u32 vmx_vmentry_ctrl(void) if (vmx_pt_mode_is_system()) vmentry_ctrl &=3D ~(VM_ENTRY_PT_CONCEAL_PIP | VM_ENTRY_LOAD_IA32_RTIT_CTL); - /* Loading of EFER and PERF_GLOBAL_CTRL are toggled dynamically */ - return vmentry_ctrl & - ~(VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VM_ENTRY_LOAD_IA32_EFER); + /* + * IA32e mode, and loading of EFER and PERF_GLOBAL_CTRL are toggled dynam= ically. + */ + vmentry_ctrl &=3D ~(VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | + VM_ENTRY_LOAD_IA32_EFER | + VM_ENTRY_IA32E_MODE); + + return vmentry_ctrl; } =20 static u32 vmx_vmexit_ctrl(void) --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE059ECAAD1 for ; Tue, 30 Aug 2022 13:40:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231134AbiH3Nkw (ORCPT ); Tue, 30 Aug 2022 09:40:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42550 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230236AbiH3NkJ (ORCPT ); Tue, 30 Aug 2022 09:40:09 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3854F155D6B for ; Tue, 30 Aug 2022 06:39:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866716; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=y0touUuJf73/3In9MOrJwHRR1ckxO9xzuDjSUYiJEWo=; b=OoXrJ6M/TgGvDl8sQyrZtQDCeTHstLmtmyBl1jMlw3AhU+mN4j9kTUDqZfgxGq9GlQCjWS DZpWIsBQHS7Je0ctjWgtMH8QAI8sDNlNVW+iG+CCMsXhmdxeypQl6VQsyLFIKvQE3LBcRE FeDMlEcJiQiD7Mkm5mgp7EtcACBGiMQ= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-44-GUEhvWRIPH-vw4Y_nDN4qQ-1; Tue, 30 Aug 2022 09:38:32 -0400 X-MC-Unique: GUEhvWRIPH-vw4Y_nDN4qQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CCC113C0D850; Tue, 30 Aug 2022 13:38:31 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id BA88D2166B26; Tue, 30 Aug 2022 13:38:29 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 20/33] KVM: VMX: Check CPU_BASED_{INTR,NMI}_WINDOW_EXITING in setup_vmcs_config() Date: Tue, 30 Aug 2022 15:37:24 +0200 Message-Id: <20220830133737.1539624-21-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" CPU_BASED_{INTR,NMI}_WINDOW_EXITING controls are toggled dynamically by vmx_enable_{irq,nmi}_window, handle_interrupt_window(), handle_nmi_window() but setup_vmcs_config() doesn't check their existence. Add the check and filter the controls out in vmx_exec_control(). Note: KVM explicitly supports CPUs without VIRTUAL_NMIS and all these CPUs are supposedly lacking NMI_WINDOW_EXITING too. Adjust cpu_has_virtual_nmis() accordingly. No functional change intended. Reviewed-by: Maxim Levitsky Reviewed-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/capabilities.h | 3 ++- arch/x86/kvm/vmx/vmx.c | 8 +++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilitie= s.h index c5e5dfef69c7..faee1db8b0e0 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -82,7 +82,8 @@ static inline bool cpu_has_vmx_basic_inout(void) =20 static inline bool cpu_has_virtual_nmis(void) { - return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS; + return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS && + vmcs_config.cpu_based_exec_ctrl & CPU_BASED_NMI_WINDOW_EXITING; } =20 static inline bool cpu_has_vmx_preemption_timer(void) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index cb662943b83a..cfe1a1157302 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2564,10 +2564,12 @@ static __init int setup_vmcs_config(struct vmcs_con= fig *vmcs_conf, CPU_BASED_MWAIT_EXITING | CPU_BASED_MONITOR_EXITING | CPU_BASED_INVLPG_EXITING | - CPU_BASED_RDPMC_EXITING; + CPU_BASED_RDPMC_EXITING | + CPU_BASED_INTR_WINDOW_EXITING; =20 opt =3D CPU_BASED_TPR_SHADOW | CPU_BASED_USE_MSR_BITMAPS | + CPU_BASED_NMI_WINDOW_EXITING | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_ACTIVATE_TERTIARY_CONTROLS; if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_PROCBASED_CTLS, @@ -4378,6 +4380,10 @@ static u32 vmx_exec_control(struct vcpu_vmx *vmx) { u32 exec_control =3D vmcs_config.cpu_based_exec_ctrl; =20 + /* INTR_WINDOW_EXITING and NMI_WINDOW_EXITING are toggled dynamically */ + exec_control &=3D ~(CPU_BASED_INTR_WINDOW_EXITING | + CPU_BASED_NMI_WINDOW_EXITING); + if (vmx->vcpu.arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT) exec_control &=3D ~CPU_BASED_MOV_DR_EXITING; =20 --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 93101ECAAD1 for ; Tue, 30 Aug 2022 13:41:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229512AbiH3NlJ (ORCPT ); Tue, 30 Aug 2022 09:41:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42024 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229804AbiH3NkQ (ORCPT ); Tue, 30 Aug 2022 09:40:16 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7F854161280 for ; Tue, 30 Aug 2022 06:39:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866720; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=eIDGD8GCQ/FPC65YQ6Szcq+FOUME6vtJY3GqQdCftQc=; b=SFAEKkfj1heZIKkYzpUFtjh1dJ1svh2ZfbTbIKzy3o+S8xwo7AqHuMHFAwwv85nq4uEDyh 0RQ+rK59EiDOJyVDsorayeTpfKNnJsp+BWoWQYj2qvuKHgNxOs4VsvOp2AAT5KAR53gJFy /DhlL8zHFGaZz7iLrT0B6q3IcLphgko= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-260-F_6G9Un-Mxi24sCQ8Z6jQw-1; Tue, 30 Aug 2022 09:38:35 -0400 X-MC-Unique: F_6G9Un-Mxi24sCQ8Z6jQw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6FD2F1C006AD; Tue, 30 Aug 2022 13:38:34 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1FA0B2166B26; Tue, 30 Aug 2022 13:38:32 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 21/33] KVM: VMX: Tweak the special handling of SECONDARY_EXEC_ENCLS_EXITING in setup_vmcs_config() Date: Tue, 30 Aug 2022 15:37:25 +0200 Message-Id: <20220830133737.1539624-22-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" SECONDARY_EXEC_ENCLS_EXITING is the only control which is conditionally added to the 'optional' checklist in setup_vmcs_config() but the special case can be avoided by always checking for its presence first and filtering out the result later. Note: the situation when SECONDARY_EXEC_ENCLS_EXITING is present but cpu_has_sgx() is false is possible when SGX is "soft-disabled", e.g. if software writes MCE control MSRs or there's an uncorrectable #MC. Reviewed-by: Jim Mattson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index cfe1a1157302..9a9cdd4ea34d 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2605,9 +2605,9 @@ static __init int setup_vmcs_config(struct vmcs_confi= g *vmcs_conf, SECONDARY_EXEC_PT_CONCEAL_VMX | SECONDARY_EXEC_ENABLE_VMFUNC | SECONDARY_EXEC_BUS_LOCK_DETECTION | - SECONDARY_EXEC_NOTIFY_VM_EXITING; - if (cpu_has_sgx()) - opt2 |=3D SECONDARY_EXEC_ENCLS_EXITING; + SECONDARY_EXEC_NOTIFY_VM_EXITING | + SECONDARY_EXEC_ENCLS_EXITING; + if (adjust_vmx_controls(min2, opt2, MSR_IA32_VMX_PROCBASED_CTLS2, &_cpu_based_2nd_exec_control) < 0) @@ -2654,6 +2654,9 @@ static __init int setup_vmcs_config(struct vmcs_confi= g *vmcs_conf, vmx_cap->vpid =3D 0; } =20 + if (!cpu_has_sgx()) + _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_ENCLS_EXITING; + if (_cpu_based_exec_control & CPU_BASED_ACTIVATE_TERTIARY_CONTROLS) { u64 opt3 =3D TERTIARY_EXEC_IPI_VIRT; =20 --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BCAF4ECAAD4 for ; Tue, 30 Aug 2022 13:41:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230500AbiH3NlR (ORCPT ); Tue, 30 Aug 2022 09:41:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230430AbiH3Nkb (ORCPT ); Tue, 30 Aug 2022 09:40:31 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1FE6A13284D for ; Tue, 30 Aug 2022 06:39:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866721; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CM5YiOQptbU9X800szyhSBz6fSk82jbxp+XK1QEeC+g=; b=OteDmgwYIaTaxTuOt9XDY/a06nJ2AJ23ZoJhj5E16mG8Iq7zTrIthezxdx5TI+0Y87Z4Ha 79qpvEusjYtgVZMGkHkwXjPy1aFoT4WRFT4KZ/c0dsUOeOCZP5qS5/fWyLle1q3jpfrO+n BqUltWKDOpbbZkkNm0jeu/hUatY+7DA= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-516-7YVJEuoLPF6w-XluUHyi9w-1; Tue, 30 Aug 2022 09:38:37 -0400 X-MC-Unique: 7YVJEuoLPF6w-XluUHyi9w-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E1DC22999B44; Tue, 30 Aug 2022 13:38:36 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id B94572166B26; Tue, 30 Aug 2022 13:38:34 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 22/33] KVM: VMX: Don't toggle VM_ENTRY_IA32E_MODE for 32-bit kernels/KVM Date: Tue, 30 Aug 2022 15:37:26 +0200 Message-Id: <20220830133737.1539624-23-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Don't toggle VM_ENTRY_IA32E_MODE in 32-bit kernels/KVM and instead bug the VM if KVM attempts to run the guest with EFER.LMA=3D1. KVM doesn't support running 64-bit guests with 32-bit hosts. Signed-off-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/vmx/vmx.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 9a9cdd4ea34d..7b73fee34598 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -3039,10 +3039,15 @@ int vmx_set_efer(struct kvm_vcpu *vcpu, u64 efer) return 0; =20 vcpu->arch.efer =3D efer; +#ifdef CONFIG_X86_64 if (efer & EFER_LMA) vm_entry_controls_setbit(vmx, VM_ENTRY_IA32E_MODE); else vm_entry_controls_clearbit(vmx, VM_ENTRY_IA32E_MODE); +#else + if (KVM_BUG_ON(efer & EFER_LMA, vcpu->kvm)) + return 1; +#endif =20 vmx_setup_uret_msrs(vmx); return 0; --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 245C4ECAAD1 for ; Tue, 30 Aug 2022 13:41:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231190AbiH3NlW (ORCPT ); Tue, 30 Aug 2022 09:41:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41320 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230480AbiH3Nke (ORCPT ); Tue, 30 Aug 2022 09:40:34 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE91FFE354 for ; Tue, 30 Aug 2022 06:39:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yZsmAKM9lwHF0KYqlBjfwpOCgbrumOyR7oqqtxT5zp0=; b=AQXvWykm3sY91GTLHd2sBw/AGoWtMMGGa+aWb7L6UhZTl3Gv3Te0nj1X/1SAN9DYDR2FWk 0cDQhkNhAZOq+t+ky+z49dFzV6RADo6J9tuxxVu8czWIPLbcifHcnOuh21gZ6NhjAvbgiW rfjkh9FBmQ04bKUk0ibp/Ld7168vy1w= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-576-PYxWl1Q_PZGs6QYJU3m60w-1; Tue, 30 Aug 2022 09:38:40 -0400 X-MC-Unique: PYxWl1Q_PZGs6QYJU3m60w-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E9AF11C006A9; Tue, 30 Aug 2022 13:38:39 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 440382166B26; Tue, 30 Aug 2022 13:38:37 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 23/33] KVM: VMX: Extend VMX controls macro shenanigans Date: Tue, 30 Aug 2022 15:37:27 +0200 Message-Id: <20220830133737.1539624-24-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" When VMX controls macros are used to set or clear a control bit, make sure that this bit was checked in setup_vmcs_config() and thus is properly reflected in vmcs_config. Opportunistically drop pointless "< 0" check for adjust_vmx_controls()'s return value. No functional change intended. Suggested-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 114 +++++++----------------------- arch/x86/kvm/vmx/vmx.h | 155 +++++++++++++++++++++++++++++++++++------ 2 files changed, 157 insertions(+), 112 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 7b73fee34598..9caed775b211 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -864,7 +864,7 @@ unsigned int __vmx_vcpu_run_flags(struct vcpu_vmx *vmx) return flags; } =20 -static void clear_atomic_switch_msr_special(struct vcpu_vmx *vmx, +static __always_inline void clear_atomic_switch_msr_special(struct vcpu_vm= x *vmx, unsigned long entry, unsigned long exit) { vm_entry_controls_clearbit(vmx, entry); @@ -922,7 +922,7 @@ static void clear_atomic_switch_msr(struct vcpu_vmx *vm= x, unsigned msr) vmcs_write32(VM_EXIT_MSR_LOAD_COUNT, m->host.nr); } =20 -static void add_atomic_switch_msr_special(struct vcpu_vmx *vmx, +static __always_inline void add_atomic_switch_msr_special(struct vcpu_vmx = *vmx, unsigned long entry, unsigned long exit, unsigned long guest_val_vmcs, unsigned long host_val_vmcs, u64 guest_val, u64 host_val) @@ -2525,7 +2525,6 @@ static __init int setup_vmcs_config(struct vmcs_confi= g *vmcs_conf, struct vmx_capability *vmx_cap) { u32 vmx_msr_low, vmx_msr_high; - u32 min, opt, min2, opt2; u32 _pin_based_exec_control =3D 0; u32 _cpu_based_exec_control =3D 0; u32 _cpu_based_2nd_exec_control =3D 0; @@ -2551,29 +2550,11 @@ static __init int setup_vmcs_config(struct vmcs_con= fig *vmcs_conf, }; =20 memset(vmcs_conf, 0, sizeof(*vmcs_conf)); - min =3D CPU_BASED_HLT_EXITING | -#ifdef CONFIG_X86_64 - CPU_BASED_CR8_LOAD_EXITING | - CPU_BASED_CR8_STORE_EXITING | -#endif - CPU_BASED_CR3_LOAD_EXITING | - CPU_BASED_CR3_STORE_EXITING | - CPU_BASED_UNCOND_IO_EXITING | - CPU_BASED_MOV_DR_EXITING | - CPU_BASED_USE_TSC_OFFSETTING | - CPU_BASED_MWAIT_EXITING | - CPU_BASED_MONITOR_EXITING | - CPU_BASED_INVLPG_EXITING | - CPU_BASED_RDPMC_EXITING | - CPU_BASED_INTR_WINDOW_EXITING; - - opt =3D CPU_BASED_TPR_SHADOW | - CPU_BASED_USE_MSR_BITMAPS | - CPU_BASED_NMI_WINDOW_EXITING | - CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | - CPU_BASED_ACTIVATE_TERTIARY_CONTROLS; - if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_PROCBASED_CTLS, - &_cpu_based_exec_control) < 0) + + if (adjust_vmx_controls(KVM_REQUIRED_VMX_CPU_BASED_VM_EXEC_CONTROL, + KVM_OPTIONAL_VMX_CPU_BASED_VM_EXEC_CONTROL, + MSR_IA32_VMX_PROCBASED_CTLS, + &_cpu_based_exec_control)) return -EIO; #ifdef CONFIG_X86_64 if (_cpu_based_exec_control & CPU_BASED_TPR_SHADOW) @@ -2581,36 +2562,10 @@ static __init int setup_vmcs_config(struct vmcs_con= fig *vmcs_conf, ~CPU_BASED_CR8_STORE_EXITING; #endif if (_cpu_based_exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) { - min2 =3D 0; - opt2 =3D SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | - SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | - SECONDARY_EXEC_WBINVD_EXITING | - SECONDARY_EXEC_ENABLE_VPID | - SECONDARY_EXEC_ENABLE_EPT | - SECONDARY_EXEC_UNRESTRICTED_GUEST | - SECONDARY_EXEC_PAUSE_LOOP_EXITING | - SECONDARY_EXEC_DESC | - SECONDARY_EXEC_ENABLE_RDTSCP | - SECONDARY_EXEC_ENABLE_INVPCID | - SECONDARY_EXEC_APIC_REGISTER_VIRT | - SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | - SECONDARY_EXEC_SHADOW_VMCS | - SECONDARY_EXEC_XSAVES | - SECONDARY_EXEC_RDSEED_EXITING | - SECONDARY_EXEC_RDRAND_EXITING | - SECONDARY_EXEC_ENABLE_PML | - SECONDARY_EXEC_TSC_SCALING | - SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE | - SECONDARY_EXEC_PT_USE_GPA | - SECONDARY_EXEC_PT_CONCEAL_VMX | - SECONDARY_EXEC_ENABLE_VMFUNC | - SECONDARY_EXEC_BUS_LOCK_DETECTION | - SECONDARY_EXEC_NOTIFY_VM_EXITING | - SECONDARY_EXEC_ENCLS_EXITING; - - if (adjust_vmx_controls(min2, opt2, + if (adjust_vmx_controls(KVM_REQUIRED_VMX_SECONDARY_VM_EXEC_CONTROL, + KVM_OPTIONAL_VMX_SECONDARY_VM_EXEC_CONTROL, MSR_IA32_VMX_PROCBASED_CTLS2, - &_cpu_based_2nd_exec_control) < 0) + &_cpu_based_2nd_exec_control)) return -EIO; } #ifndef CONFIG_X86_64 @@ -2657,32 +2612,21 @@ static __init int setup_vmcs_config(struct vmcs_con= fig *vmcs_conf, if (!cpu_has_sgx()) _cpu_based_2nd_exec_control &=3D ~SECONDARY_EXEC_ENCLS_EXITING; =20 - if (_cpu_based_exec_control & CPU_BASED_ACTIVATE_TERTIARY_CONTROLS) { - u64 opt3 =3D TERTIARY_EXEC_IPI_VIRT; - - _cpu_based_3rd_exec_control =3D adjust_vmx_controls64(opt3, + if (_cpu_based_exec_control & CPU_BASED_ACTIVATE_TERTIARY_CONTROLS) + _cpu_based_3rd_exec_control =3D + adjust_vmx_controls64(KVM_OPTIONAL_VMX_TERTIARY_VM_EXEC_CONTROL, MSR_IA32_VMX_PROCBASED_CTLS3); - } =20 - min =3D VM_EXIT_SAVE_DEBUG_CONTROLS | VM_EXIT_ACK_INTR_ON_EXIT; -#ifdef CONFIG_X86_64 - min |=3D VM_EXIT_HOST_ADDR_SPACE_SIZE; -#endif - opt =3D VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL | - VM_EXIT_LOAD_IA32_PAT | - VM_EXIT_LOAD_IA32_EFER | - VM_EXIT_CLEAR_BNDCFGS | - VM_EXIT_PT_CONCEAL_PIP | - VM_EXIT_CLEAR_IA32_RTIT_CTL; - if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_EXIT_CTLS, - &_vmexit_control) < 0) + if (adjust_vmx_controls(KVM_REQUIRED_VMX_VM_EXIT_CONTROLS, + KVM_OPTIONAL_VMX_VM_EXIT_CONTROLS, + MSR_IA32_VMX_EXIT_CTLS, + &_vmexit_control)) return -EIO; =20 - min =3D PIN_BASED_EXT_INTR_MASK | PIN_BASED_NMI_EXITING; - opt =3D PIN_BASED_VIRTUAL_NMIS | PIN_BASED_POSTED_INTR | - PIN_BASED_VMX_PREEMPTION_TIMER; - if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_PINBASED_CTLS, - &_pin_based_exec_control) < 0) + if (adjust_vmx_controls(KVM_REQUIRED_VMX_PIN_BASED_VM_EXEC_CONTROL, + KVM_OPTIONAL_VMX_PIN_BASED_VM_EXEC_CONTROL, + MSR_IA32_VMX_PINBASED_CTLS, + &_pin_based_exec_control)) return -EIO; =20 if (cpu_has_broken_vmx_preemption_timer()) @@ -2691,18 +2635,10 @@ static __init int setup_vmcs_config(struct vmcs_con= fig *vmcs_conf, SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY)) _pin_based_exec_control &=3D ~PIN_BASED_POSTED_INTR; =20 - min =3D VM_ENTRY_LOAD_DEBUG_CONTROLS; -#ifdef CONFIG_X86_64 - min |=3D VM_ENTRY_IA32E_MODE; -#endif - opt =3D VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | - VM_ENTRY_LOAD_IA32_PAT | - VM_ENTRY_LOAD_IA32_EFER | - VM_ENTRY_LOAD_BNDCFGS | - VM_ENTRY_PT_CONCEAL_PIP | - VM_ENTRY_LOAD_IA32_RTIT_CTL; - if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_ENTRY_CTLS, - &_vmentry_control) < 0) + if (adjust_vmx_controls(KVM_REQUIRED_VMX_VM_ENTRY_CONTROLS, + KVM_OPTIONAL_VMX_VM_ENTRY_CONTROLS, + MSR_IA32_VMX_ENTRY_CTLS, + &_vmentry_control)) return -EIO; =20 for (i =3D 0; i < ARRAY_SIZE(vmcs_entry_exit_pairs); i++) { diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 35c7e6aef301..e927d35bece5 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -477,29 +477,138 @@ static inline u8 vmx_get_rvi(void) return vmcs_read16(GUEST_INTR_STATUS) & 0xff; } =20 -#define BUILD_CONTROLS_SHADOW(lname, uname, bits) \ -static inline void lname##_controls_set(struct vcpu_vmx *vmx, u##bits val)= \ -{ \ - if (vmx->loaded_vmcs->controls_shadow.lname !=3D val) { \ - vmcs_write##bits(uname, val); \ - vmx->loaded_vmcs->controls_shadow.lname =3D val; \ - } \ -} \ -static inline u##bits __##lname##_controls_get(struct loaded_vmcs *vmcs) \ -{ \ - return vmcs->controls_shadow.lname; \ -} \ -static inline u##bits lname##_controls_get(struct vcpu_vmx *vmx) \ -{ \ - return __##lname##_controls_get(vmx->loaded_vmcs); \ -} \ -static inline void lname##_controls_setbit(struct vcpu_vmx *vmx, u##bits v= al) \ -{ \ - lname##_controls_set(vmx, lname##_controls_get(vmx) | val); \ -} \ -static inline void lname##_controls_clearbit(struct vcpu_vmx *vmx, u##bits= val) \ -{ \ - lname##_controls_set(vmx, lname##_controls_get(vmx) & ~val); \ +#define __KVM_REQUIRED_VMX_VM_ENTRY_CONTROLS \ + (VM_ENTRY_LOAD_DEBUG_CONTROLS) +#ifdef CONFIG_X86_64 + #define KVM_REQUIRED_VMX_VM_ENTRY_CONTROLS \ + (__KVM_REQUIRED_VMX_VM_ENTRY_CONTROLS | \ + VM_ENTRY_IA32E_MODE) +#else + #define KVM_REQUIRED_VMX_VM_ENTRY_CONTROLS \ + __KVM_REQUIRED_VMX_VM_ENTRY_CONTROLS +#endif +#define KVM_OPTIONAL_VMX_VM_ENTRY_CONTROLS \ + (VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | \ + VM_ENTRY_LOAD_IA32_PAT | \ + VM_ENTRY_LOAD_IA32_EFER | \ + VM_ENTRY_LOAD_BNDCFGS | \ + VM_ENTRY_PT_CONCEAL_PIP | \ + VM_ENTRY_LOAD_IA32_RTIT_CTL) + +#define __KVM_REQUIRED_VMX_VM_EXIT_CONTROLS \ + (VM_EXIT_SAVE_DEBUG_CONTROLS | \ + VM_EXIT_ACK_INTR_ON_EXIT) +#ifdef CONFIG_X86_64 + #define KVM_REQUIRED_VMX_VM_EXIT_CONTROLS \ + (__KVM_REQUIRED_VMX_VM_EXIT_CONTROLS | \ + VM_EXIT_HOST_ADDR_SPACE_SIZE) +#else + #define KVM_REQUIRED_VMX_VM_EXIT_CONTROLS \ + __KVM_REQUIRED_VMX_VM_EXIT_CONTROLS +#endif +#define KVM_OPTIONAL_VMX_VM_EXIT_CONTROLS \ + (VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL | \ + VM_EXIT_LOAD_IA32_PAT | \ + VM_EXIT_LOAD_IA32_EFER | \ + VM_EXIT_CLEAR_BNDCFGS | \ + VM_EXIT_PT_CONCEAL_PIP | \ + VM_EXIT_CLEAR_IA32_RTIT_CTL) + +#define KVM_REQUIRED_VMX_PIN_BASED_VM_EXEC_CONTROL \ + (PIN_BASED_EXT_INTR_MASK | \ + PIN_BASED_NMI_EXITING) +#define KVM_OPTIONAL_VMX_PIN_BASED_VM_EXEC_CONTROL \ + (PIN_BASED_VIRTUAL_NMIS | \ + PIN_BASED_POSTED_INTR | \ + PIN_BASED_VMX_PREEMPTION_TIMER) + +#define __KVM_REQUIRED_VMX_CPU_BASED_VM_EXEC_CONTROL \ + (CPU_BASED_HLT_EXITING | \ + CPU_BASED_CR3_LOAD_EXITING | \ + CPU_BASED_CR3_STORE_EXITING | \ + CPU_BASED_UNCOND_IO_EXITING | \ + CPU_BASED_MOV_DR_EXITING | \ + CPU_BASED_USE_TSC_OFFSETTING | \ + CPU_BASED_MWAIT_EXITING | \ + CPU_BASED_MONITOR_EXITING | \ + CPU_BASED_INVLPG_EXITING | \ + CPU_BASED_RDPMC_EXITING | \ + CPU_BASED_INTR_WINDOW_EXITING) + +#ifdef CONFIG_X86_64 + #define KVM_REQUIRED_VMX_CPU_BASED_VM_EXEC_CONTROL \ + (__KVM_REQUIRED_VMX_CPU_BASED_VM_EXEC_CONTROL | \ + CPU_BASED_CR8_LOAD_EXITING | \ + CPU_BASED_CR8_STORE_EXITING) +#else + #define KVM_REQUIRED_VMX_CPU_BASED_VM_EXEC_CONTROL \ + __KVM_REQUIRED_VMX_CPU_BASED_VM_EXEC_CONTROL +#endif + +#define KVM_OPTIONAL_VMX_CPU_BASED_VM_EXEC_CONTROL \ + (CPU_BASED_TPR_SHADOW | \ + CPU_BASED_USE_MSR_BITMAPS | \ + CPU_BASED_NMI_WINDOW_EXITING | \ + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | \ + CPU_BASED_ACTIVATE_TERTIARY_CONTROLS) + +#define KVM_REQUIRED_VMX_SECONDARY_VM_EXEC_CONTROL 0 +#define KVM_OPTIONAL_VMX_SECONDARY_VM_EXEC_CONTROL \ + (SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | \ + SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | \ + SECONDARY_EXEC_WBINVD_EXITING | \ + SECONDARY_EXEC_ENABLE_VPID | \ + SECONDARY_EXEC_ENABLE_EPT | \ + SECONDARY_EXEC_UNRESTRICTED_GUEST | \ + SECONDARY_EXEC_PAUSE_LOOP_EXITING | \ + SECONDARY_EXEC_DESC | \ + SECONDARY_EXEC_ENABLE_RDTSCP | \ + SECONDARY_EXEC_ENABLE_INVPCID | \ + SECONDARY_EXEC_APIC_REGISTER_VIRT | \ + SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | \ + SECONDARY_EXEC_SHADOW_VMCS | \ + SECONDARY_EXEC_XSAVES | \ + SECONDARY_EXEC_RDSEED_EXITING | \ + SECONDARY_EXEC_RDRAND_EXITING | \ + SECONDARY_EXEC_ENABLE_PML | \ + SECONDARY_EXEC_TSC_SCALING | \ + SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE | \ + SECONDARY_EXEC_PT_USE_GPA | \ + SECONDARY_EXEC_PT_CONCEAL_VMX | \ + SECONDARY_EXEC_ENABLE_VMFUNC | \ + SECONDARY_EXEC_BUS_LOCK_DETECTION | \ + SECONDARY_EXEC_NOTIFY_VM_EXITING | \ + SECONDARY_EXEC_ENCLS_EXITING) + +#define KVM_REQUIRED_VMX_TERTIARY_VM_EXEC_CONTROL 0 +#define KVM_OPTIONAL_VMX_TERTIARY_VM_EXEC_CONTROL \ + (TERTIARY_EXEC_IPI_VIRT) + +#define BUILD_CONTROLS_SHADOW(lname, uname, bits) \ +static inline void lname##_controls_set(struct vcpu_vmx *vmx, u##bits val)= \ +{ \ + if (vmx->loaded_vmcs->controls_shadow.lname !=3D val) { \ + vmcs_write##bits(uname, val); \ + vmx->loaded_vmcs->controls_shadow.lname =3D val; \ + } \ +} \ +static inline u##bits __##lname##_controls_get(struct loaded_vmcs *vmcs) = \ +{ \ + return vmcs->controls_shadow.lname; \ +} \ +static inline u##bits lname##_controls_get(struct vcpu_vmx *vmx) \ +{ \ + return __##lname##_controls_get(vmx->loaded_vmcs); \ +} \ +static __always_inline void lname##_controls_setbit(struct vcpu_vmx *vmx, = u##bits val) \ +{ \ + BUILD_BUG_ON(!(val & (KVM_REQUIRED_VMX_##uname | KVM_OPTIONAL_VMX_##uname= ))); \ + lname##_controls_set(vmx, lname##_controls_get(vmx) | val); \ +} \ +static __always_inline void lname##_controls_clearbit(struct vcpu_vmx *vmx= , u##bits val) \ +{ \ + BUILD_BUG_ON(!(val & (KVM_REQUIRED_VMX_##uname | KVM_OPTIONAL_VMX_##uname= ))); \ + lname##_controls_set(vmx, lname##_controls_get(vmx) & ~val); \ } BUILD_CONTROLS_SHADOW(vm_entry, VM_ENTRY_CONTROLS, 32) BUILD_CONTROLS_SHADOW(vm_exit, VM_EXIT_CONTROLS, 32) --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3D6D3ECAAD1 for ; Tue, 30 Aug 2022 13:41:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231149AbiH3Nla (ORCPT ); Tue, 30 Aug 2022 09:41:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42526 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229558AbiH3Nkm (ORCPT ); Tue, 30 Aug 2022 09:40:42 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C4691636E9 for ; Tue, 30 Aug 2022 06:39:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866726; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=B8QZ/KHlRT8W4KVpHmuA6d5aH8+Un6bo3HvywtrZ76A=; b=H/SmPjpXAyOU6ml1neJkCgqd5Mz4TX+IMw6+Cbkx/JHnrpfOVKH1LaKT5iz7ceGWphta44 pZsafLH18BFFFsLfPGBDQMFgKDFgYnnOfGASyXxf8DRiy1YyrYLOOS6rflQUnVIkrUs0wu Viozg1bRuNEie9LGXBMl/+z2HYoPz9w= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-610-bcWM08KqNAOCUtVLAyOhMA-1; Tue, 30 Aug 2022 09:38:42 -0400 X-MC-Unique: bcWM08KqNAOCUtVLAyOhMA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D937285A58B; Tue, 30 Aug 2022 13:38:41 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 31FF52166B26; Tue, 30 Aug 2022 13:38:40 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 24/33] KVM: VMX: Move CPU_BASED_CR8_{LOAD,STORE}_EXITING filtering out of setup_vmcs_config() Date: Tue, 30 Aug 2022 15:37:28 +0200 Message-Id: <20220830133737.1539624-25-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" As a preparation to reusing the result of setup_vmcs_config() in nested VMX MSR setup, move CPU_BASED_CR8_{LOAD,STORE}_EXITING filtering to vmx_exec_control(). No functional change intended. Reviewed-by: Jim Mattson Reviewed-by: Maxim Levitsky Reviewed-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 9caed775b211..2e0deac5570f 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2556,11 +2556,6 @@ static __init int setup_vmcs_config(struct vmcs_conf= ig *vmcs_conf, MSR_IA32_VMX_PROCBASED_CTLS, &_cpu_based_exec_control)) return -EIO; -#ifdef CONFIG_X86_64 - if (_cpu_based_exec_control & CPU_BASED_TPR_SHADOW) - _cpu_based_exec_control &=3D ~CPU_BASED_CR8_LOAD_EXITING & - ~CPU_BASED_CR8_STORE_EXITING; -#endif if (_cpu_based_exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) { if (adjust_vmx_controls(KVM_REQUIRED_VMX_SECONDARY_VM_EXEC_CONTROL, KVM_OPTIONAL_VMX_SECONDARY_VM_EXEC_CONTROL, @@ -4331,13 +4326,17 @@ static u32 vmx_exec_control(struct vcpu_vmx *vmx) if (vmx->vcpu.arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT) exec_control &=3D ~CPU_BASED_MOV_DR_EXITING; =20 - if (!cpu_need_tpr_shadow(&vmx->vcpu)) { + if (!cpu_need_tpr_shadow(&vmx->vcpu)) exec_control &=3D ~CPU_BASED_TPR_SHADOW; + #ifdef CONFIG_X86_64 + if (exec_control & CPU_BASED_TPR_SHADOW) + exec_control &=3D ~(CPU_BASED_CR8_LOAD_EXITING | + CPU_BASED_CR8_STORE_EXITING); + else exec_control |=3D CPU_BASED_CR8_STORE_EXITING | CPU_BASED_CR8_LOAD_EXITING; #endif - } if (!enable_ept) exec_control |=3D CPU_BASED_CR3_STORE_EXITING | CPU_BASED_CR3_LOAD_EXITING | --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DE755ECAAD1 for ; Tue, 30 Aug 2022 13:41:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230452AbiH3Nlu (ORCPT ); Tue, 30 Aug 2022 09:41:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42144 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229838AbiH3NlM (ORCPT ); Tue, 30 Aug 2022 09:41:12 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 280EDFBA74 for ; Tue, 30 Aug 2022 06:39:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866729; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ppxBvNBPIPgVe6xpKz5mkcug3vVW5FWLaNZHpD9dNCo=; b=DNi1jelaH/WXDmKBATsZp+fqMSnhChl5q5k4EU0a+GBahL19n4nNvVnh1ERncSfHGUcrMq aikTCziEZaZA1EPR4cM0KrwxpHX+7zus0pPvcxdUsqniCnJdUi0YG2GKnS/VVz0UgGf/72 jtqtzPPx9gyV2zF0YjGcNMihFu7c5eA= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-650-zY9Dk9rHMvWObm9oPkwpVg-1; Tue, 30 Aug 2022 09:38:45 -0400 X-MC-Unique: zY9Dk9rHMvWObm9oPkwpVg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A2F75185A7B2; Tue, 30 Aug 2022 13:38:44 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 25EDA2166B26; Tue, 30 Aug 2022 13:38:42 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 25/33] KVM: VMX: Add missing VMEXIT controls to vmcs_config Date: Tue, 30 Aug 2022 15:37:29 +0200 Message-Id: <20220830133737.1539624-26-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" As a preparation to reusing the result of setup_vmcs_config() in nested VMX MSR setup, add the VMEXIT controls which KVM doesn't use but supports for nVMX to KVM_OPT_VMX_VM_EXIT_CONTROLS and filter them out in vmx_vmexit_ctrl(). No functional change intended. Reviewed-by: Jim Mattson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 7 +++++++ arch/x86/kvm/vmx/vmx.h | 3 +++ 2 files changed, 10 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 2e0deac5570f..779377380399 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -4279,6 +4279,13 @@ static u32 vmx_vmexit_ctrl(void) { u32 vmexit_ctrl =3D vmcs_config.vmexit_ctrl; =20 + /* + * Not used by KVM and never set in vmcs01 or vmcs02, but emulated for + * nested virtualization and thus allowed to be set in vmcs12. + */ + vmexit_ctrl &=3D ~(VM_EXIT_SAVE_IA32_PAT | VM_EXIT_SAVE_IA32_EFER | + VM_EXIT_SAVE_VMX_PREEMPTION_TIMER); + if (vmx_pt_mode_is_system()) vmexit_ctrl &=3D ~(VM_EXIT_PT_CONCEAL_PIP | VM_EXIT_CLEAR_IA32_RTIT_CTL); diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index e927d35bece5..200a17ca9406 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -508,7 +508,10 @@ static inline u8 vmx_get_rvi(void) #endif #define KVM_OPTIONAL_VMX_VM_EXIT_CONTROLS \ (VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL | \ + VM_EXIT_SAVE_IA32_PAT | \ VM_EXIT_LOAD_IA32_PAT | \ + VM_EXIT_SAVE_IA32_EFER | \ + VM_EXIT_SAVE_VMX_PREEMPTION_TIMER | \ VM_EXIT_LOAD_IA32_EFER | \ VM_EXIT_CLEAR_BNDCFGS | \ VM_EXIT_PT_CONCEAL_PIP | \ --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CAFFBECAAA1 for ; Tue, 30 Aug 2022 13:41:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229810AbiH3Nlm (ORCPT ); Tue, 30 Aug 2022 09:41:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41984 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231168AbiH3Nku (ORCPT ); Tue, 30 Aug 2022 09:40:50 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E41BE15C78A for ; Tue, 30 Aug 2022 06:39:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866730; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FOt93qaFZyGHM3bS6yprWKlmEjd91A7jA18n75/j8XE=; b=VKiY8A07ZTAx3gSUGKwTSISSChUTlLAavJE9SZZTUF4R6X2UEaM9DwhgmS9wIMXyUDJMAw bnmX558nkkrku/3h6PVMSiBok5ZmH4XWYXixqXZAkLQ4Y8G55GNcRwNqFqKwGPmCHtQE7B TYVyInvbmDCXCI7bz5l5uklkdMfWnm8= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-308-30NGISCaODKzD-nSbb4x1Q-1; Tue, 30 Aug 2022 09:38:47 -0400 X-MC-Unique: 30NGISCaODKzD-nSbb4x1Q-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 37247811768; Tue, 30 Aug 2022 13:38:47 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0A11D2166B26; Tue, 30 Aug 2022 13:38:44 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 26/33] KVM: VMX: Add missing CPU based VM execution controls to vmcs_config Date: Tue, 30 Aug 2022 15:37:30 +0200 Message-Id: <20220830133737.1539624-27-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" As a preparation to reusing the result of setup_vmcs_config() in nested VMX MSR setup, add the CPU based VM execution controls which KVM doesn't use but supports for nVMX to KVM_OPT_VMX_CPU_BASED_VM_EXEC_CONTROL and filter them out in vmx_exec_control(). No functional change intended. Reviewed-by: Jim Mattson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 9 +++++++++ arch/x86/kvm/vmx/vmx.h | 6 +++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 779377380399..be69fc3a57a3 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -4326,6 +4326,15 @@ static u32 vmx_exec_control(struct vcpu_vmx *vmx) { u32 exec_control =3D vmcs_config.cpu_based_exec_ctrl; =20 + /* + * Not used by KVM, but fully supported for nesting, i.e. are allowed in + * vmcs12 and propagated to vmcs02 when set in vmcs12. + */ + exec_control &=3D ~(CPU_BASED_RDTSC_EXITING | + CPU_BASED_USE_IO_BITMAPS | + CPU_BASED_MONITOR_TRAP_FLAG | + CPU_BASED_PAUSE_EXITING); + /* INTR_WINDOW_EXITING and NMI_WINDOW_EXITING are toggled dynamically */ exec_control &=3D ~(CPU_BASED_INTR_WINDOW_EXITING | CPU_BASED_NMI_WINDOW_EXITING); diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 200a17ca9406..a3da84f4ea45 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -549,9 +549,13 @@ static inline u8 vmx_get_rvi(void) #endif =20 #define KVM_OPTIONAL_VMX_CPU_BASED_VM_EXEC_CONTROL \ - (CPU_BASED_TPR_SHADOW | \ + (CPU_BASED_RDTSC_EXITING | \ + CPU_BASED_TPR_SHADOW | \ + CPU_BASED_USE_IO_BITMAPS | \ + CPU_BASED_MONITOR_TRAP_FLAG | \ CPU_BASED_USE_MSR_BITMAPS | \ CPU_BASED_NMI_WINDOW_EXITING | \ + CPU_BASED_PAUSE_EXITING | \ CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | \ CPU_BASED_ACTIVATE_TERTIARY_CONTROLS) =20 --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF222C3DA6B for ; Tue, 30 Aug 2022 13:41:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231195AbiH3NlZ (ORCPT ); Tue, 30 Aug 2022 09:41:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41938 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229812AbiH3Nkh (ORCPT ); Tue, 30 Aug 2022 09:40:37 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E165015C78E for ; Tue, 30 Aug 2022 06:39:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866732; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dNi9YFlQcv9FJWQJuw7DCVKDq1XvYvPpqL3U/pqCadg=; b=eE0HfFI8+v51dN62ZXpB3NSj6ue0q7u/11c+5zy3SmsEn5j6+2WKfJIGdIYFQFnae8VZ6D xXjK2m1Vo7d5jL6L7XvWejW/4kN5fpT4m1YP9SOtCJcpkLzziJVEiV4A7AV05EBiGnKkYZ ejwn/GyzzaFjS/52979FJEkeWIkgh/A= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-330-xPrpndBOObCjhMEn-63OWQ-1; Tue, 30 Aug 2022 09:38:50 -0400 X-MC-Unique: xPrpndBOObCjhMEn-63OWQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D9857101E9BA; Tue, 30 Aug 2022 13:38:49 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 97B222166B2A; Tue, 30 Aug 2022 13:38:47 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 27/33] KVM: VMX: Adjust CR3/INVPLG interception for EPT=y at runtime, not setup Date: Tue, 30 Aug 2022 15:37:31 +0200 Message-Id: <20220830133737.1539624-28-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Clear the CR3 and INVLPG interception controls at runtime based on whether or not EPT is being _used_, as opposed to clearing the bits at setup if EPT is _supported_ in hardware, and then restoring them when EPT is not used. Not mucking with the base config will allow using the base config as the starting point for emulating the VMX capability MSRs. Signed-off-by: Sean Christopherson Reviewed-by: Jim Mattson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov --- arch/x86/kvm/vmx/vmx.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index be69fc3a57a3..2e1fe1f8d764 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2578,13 +2578,8 @@ static __init int setup_vmcs_config(struct vmcs_conf= ig *vmcs_conf, rdmsr_safe(MSR_IA32_VMX_EPT_VPID_CAP, &vmx_cap->ept, &vmx_cap->vpid); =20 - if (_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_EPT) { - /* CR3 accesses and invlpg don't need to cause VM Exits when EPT - enabled */ - _cpu_based_exec_control &=3D ~(CPU_BASED_CR3_LOAD_EXITING | - CPU_BASED_CR3_STORE_EXITING | - CPU_BASED_INVLPG_EXITING); - } else if (vmx_cap->ept) { + if (!(_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_EPT) && + vmx_cap->ept) { pr_warn_once("EPT CAP should not exist if not support " "1-setting enable EPT VM-execution control\n"); =20 @@ -4353,10 +4348,11 @@ static u32 vmx_exec_control(struct vcpu_vmx *vmx) exec_control |=3D CPU_BASED_CR8_STORE_EXITING | CPU_BASED_CR8_LOAD_EXITING; #endif - if (!enable_ept) - exec_control |=3D CPU_BASED_CR3_STORE_EXITING | - CPU_BASED_CR3_LOAD_EXITING | - CPU_BASED_INVLPG_EXITING; + /* No need to intercept CR3 access or INVPLG when using EPT. */ + if (enable_ept) + exec_control &=3D ~(CPU_BASED_CR3_LOAD_EXITING | + CPU_BASED_CR3_STORE_EXITING | + CPU_BASED_INVLPG_EXITING); if (kvm_mwait_in_guest(vmx->vcpu.kvm)) exec_control &=3D ~(CPU_BASED_MWAIT_EXITING | CPU_BASED_MONITOR_EXITING); --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E22A8ECAAA1 for ; Tue, 30 Aug 2022 13:41:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231233AbiH3Nlz (ORCPT ); Tue, 30 Aug 2022 09:41:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42164 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231178AbiH3NlM (ORCPT ); Tue, 30 Aug 2022 09:41:12 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D7A19EF9D3 for ; Tue, 30 Aug 2022 06:39:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866736; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xcv5uz1YeS0YVWz+jZbDfSoBQT7SITAZLiwOPXNWye4=; b=bx+p8yhrKcvavrWTFh2yBO/WiHEAuFOsRxpkp+MbbfQKULPhUYm/68gDM7IvtsTIrIqSTA zVaig25khtcFSw1m1QrwkSJrMo7fEl0Q4X6XM1eit7vW+oPPs+NcOc6D+UMaBlvaRyDxxA SjOwatMG+HtxlkYk7KFyC62XgqjXWKI= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-484-0DAfFfbZOmSBydPSWpCvNQ-1; Tue, 30 Aug 2022 09:38:53 -0400 X-MC-Unique: 0DAfFfbZOmSBydPSWpCvNQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 86FCE2999B43; Tue, 30 Aug 2022 13:38:52 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5E4EF2166B26; Tue, 30 Aug 2022 13:38:50 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 28/33] KVM: x86: VMX: Replace some Intel model numbers with mnemonics Date: Tue, 30 Aug 2022 15:37:32 +0200 Message-Id: <20220830133737.1539624-29-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Jim Mattson Intel processor code names are more familiar to many readers than their decimal model numbers. Signed-off-by: Jim Mattson Reviewed-by: Sean Christopherson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 2e1fe1f8d764..0a8798ec49e8 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2656,11 +2656,11 @@ static __init int setup_vmcs_config(struct vmcs_con= fig *vmcs_conf, */ if (boot_cpu_data.x86 =3D=3D 0x6) { switch (boot_cpu_data.x86_model) { - case 26: /* AAK155 */ - case 30: /* AAP115 */ - case 37: /* AAT100 */ - case 44: /* BC86,AAY89,BD102 */ - case 46: /* BA97 */ + case INTEL_FAM6_NEHALEM_EP: /* AAK155 */ + case INTEL_FAM6_NEHALEM: /* AAP115 */ + case INTEL_FAM6_WESTMERE: /* AAT100 */ + case INTEL_FAM6_WESTMERE_EP: /* BC86,AAY89,BD102 */ + case INTEL_FAM6_NEHALEM_EX: /* BA97 */ _vmentry_control &=3D ~VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; _vmexit_control &=3D ~VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; pr_warn_once("kvm: VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL " --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5E921ECAAD1 for ; Tue, 30 Aug 2022 13:42:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231246AbiH3NmH (ORCPT ); Tue, 30 Aug 2022 09:42:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41422 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230501AbiH3NlS (ORCPT ); Tue, 30 Aug 2022 09:41:18 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1AA04C27 for ; Tue, 30 Aug 2022 06:39:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866740; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lrKJCo4aLdbt0m3uSjnwcM0QaFSfX/crWfaShd2ZxUM=; b=afRSR5TE0D8Vo4Yc4DOx8z/TUFtbuLsPu/iiyPZPlUzZsv55Nar2ZuCkJUxkpmTCRQZz5K KUqVtQqY2X7LXqIe4Cm0hPuihFr6ssmUQ6o0GUvQMWHQM8HD3r6esLui6MhZk+DklocSIi RY+nhwWoFuCv0rk+A/IJXWnaY0BG3Lw= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-248-aANp1kb7M0Kb5i8YkcPbsg-1; Tue, 30 Aug 2022 09:38:55 -0400 X-MC-Unique: aANp1kb7M0Kb5i8YkcPbsg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D51CC2999B48; Tue, 30 Aug 2022 13:38:54 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id C21F72166B26; Tue, 30 Aug 2022 13:38:52 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 29/33] KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata handling out of setup_vmcs_config() Date: Tue, 30 Aug 2022 15:37:33 +0200 Message-Id: <20220830133737.1539624-30-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" As a preparation to reusing the result of setup_vmcs_config() for setting up nested VMX control MSRs, move LOAD_IA32_PERF_GLOBAL_CTRL errata handling to vmx_vmexit_ctrl()/vmx_vmentry_ctrl() and print the warning from hardware_setup(). While it seems reasonable to not expose LOAD_IA32_PERF_GLOBAL_CTRL controls to L1 hypervisor on buggy CPUs, such change would inevitably break live migration from older KVMs where the controls are exposed. Keep the status quo for now, L1 hypervisor itself is supposed to take care of the errata. Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 59 +++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 24 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 0a8798ec49e8..7b415d2fb2de 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2493,6 +2493,30 @@ static bool cpu_has_sgx(void) return cpuid_eax(0) >=3D 0x12 && (cpuid_eax(0x12) & BIT(0)); } =20 +/* + * Some cpus support VM_{ENTRY,EXIT}_IA32_PERF_GLOBAL_CTRL but they + * can't be used due to errata where VM Exit may incorrectly clear + * IA32_PERF_GLOBAL_CTRL[34:32]. Work around the errata by using the + * MSR load mechanism to switch IA32_PERF_GLOBAL_CTRL. + */ +static bool cpu_has_perf_global_ctrl_bug(void) +{ + if (boot_cpu_data.x86 =3D=3D 0x6) { + switch (boot_cpu_data.x86_model) { + case INTEL_FAM6_NEHALEM_EP: /* AAK155 */ + case INTEL_FAM6_NEHALEM: /* AAP115 */ + case INTEL_FAM6_WESTMERE: /* AAT100 */ + case INTEL_FAM6_WESTMERE_EP: /* BC86,AAY89,BD102 */ + case INTEL_FAM6_NEHALEM_EX: /* BA97 */ + return true; + default: + break; + } + } + + return false; +} + static __init int adjust_vmx_controls(u32 ctl_min, u32 ctl_opt, u32 msr, u32 *result) { @@ -2648,30 +2672,6 @@ static __init int setup_vmcs_config(struct vmcs_conf= ig *vmcs_conf, _vmexit_control &=3D ~x_ctrl; } =20 - /* - * Some cpus support VM_{ENTRY,EXIT}_IA32_PERF_GLOBAL_CTRL but they - * can't be used due to an errata where VM Exit may incorrectly clear - * IA32_PERF_GLOBAL_CTRL[34:32]. Workaround the errata by using the - * MSR load mechanism to switch IA32_PERF_GLOBAL_CTRL. - */ - if (boot_cpu_data.x86 =3D=3D 0x6) { - switch (boot_cpu_data.x86_model) { - case INTEL_FAM6_NEHALEM_EP: /* AAK155 */ - case INTEL_FAM6_NEHALEM: /* AAP115 */ - case INTEL_FAM6_WESTMERE: /* AAT100 */ - case INTEL_FAM6_WESTMERE_EP: /* BC86,AAY89,BD102 */ - case INTEL_FAM6_NEHALEM_EX: /* BA97 */ - _vmentry_control &=3D ~VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; - _vmexit_control &=3D ~VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; - pr_warn_once("kvm: VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL " - "does not work properly. Using workaround\n"); - break; - default: - break; - } - } - - rdmsr(MSR_IA32_VMX_BASIC, vmx_msr_low, vmx_msr_high); =20 /* IA-32 SDM Vol 3B: VMCS size is never greater than 4kB. */ @@ -4267,6 +4267,9 @@ static u32 vmx_vmentry_ctrl(void) VM_ENTRY_LOAD_IA32_EFER | VM_ENTRY_IA32E_MODE); =20 + if (cpu_has_perf_global_ctrl_bug()) + vmentry_ctrl &=3D ~VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; + return vmentry_ctrl; } =20 @@ -4284,6 +4287,10 @@ static u32 vmx_vmexit_ctrl(void) if (vmx_pt_mode_is_system()) vmexit_ctrl &=3D ~(VM_EXIT_PT_CONCEAL_PIP | VM_EXIT_CLEAR_IA32_RTIT_CTL); + + if (cpu_has_perf_global_ctrl_bug()) + vmexit_ctrl &=3D ~VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; + /* Loading of EFER and PERF_GLOBAL_CTRL are toggled dynamically */ return vmexit_ctrl & ~(VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL | VM_EXIT_LOAD_IA32_EFER); @@ -8190,6 +8197,10 @@ static __init int hardware_setup(void) if (setup_vmcs_config(&vmcs_config, &vmx_capability) < 0) return -EIO; =20 + if (cpu_has_perf_global_ctrl_bug()) + pr_warn_once("kvm: VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL " + "does not work properly. Using workaround\n"); + if (boot_cpu_has(X86_FEATURE_NX)) kvm_enable_efer_bits(EFER_NX); =20 --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 53017ECAAD1 for ; Tue, 30 Aug 2022 13:42:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230526AbiH3NmV (ORCPT ); Tue, 30 Aug 2022 09:42:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41906 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231174AbiH3Nlp (ORCPT ); Tue, 30 Aug 2022 09:41:45 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D458B62D1 for ; Tue, 30 Aug 2022 06:39:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866743; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=leb04kms++8UO/3wqkyniMqaiaURa03+1IgpQdNpVu0=; b=T10S2VADwwd/ayXVNE+Ps9wpFKSiBLbD8yTAtkd+DLkPN8r0/Dlk6AjKW2jAu3UjEDJ2Nv OSp6KB+hsJ9otEFU6mLY+2ygCnpH93DB9aNq8p/PJ+3hLXSEPD/fGX2pUdsXkvvNB5hinv 28bwRNdYtcKYvbfopjBFupo5a6xXRCk= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-389-NEWFwmhIMdK6MHFRpLT5Bw-1; Tue, 30 Aug 2022 09:38:58 -0400 X-MC-Unique: NEWFwmhIMdK6MHFRpLT5Bw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 882B43C0D853; Tue, 30 Aug 2022 13:38:57 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 309962166B26; Tue, 30 Aug 2022 13:38:55 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 30/33] KVM: nVMX: Always set required-1 bits of pinbased_ctls to PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR Date: Tue, 30 Aug 2022 15:37:34 +0200 Message-Id: <20220830133737.1539624-31-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Similar to exit_ctls_low, entry_ctls_low, procbased_ctls_low, pinbased_ctls_low should be set to PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR and not host's MSR_IA32_VMX_PINBASED_CTLS value |=3D PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR. The commit eabeaaccfca0 ("KVM: nVMX: Clean up and fix pin-based execution controls") which introduced '|=3D' doesn't mention anything about why this is needed, the change seems rather accidental. Note: normally, required-1 portion of MSR_IA32_VMX_PINBASED_CTLS should be equal to PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR so no behavioral change is expected, however, it is (in theory) possible to observe something different there when e.g. KVM is running as a nested hypervisor. Hope this doesn't happen in practice. Reported-by: Jim Mattson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 19a96cf65b99..0975d48cfd06 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -6579,7 +6579,7 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_msr= s *msrs, u32 ept_caps) rdmsr(MSR_IA32_VMX_PINBASED_CTLS, msrs->pinbased_ctls_low, msrs->pinbased_ctls_high); - msrs->pinbased_ctls_low |=3D + msrs->pinbased_ctls_low =3D PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR; msrs->pinbased_ctls_high &=3D PIN_BASED_EXT_INTR_MASK | --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CBB52ECAAA1 for ; Tue, 30 Aug 2022 13:42:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229674AbiH3Nmr (ORCPT ); Tue, 30 Aug 2022 09:42:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41978 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231253AbiH3NmJ (ORCPT ); Tue, 30 Aug 2022 09:42:09 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0DCDA12ADA for ; Tue, 30 Aug 2022 06:40:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866751; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NcelubHNqDqCw8EsbluAlnszB+URgeioeS+XUS/3lKY=; b=iYBj9P9em4PGQYFZq9n9sNujh0TDfIAUmKVpOchrnlkJAsMO1z3yDEhIfWfDkRYKF7ko7Q fzCV4Aq+w0Shdxt9UsH6ZZHKmcnMzmYVgNDf+4HvlBQNdsPtcxgQFmrCUdQ+2fKB5hpHd5 xvAzYZPncEq3oBiijMZ1LyA0xJscpV0= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-281-UWO_mNhTNNKFi1v7Z9dXGQ-1; Tue, 30 Aug 2022 09:39:00 -0400 X-MC-Unique: UWO_mNhTNNKFi1v7Z9dXGQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id BAA39382ECC0; Tue, 30 Aug 2022 13:38:59 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id C3F4F2166B26; Tue, 30 Aug 2022 13:38:57 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 31/33] KVM: nVMX: Use sanitized allowed-1 bits for VMX control MSRs Date: Tue, 30 Aug 2022 15:37:35 +0200 Message-Id: <20220830133737.1539624-32-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Using raw host MSR values for setting up nested VMX control MSRs is incorrect as some features need to disabled, e.g. when KVM runs as a nested hypervisor on Hyper-V and uses Enlightened VMCS or when a workaround for IA32_PERF_GLOBAL_CTRL is applied. For non-nested VMX, this is done in setup_vmcs_config() and the result is stored in vmcs_config. Use it for setting up allowed-1 bits in nested VMX MSRs too. Suggested-by: Sean Christopherson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 30 ++++++++++++------------------ arch/x86/kvm/vmx/nested.h | 2 +- arch/x86/kvm/vmx/vmx.c | 5 ++--- 3 files changed, 15 insertions(+), 22 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 0975d48cfd06..a079f013ccbc 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -6558,8 +6558,10 @@ static u64 nested_vmx_calc_vmcs_enum_msr(void) * bit in the high half is on if the corresponding bit in the control field * may be on. See also vmx_control_verify(). */ -void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, u32 ept_caps) +void nested_vmx_setup_ctls_msrs(struct vmcs_config *vmcs_conf, u32 ept_cap= s) { + struct nested_vmx_msrs *msrs =3D &vmcs_conf->nested; + /* * Note that as a general rule, the high half of the MSRs (bits in * the control fields which may be 1) should be initialized by the @@ -6576,11 +6578,10 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_m= srs *msrs, u32 ept_caps) */ =20 /* pin-based controls */ - rdmsr(MSR_IA32_VMX_PINBASED_CTLS, - msrs->pinbased_ctls_low, - msrs->pinbased_ctls_high); msrs->pinbased_ctls_low =3D PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR; + + msrs->pinbased_ctls_high =3D vmcs_conf->pin_based_exec_ctrl; msrs->pinbased_ctls_high &=3D PIN_BASED_EXT_INTR_MASK | PIN_BASED_NMI_EXITING | @@ -6591,12 +6592,10 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_m= srs *msrs, u32 ept_caps) PIN_BASED_VMX_PREEMPTION_TIMER; =20 /* exit controls */ - rdmsr(MSR_IA32_VMX_EXIT_CTLS, - msrs->exit_ctls_low, - msrs->exit_ctls_high); msrs->exit_ctls_low =3D VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR; =20 + msrs->exit_ctls_high =3D vmcs_conf->vmexit_ctrl; msrs->exit_ctls_high &=3D #ifdef CONFIG_X86_64 VM_EXIT_HOST_ADDR_SPACE_SIZE | @@ -6613,11 +6612,10 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_m= srs *msrs, u32 ept_caps) msrs->exit_ctls_low &=3D ~VM_EXIT_SAVE_DEBUG_CONTROLS; =20 /* entry controls */ - rdmsr(MSR_IA32_VMX_ENTRY_CTLS, - msrs->entry_ctls_low, - msrs->entry_ctls_high); msrs->entry_ctls_low =3D VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR; + + msrs->entry_ctls_high =3D vmcs_conf->vmentry_ctrl; msrs->entry_ctls_high &=3D #ifdef CONFIG_X86_64 VM_ENTRY_IA32E_MODE | @@ -6631,11 +6629,10 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_m= srs *msrs, u32 ept_caps) msrs->entry_ctls_low &=3D ~VM_ENTRY_LOAD_DEBUG_CONTROLS; =20 /* cpu-based controls */ - rdmsr(MSR_IA32_VMX_PROCBASED_CTLS, - msrs->procbased_ctls_low, - msrs->procbased_ctls_high); msrs->procbased_ctls_low =3D CPU_BASED_ALWAYSON_WITHOUT_TRUE_MSR; + + msrs->procbased_ctls_high =3D vmcs_conf->cpu_based_exec_ctrl; msrs->procbased_ctls_high &=3D CPU_BASED_INTR_WINDOW_EXITING | CPU_BASED_NMI_WINDOW_EXITING | CPU_BASED_USE_TSC_OFFSETTING | @@ -6669,12 +6666,9 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_ms= rs *msrs, u32 ept_caps) * depend on CPUID bits, they are added later by * vmx_vcpu_after_set_cpuid. */ - if (msrs->procbased_ctls_high & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) - rdmsr(MSR_IA32_VMX_PROCBASED_CTLS2, - msrs->secondary_ctls_low, - msrs->secondary_ctls_high); - msrs->secondary_ctls_low =3D 0; + + msrs->secondary_ctls_high =3D vmcs_conf->cpu_based_2nd_exec_ctrl; msrs->secondary_ctls_high &=3D SECONDARY_EXEC_DESC | SECONDARY_EXEC_ENABLE_RDTSCP | diff --git a/arch/x86/kvm/vmx/nested.h b/arch/x86/kvm/vmx/nested.h index 88b00a7359e4..6312c9541c3c 100644 --- a/arch/x86/kvm/vmx/nested.h +++ b/arch/x86/kvm/vmx/nested.h @@ -17,7 +17,7 @@ enum nvmx_vmentry_status { }; =20 void vmx_leave_nested(struct kvm_vcpu *vcpu); -void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, u32 ept_caps= ); +void nested_vmx_setup_ctls_msrs(struct vmcs_config *vmcs_conf, u32 ept_cap= s); void nested_vmx_hardware_unsetup(void); __init int nested_vmx_hardware_setup(int (*exit_handlers[])(struct kvm_vcp= u *)); void nested_vmx_set_vmcs_shadowing_bitmap(void); diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 7b415d2fb2de..e7f46b4a1755 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7400,7 +7400,7 @@ static int __init vmx_check_processor_compat(void) if (setup_vmcs_config(&vmcs_conf, &vmx_cap) < 0) return -EIO; if (nested) - nested_vmx_setup_ctls_msrs(&vmcs_conf.nested, vmx_cap.ept); + nested_vmx_setup_ctls_msrs(&vmcs_conf, vmx_cap.ept); if (memcmp(&vmcs_config, &vmcs_conf, sizeof(struct vmcs_config)) !=3D 0) { printk(KERN_ERR "kvm: CPU %d feature inconsistency!\n", smp_processor_id()); @@ -8355,8 +8355,7 @@ static __init int hardware_setup(void) setup_default_sgx_lepubkeyhash(); =20 if (nested) { - nested_vmx_setup_ctls_msrs(&vmcs_config.nested, - vmx_capability.ept); + nested_vmx_setup_ctls_msrs(&vmcs_config, vmx_capability.ept); =20 r =3D nested_vmx_hardware_setup(kvm_vmx_exit_handlers); if (r) --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7088FECAAA1 for ; Tue, 30 Aug 2022 13:42:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231267AbiH3Nma (ORCPT ); Tue, 30 Aug 2022 09:42:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41390 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230373AbiH3Nlw (ORCPT ); Tue, 30 Aug 2022 09:41:52 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1BD9F14003 for ; Tue, 30 Aug 2022 06:40:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866748; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=R81Tn+eeVSYo7iiZ9+LJ84mDEyy5uhm5SBiSDDKOWFg=; b=BS/5kusN+6VDiAM+DxaPl2dpwdA3ZCftCQ+WQJT1B5mCD8+zeXuxnCVrr07asjlDsIOBAM bdpkf0TnVsfpjIxLwcv/j8I4RC86vKcG0WWy3S4dbXkoWyAgbFUDY4G3hEwBSntq1TmVMe 8EU0HOZvqcT/5BCyp5yxgIzXy+Csat0= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-139-f3ZvjU7ePz2DwFQ-ysYdpw-1; Tue, 30 Aug 2022 09:39:03 -0400 X-MC-Unique: f3ZvjU7ePz2DwFQ-ysYdpw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6268518E0047; Tue, 30 Aug 2022 13:39:02 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id 28B152166B26; Tue, 30 Aug 2022 13:38:59 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 32/33] KVM: VMX: Cache MSR_IA32_VMX_MISC in vmcs_config Date: Tue, 30 Aug 2022 15:37:36 +0200 Message-Id: <20220830133737.1539624-33-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Like other host VMX control MSRs, MSR_IA32_VMX_MISC can be cached in vmcs_config to avoid the need to re-read it later, e.g. from cpu_has_vmx_intel_pt() or cpu_has_vmx_shadow_vmcs(). No (real) functional change intended. Reviewed-by: Jim Mattson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/capabilities.h | 11 +++-------- arch/x86/kvm/vmx/vmx.c | 8 +++++--- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilitie= s.h index faee1db8b0e0..87c4e46daf37 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -65,6 +65,7 @@ struct vmcs_config { u64 cpu_based_3rd_exec_ctrl; u32 vmexit_ctrl; u32 vmentry_ctrl; + u64 misc; struct nested_vmx_msrs nested; }; extern struct vmcs_config vmcs_config; @@ -225,11 +226,8 @@ static inline bool cpu_has_vmx_vmfunc(void) =20 static inline bool cpu_has_vmx_shadow_vmcs(void) { - u64 vmx_msr; - /* check if the cpu supports writing r/o exit information fields */ - rdmsrl(MSR_IA32_VMX_MISC, vmx_msr); - if (!(vmx_msr & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS)) + if (!(vmcs_config.misc & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS)) return false; =20 return vmcs_config.cpu_based_2nd_exec_ctrl & @@ -371,10 +369,7 @@ static inline bool cpu_has_vmx_invvpid_global(void) =20 static inline bool cpu_has_vmx_intel_pt(void) { - u64 vmx_msr; - - rdmsrl(MSR_IA32_VMX_MISC, vmx_msr); - return (vmx_msr & MSR_IA32_VMX_MISC_INTEL_PT) && + return (vmcs_config.misc & MSR_IA32_VMX_MISC_INTEL_PT) && (vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) && (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL); } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index e7f46b4a1755..ce78672bd6d1 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2555,6 +2555,7 @@ static __init int setup_vmcs_config(struct vmcs_confi= g *vmcs_conf, u64 _cpu_based_3rd_exec_control =3D 0; u32 _vmexit_control =3D 0; u32 _vmentry_control =3D 0; + u64 misc_msr; int i; =20 /* @@ -2688,6 +2689,8 @@ static __init int setup_vmcs_config(struct vmcs_confi= g *vmcs_conf, if (((vmx_msr_high >> 18) & 15) !=3D 6) return -EIO; =20 + rdmsrl(MSR_IA32_VMX_MISC, misc_msr); + vmcs_conf->size =3D vmx_msr_high & 0x1fff; vmcs_conf->basic_cap =3D vmx_msr_high & ~0x1fff; =20 @@ -2699,6 +2702,7 @@ static __init int setup_vmcs_config(struct vmcs_confi= g *vmcs_conf, vmcs_conf->cpu_based_3rd_exec_ctrl =3D _cpu_based_3rd_exec_control; vmcs_conf->vmexit_ctrl =3D _vmexit_control; vmcs_conf->vmentry_ctrl =3D _vmentry_control; + vmcs_conf->misc =3D misc_msr; =20 return 0; } @@ -8315,11 +8319,9 @@ static __init int hardware_setup(void) =20 if (enable_preemption_timer) { u64 use_timer_freq =3D 5000ULL * 1000 * 1000; - u64 vmx_msr; =20 - rdmsrl(MSR_IA32_VMX_MISC, vmx_msr); cpu_preemption_timer_multi =3D - vmx_msr & VMX_MISC_PREEMPTION_TIMER_RATE_MASK; + vmcs_config.misc & VMX_MISC_PREEMPTION_TIMER_RATE_MASK; =20 if (tsc_khz) use_timer_freq =3D (u64)tsc_khz * 1000; --=20 2.37.2 From nobody Tue Apr 7 05:43:30 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06416ECAAD4 for ; Tue, 30 Aug 2022 13:42:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231165AbiH3Nml (ORCPT ); Tue, 30 Aug 2022 09:42:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42572 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231250AbiH3NmI (ORCPT ); Tue, 30 Aug 2022 09:42:08 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6D4CA2B1AE for ; Tue, 30 Aug 2022 06:40:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1661866750; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jtIS1VsLeTWsr8wnUR6qesTZez08emIVhcN1jg/PKaE=; b=BJqs+z1Js5kEbgRPw5GUBMe4991nLx3Al47PgbpoII5nRqFcXTMNaVUOYwhDEgEHblW67b KLIJDYrydK5XuXfCpqG3W3qcoiMS57mx2Tso3fDKHtd0jhNhFyWlMnQ3icwYlND9FFQYwu U3L3IQa1tm39/MkXHlY71eADBX2jP2o= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-602-sQBjN_0tPxWdEtmME_E3BQ-1; Tue, 30 Aug 2022 09:39:05 -0400 X-MC-Unique: sQBjN_0tPxWdEtmME_E3BQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 26E19811E9B; Tue, 30 Aug 2022 13:39:05 +0000 (UTC) Received: from fedora.redhat.com (unknown [10.40.194.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id BA3782166B2A; Tue, 30 Aug 2022 13:39:02 +0000 (UTC) From: Vitaly Kuznetsov To: kvm@vger.kernel.org, Paolo Bonzini Cc: Sean Christopherson , Wanpeng Li , Jim Mattson , Michael Kelley , Yuan Yao , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v6 33/33] KVM: nVMX: Use cached host MSR_IA32_VMX_MISC value for setting up nested MSR Date: Tue, 30 Aug 2022 15:37:37 +0200 Message-Id: <20220830133737.1539624-34-vkuznets@redhat.com> In-Reply-To: <20220830133737.1539624-1-vkuznets@redhat.com> References: <20220830133737.1539624-1-vkuznets@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" vmcs_config has cached host MSR_IA32_VMX_MISC value, use it for setting up nested MSR_IA32_VMX_MISC in nested_vmx_setup_ctls_msrs() and avoid the redundant rdmsr(). No (real) functional change intended. Reviewed-by: Jim Mattson Reviewed-by: Maxim Levitsky Signed-off-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index a079f013ccbc..02d442b3357a 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -6748,10 +6748,7 @@ void nested_vmx_setup_ctls_msrs(struct vmcs_config *= vmcs_conf, u32 ept_caps) msrs->secondary_ctls_high |=3D SECONDARY_EXEC_ENCLS_EXITING; =20 /* miscellaneous data */ - rdmsr(MSR_IA32_VMX_MISC, - msrs->misc_low, - msrs->misc_high); - msrs->misc_low &=3D VMX_MISC_SAVE_EFER_LMA; + msrs->misc_low =3D (u32)vmcs_conf->misc & VMX_MISC_SAVE_EFER_LMA; msrs->misc_low |=3D MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS | VMX_MISC_EMULATED_PREEMPTION_TIMER_RATE | --=20 2.37.2