From nobody Mon Jun 22 22:43:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4761BC433EF for ; Tue, 15 Mar 2022 22:50:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352389AbiCOWva (ORCPT ); Tue, 15 Mar 2022 18:51:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55216 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242937AbiCOWv1 (ORCPT ); Tue, 15 Mar 2022 18:51:27 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 30A905D1A8; Tue, 15 Mar 2022 15:50:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647384613; x=1678920613; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7cHtBavUZQpj+upBdcXGP4IKZQedaVsnZ7sJicl2SlE=; b=GZYoKuvzDMmRa3+NqihARUENjeKPlSIJq41lUn7vgyuD7VISExoC0RKN R0Xi07XsI7DqK4aL5pdMh9gciudoWzJz2Em9T/TFYsbyDEu3NxkZf2OZ7 7N3c0yVMEZf5zwNpwC5cnjYeH6myng4sa65aCvOlGE1yWat/z4nIhA+Pd z6O/SBlh3M/rA+2+3avWl8uxKxdOYHVP0tbHnrXPS9d7/g221GZmNQzE6 Puc8bePfwwQpXpu51H9WrZrmwT3b68gTJiwdL7VfjYKhYRWcH4fD4Gp61 53vIJAme+XqMgrN+CvsfrKJKBC7veDL6rCpTnG2Q0JbNiTQ0mCXnzjyYJ w==; X-IronPort-AV: E=McAfee;i="6200,9189,10286"; a="256390615" X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="256390615" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:12 -0700 X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="690368455" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:12 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , Jim Mattson , erdemaktas@google.com, Connor Kuehl , Sean Christopherson Subject: [PATCH 1/6] KVM: Enable hardware before doing arch VM initialization Date: Tue, 15 Mar 2022 15:50:05 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Swap the order of hardware_enable_all() and kvm_arch_init_vm() to accommodate Intel's TDX, which needs VMX to be enabled during VM init in order to make SEAMCALLs. This also provides consistent ordering between kvm_create_vm() and kvm_destroy_vm() with respect to calling kvm_arch_destroy_vm() and hardware_disable_all(). Signed-off-by: Sean Christopherson Signed-off-by: Isaku Yamahata --- virt/kvm/kvm_main.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 0afc016cc54d..52f72a366beb 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1105,19 +1105,19 @@ static struct kvm *kvm_create_vm(unsigned long type) rcu_assign_pointer(kvm->buses[i], kzalloc(sizeof(struct kvm_io_bus), GFP_KERNEL_ACCOUNT)); if (!kvm->buses[i]) - goto out_err_no_arch_destroy_vm; + goto out_err_no_disable; } =20 kvm->max_halt_poll_ns =3D halt_poll_ns; =20 - r =3D kvm_arch_init_vm(kvm, type); - if (r) - goto out_err_no_arch_destroy_vm; - r =3D hardware_enable_all(); if (r) goto out_err_no_disable; =20 + r =3D kvm_arch_init_vm(kvm, type); + if (r) + goto out_err_no_arch_destroy_vm; + #ifdef CONFIG_HAVE_KVM_IRQFD INIT_HLIST_HEAD(&kvm->irq_ack_notifier_list); #endif @@ -1145,10 +1145,10 @@ static struct kvm *kvm_create_vm(unsigned long type) mmu_notifier_unregister(&kvm->mmu_notifier, current->mm); #endif out_err_no_mmu_notifier: - hardware_disable_all(); -out_err_no_disable: kvm_arch_destroy_vm(kvm); out_err_no_arch_destroy_vm: + hardware_disable_all(); +out_err_no_disable: WARN_ON_ONCE(!refcount_dec_and_test(&kvm->users_count)); for (i =3D 0; i < KVM_NR_BUSES; i++) kfree(kvm_get_bus(kvm, i)); --=20 2.25.1 From nobody Mon Jun 22 22:43:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DAE14C433F5 for ; Tue, 15 Mar 2022 22:50:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352447AbiCOWvp (ORCPT ); Tue, 15 Mar 2022 18:51:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55466 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242937AbiCOWva (ORCPT ); Tue, 15 Mar 2022 18:51:30 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDDC756C21; Tue, 15 Mar 2022 15:50:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647384615; x=1678920615; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MKuJIkP2ihNKVZwEcaCXmeF/ATkjmpOvCPWlQ7BvSn4=; b=SikXB16abDJRJqKM6CzsRcaw75YKInYy0xsTAUeMzj8ZMFBADo7y4AhJ oMXYRY47NTv1D5gvsX12IguqvW5jMrVN7aZTdsHPmJvl1oDsh9ucqMFIf u/9/2KAgqMZ+Zr1KzyjJmzpivOJcwKnSFATXN0Ajstr152FgB1PyH+G5S evNi574xedACoBvG3ETBBWu/YJj8DybtR4o8hmTUkkjZA/nttVsITRGnW tSeejA3P5KAzE9ZU/hjPL4IODKyL9LL3tmQiy7fSA3rWeyttNEfBdsJQA jXYTdm/dnLv75Xa5KBSAzOLsgxmHBrhJJdE7rKGpN1bSErkXG0HMFj6hs A==; X-IronPort-AV: E=McAfee;i="6200,9189,10286"; a="256390616" X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="256390616" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:12 -0700 X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="690368458" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:12 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , Jim Mattson , erdemaktas@google.com, Connor Kuehl , Sean Christopherson Subject: [PATCH 2/6] KVM: VMX: Move out vmx_x86_ops to 'main.c' to wrap VMX and TDX Date: Tue, 15 Mar 2022 15:50:06 -0700 Message-Id: <7c424735c838762603cca5583ebe7ddfcba0dd71.1647384147.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson KVM accesses Virtual Machine Control Structure (VMCS) with VMX instructions to operate on VM. TDX defines its data structure and TDX SEAMCALL APIs for VMM to operate on Trust Domain (TD) instead. Trust Domain Virtual Processor State (TDVPS) is the root control structure of a TD VCPU. It helps the TDX module control the operation of the VCPU, and holds the VCPU state while the VCPU is not running. TDVPS is opaque to software and DMA access, accessible only by using the TDX module interface functions (such as TDH.VP.RD, TDH.VP.WR ,..). TDVPS includes TD VMCS, and TD VMCS auxiliary structures, such as virtual APIC page, virtualization exception information, etc. TDVPS is composed of Trust Domain Virtual Processor Root (TDVPR) which is the root page of TDVPS and Trust Domain Virtual Processor eXtension (TDVPX) pages which extend TDVPR to help provide enough physical space for the logical TDVPS structure. Also, we have a new structure, Trust Domain Control Structure (TDCS) is the main control structure of a guest TD, and encrypted (using the guest TD's ephemeral private key). At a high level, TDCS holds information for controlling TD operation as a whole, execution, EPTP, MSR bitmaps, etc. KVM needs to set it up. Note that MSR bitmaps are held as part of TDCS (unlike VMX) because they are meant to have the same value for all VCPUs of the same TD. TDCS is a multi-page logical structure composed of multiple Trust Domain Control Extension (TDCX) physical pages. Trust Domain Root (TDR) is the root control structure of a guest TD and is encrypted using the TDX global private key. It holds a minimal set of state variables that enable guest TD control even during times when the TD's private key is not known, or when the TD's key management state does not permit access to memory encrypted using the TD's private key. The following shows the relationship between those structures. TDR--> TDCS per-TD | \--> TDCX \ \--> TDVPS per-TD VCPU \--> TDVPR and TDVPX The existing global struct kvm_x86_ops already defines an interface which fits with TDX. But kvm_x86_ops is system-wide, not per-VM structure. To allow VMX to coexist with TDs, the kvm_x86_ops callbacks will have wrappers "if (tdx) tdx_op() else vmx_op()" to switch VMX or TDX at run time. To split the runtime switch, the VMX implementation, and the TDX implementation, add main.c, and move out the vmx_x86_ops hooks in preparation for adding TDX, which can coexist with VMX, i.e. KVM can run both VMs and TDs. Use 'vt' for the naming scheme as a nod to VT-x and as a concatenation of VmxTdx. The current code looks as follows. In vmx.c static vmx_op() { ... } static struct kvm_x86_ops vmx_x86_ops =3D { .op =3D vmx_op, initialization code The eventually converted code will look like In vmx.c, keep the VMX operations. vmx_op() { ... } VMX initialization In tdx.c, define the TDX operations. tdx_op() { ... } TDX initialization In x86_ops.h, declare the VMX and TDX operations. vmx_op(); tdx_op(); In main.c, define common wrappers for VMX and VMX. static vt_ops() { if (tdx) tdx_ops() else vmx_ops() } static struct kvm_x86_ops vt_x86_ops =3D { .op =3D vt_op, initialization to call VMX and TDX initialization Opportunistically, fix the name inconsistency from vmx_create_vcpu() and vmx_free_vcpu() to vmx_vcpu_create() and vxm_vcpu_free(). Co-developed-by: Xiaoyao Li Signed-off-by: Xiaoyao Li Signed-off-by: Sean Christopherson Signed-off-by: Isaku Yamahata Reviewed-by: Paolo Bonzini --- arch/x86/kvm/Makefile | 2 +- arch/x86/kvm/vmx/main.c | 154 ++++++++++++++++ arch/x86/kvm/vmx/vmx.c | 360 +++++++++++-------------------------- arch/x86/kvm/vmx/x86_ops.h | 126 +++++++++++++ 4 files changed, 385 insertions(+), 257 deletions(-) create mode 100644 arch/x86/kvm/vmx/main.c create mode 100644 arch/x86/kvm/vmx/x86_ops.h diff --git a/arch/x86/kvm/Makefile b/arch/x86/kvm/Makefile index 30f244b64523..ee4d0999f20f 100644 --- a/arch/x86/kvm/Makefile +++ b/arch/x86/kvm/Makefile @@ -22,7 +22,7 @@ kvm-$(CONFIG_X86_64) +=3D mmu/tdp_iter.o mmu/tdp_mmu.o kvm-$(CONFIG_KVM_XEN) +=3D xen.o =20 kvm-intel-y +=3D vmx/vmx.o vmx/vmenter.o vmx/pmu_intel.o vmx/vmcs12.o \ - vmx/evmcs.o vmx/nested.o vmx/posted_intr.o + vmx/evmcs.o vmx/nested.o vmx/posted_intr.o vmx/main.o kvm-intel-$(CONFIG_X86_SGX_KVM) +=3D vmx/sgx.o =20 kvm-amd-y +=3D svm/svm.o svm/vmenter.o svm/pmu.o svm/nested.o svm/avic.o = svm/sev.o diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c new file mode 100644 index 000000000000..b08ea9c42a11 --- /dev/null +++ b/arch/x86/kvm/vmx/main.c @@ -0,0 +1,154 @@ +// SPDX-License-Identifier: GPL-2.0 +#include + +#include "x86_ops.h" +#include "vmx.h" +#include "nested.h" +#include "pmu.h" + +struct kvm_x86_ops vt_x86_ops __initdata =3D { + .name =3D "kvm_intel", + + .hardware_unsetup =3D vmx_hardware_unsetup, + + .hardware_enable =3D vmx_hardware_enable, + .hardware_disable =3D vmx_hardware_disable, + .cpu_has_accelerated_tpr =3D report_flexpriority, + .has_emulated_msr =3D vmx_has_emulated_msr, + + .vm_size =3D sizeof(struct kvm_vmx), + .vm_init =3D vmx_vm_init, + + .vcpu_create =3D vmx_vcpu_create, + .vcpu_free =3D vmx_vcpu_free, + .vcpu_reset =3D vmx_vcpu_reset, + + .prepare_guest_switch =3D vmx_prepare_switch_to_guest, + .vcpu_load =3D vmx_vcpu_load, + .vcpu_put =3D vmx_vcpu_put, + + .update_exception_bitmap =3D vmx_update_exception_bitmap, + .get_msr_feature =3D vmx_get_msr_feature, + .get_msr =3D vmx_get_msr, + .set_msr =3D vmx_set_msr, + .get_segment_base =3D vmx_get_segment_base, + .get_segment =3D vmx_get_segment, + .set_segment =3D vmx_set_segment, + .get_cpl =3D vmx_get_cpl, + .get_cs_db_l_bits =3D vmx_get_cs_db_l_bits, + .set_cr0 =3D vmx_set_cr0, + .is_valid_cr4 =3D vmx_is_valid_cr4, + .set_cr4 =3D vmx_set_cr4, + .set_efer =3D vmx_set_efer, + .get_idt =3D vmx_get_idt, + .set_idt =3D vmx_set_idt, + .get_gdt =3D vmx_get_gdt, + .set_gdt =3D vmx_set_gdt, + .set_dr7 =3D vmx_set_dr7, + .sync_dirty_debug_regs =3D vmx_sync_dirty_debug_regs, + .cache_reg =3D vmx_cache_reg, + .get_rflags =3D vmx_get_rflags, + .set_rflags =3D vmx_set_rflags, + .get_if_flag =3D vmx_get_if_flag, + + .tlb_flush_all =3D vmx_flush_tlb_all, + .tlb_flush_current =3D vmx_flush_tlb_current, + .tlb_flush_gva =3D vmx_flush_tlb_gva, + .tlb_flush_guest =3D vmx_flush_tlb_guest, + + .vcpu_pre_run =3D vmx_vcpu_pre_run, + .run =3D vmx_vcpu_run, + .handle_exit =3D vmx_handle_exit, + .skip_emulated_instruction =3D vmx_skip_emulated_instruction, + .update_emulated_instruction =3D vmx_update_emulated_instruction, + .set_interrupt_shadow =3D vmx_set_interrupt_shadow, + .get_interrupt_shadow =3D vmx_get_interrupt_shadow, + .patch_hypercall =3D vmx_patch_hypercall, + .set_irq =3D vmx_inject_irq, + .set_nmi =3D vmx_inject_nmi, + .queue_exception =3D vmx_queue_exception, + .cancel_injection =3D vmx_cancel_injection, + .interrupt_allowed =3D vmx_interrupt_allowed, + .nmi_allowed =3D vmx_nmi_allowed, + .get_nmi_mask =3D vmx_get_nmi_mask, + .set_nmi_mask =3D vmx_set_nmi_mask, + .enable_nmi_window =3D vmx_enable_nmi_window, + .enable_irq_window =3D vmx_enable_irq_window, + .update_cr8_intercept =3D vmx_update_cr8_intercept, + .set_virtual_apic_mode =3D vmx_set_virtual_apic_mode, + .set_apic_access_page_addr =3D vmx_set_apic_access_page_addr, + .refresh_apicv_exec_ctrl =3D vmx_refresh_apicv_exec_ctrl, + .load_eoi_exitmap =3D vmx_load_eoi_exitmap, + .apicv_post_state_restore =3D vmx_apicv_post_state_restore, + .check_apicv_inhibit_reasons =3D vmx_check_apicv_inhibit_reasons, + .hwapic_irr_update =3D vmx_hwapic_irr_update, + .hwapic_isr_update =3D vmx_hwapic_isr_update, + .guest_apic_has_interrupt =3D vmx_guest_apic_has_interrupt, + .sync_pir_to_irr =3D vmx_sync_pir_to_irr, + .deliver_interrupt =3D vmx_deliver_interrupt, + .dy_apicv_has_pending_interrupt =3D pi_has_pending_interrupt, + + .set_tss_addr =3D vmx_set_tss_addr, + .set_identity_map_addr =3D vmx_set_identity_map_addr, + .get_mt_mask =3D vmx_get_mt_mask, + + .get_exit_info =3D vmx_get_exit_info, + + .vcpu_after_set_cpuid =3D vmx_vcpu_after_set_cpuid, + + .has_wbinvd_exit =3D cpu_has_vmx_wbinvd_exit, + + .get_l2_tsc_offset =3D vmx_get_l2_tsc_offset, + .get_l2_tsc_multiplier =3D vmx_get_l2_tsc_multiplier, + .write_tsc_offset =3D vmx_write_tsc_offset, + .write_tsc_multiplier =3D vmx_write_tsc_multiplier, + + .load_mmu_pgd =3D vmx_load_mmu_pgd, + + .check_intercept =3D vmx_check_intercept, + .handle_exit_irqoff =3D vmx_handle_exit_irqoff, + + .request_immediate_exit =3D vmx_request_immediate_exit, + + .sched_in =3D vmx_sched_in, + + .cpu_dirty_log_size =3D PML_ENTITY_NUM, + .update_cpu_dirty_logging =3D vmx_update_cpu_dirty_logging, + + .pmu_ops =3D &intel_pmu_ops, + .nested_ops =3D &vmx_nested_ops, + + .update_pi_irte =3D pi_update_irte, + .start_assignment =3D vmx_pi_start_assignment, + +#ifdef CONFIG_X86_64 + .set_hv_timer =3D vmx_set_hv_timer, + .cancel_hv_timer =3D vmx_cancel_hv_timer, +#endif + + .setup_mce =3D vmx_setup_mce, + + .smi_allowed =3D vmx_smi_allowed, + .enter_smm =3D vmx_enter_smm, + .leave_smm =3D vmx_leave_smm, + .enable_smi_window =3D vmx_enable_smi_window, + + .can_emulate_instruction =3D vmx_can_emulate_instruction, + .apic_init_signal_blocked =3D vmx_apic_init_signal_blocked, + .migrate_timers =3D vmx_migrate_timers, + + .msr_filter_changed =3D vmx_msr_filter_changed, + .complete_emulated_msr =3D kvm_complete_insn_gp, + + .vcpu_deliver_sipi_vector =3D kvm_vcpu_deliver_sipi_vector, +}; + +struct kvm_x86_init_ops vt_init_ops __initdata =3D { + .cpu_has_kvm_support =3D vmx_cpu_has_kvm_support, + .disabled_by_bios =3D vmx_disabled_by_bios, + .check_processor_compatibility =3D vmx_check_processor_compat, + .hardware_setup =3D vmx_hardware_setup, + .handle_intel_pt_intr =3D NULL, + + .runtime_ops =3D &vt_x86_ops, +}; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index b730d799c26e..f1c44ad712f7 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -66,6 +66,7 @@ #include "vmcs12.h" #include "vmx.h" #include "x86.h" +#include "x86_ops.h" =20 MODULE_AUTHOR("Qumranet"); MODULE_LICENSE("GPL"); @@ -541,7 +542,7 @@ static inline bool cpu_need_virtualize_apic_accesses(st= ruct kvm_vcpu *vcpu) return flexpriority_enabled && lapic_in_kernel(vcpu); } =20 -static inline bool report_flexpriority(void) +bool report_flexpriority(void) { return flexpriority_enabled; } @@ -1309,7 +1310,7 @@ void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cp= u, * Switches to specified vcpu, until a matching vcpu_put(), but assumes * vcpu mutex is already taken. */ -static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) +void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -1320,7 +1321,7 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int = cpu) vmx->host_debugctlmsr =3D get_debugctlmsr(); } =20 -static void vmx_vcpu_put(struct kvm_vcpu *vcpu) +void vmx_vcpu_put(struct kvm_vcpu *vcpu) { vmx_vcpu_pi_put(vcpu); =20 @@ -1374,7 +1375,7 @@ void vmx_set_rflags(struct kvm_vcpu *vcpu, unsigned l= ong rflags) vmx->emulation_required =3D vmx_emulation_required(vcpu); } =20 -static bool vmx_get_if_flag(struct kvm_vcpu *vcpu) +bool vmx_get_if_flag(struct kvm_vcpu *vcpu) { return vmx_get_rflags(vcpu) & X86_EFLAGS_IF; } @@ -1480,8 +1481,8 @@ static int vmx_rtit_ctl_check(struct kvm_vcpu *vcpu, = u64 data) return 0; } =20 -static bool vmx_can_emulate_instruction(struct kvm_vcpu *vcpu, int emul_ty= pe, - void *insn, int insn_len) +bool vmx_can_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type, + void *insn, int insn_len) { /* * Emulation of instructions in SGX enclaves is impossible as RIP does @@ -1565,7 +1566,7 @@ static int skip_emulated_instruction(struct kvm_vcpu = *vcpu) * Recognizes a pending MTF VM-exit and records the nested state for later * delivery. */ -static void vmx_update_emulated_instruction(struct kvm_vcpu *vcpu) +void vmx_update_emulated_instruction(struct kvm_vcpu *vcpu) { struct vmcs12 *vmcs12 =3D get_vmcs12(vcpu); struct vcpu_vmx *vmx =3D to_vmx(vcpu); @@ -1588,7 +1589,7 @@ static void vmx_update_emulated_instruction(struct kv= m_vcpu *vcpu) vmx->nested.mtf_pending =3D false; } =20 -static int vmx_skip_emulated_instruction(struct kvm_vcpu *vcpu) +int vmx_skip_emulated_instruction(struct kvm_vcpu *vcpu) { vmx_update_emulated_instruction(vcpu); return skip_emulated_instruction(vcpu); @@ -1607,7 +1608,7 @@ static void vmx_clear_hlt(struct kvm_vcpu *vcpu) vmcs_write32(GUEST_ACTIVITY_STATE, GUEST_ACTIVITY_ACTIVE); } =20 -static void vmx_queue_exception(struct kvm_vcpu *vcpu) +void vmx_queue_exception(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); unsigned nr =3D vcpu->arch.exception.nr; @@ -1720,12 +1721,12 @@ u64 vmx_get_l2_tsc_multiplier(struct kvm_vcpu *vcpu) return kvm_default_tsc_scaling_ratio; } =20 -static void vmx_write_tsc_offset(struct kvm_vcpu *vcpu, u64 offset) +void vmx_write_tsc_offset(struct kvm_vcpu *vcpu, u64 offset) { vmcs_write64(TSC_OFFSET, offset); } =20 -static void vmx_write_tsc_multiplier(struct kvm_vcpu *vcpu, u64 multiplier) +void vmx_write_tsc_multiplier(struct kvm_vcpu *vcpu, u64 multiplier) { vmcs_write64(TSC_MULTIPLIER, multiplier); } @@ -1749,7 +1750,7 @@ static inline bool vmx_feature_control_msr_valid(stru= ct kvm_vcpu *vcpu, return !(val & ~valid_bits); } =20 -static int vmx_get_msr_feature(struct kvm_msr_entry *msr) +int vmx_get_msr_feature(struct kvm_msr_entry *msr) { switch (msr->index) { case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC: @@ -1769,7 +1770,7 @@ static int vmx_get_msr_feature(struct kvm_msr_entry *= msr) * Returns 0 on success, non-0 otherwise. * Assumes vcpu_load() was already called. */ -static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); struct vmx_uret_msr *msr; @@ -1947,7 +1948,7 @@ static u64 vcpu_supported_debugctl(struct kvm_vcpu *v= cpu) * Returns 0 on success, non-0 otherwise. * Assumes vcpu_load() was already called. */ -static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); struct vmx_uret_msr *msr; @@ -2260,7 +2261,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) return ret; } =20 -static void vmx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg) +void vmx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg) { unsigned long guest_owned_bits; =20 @@ -2303,12 +2304,12 @@ static void vmx_cache_reg(struct kvm_vcpu *vcpu, en= um kvm_reg reg) } } =20 -static __init int cpu_has_kvm_support(void) +__init int vmx_cpu_has_kvm_support(void) { return cpu_has_vmx(); } =20 -static __init int vmx_disabled_by_bios(void) +__init int vmx_disabled_by_bios(void) { return !boot_cpu_has(X86_FEATURE_MSR_IA32_FEAT_CTL) || !boot_cpu_has(X86_FEATURE_VMX); @@ -2334,7 +2335,7 @@ static int kvm_cpu_vmxon(u64 vmxon_pointer) return -EFAULT; } =20 -static int hardware_enable(void) +int vmx_hardware_enable(void) { int cpu =3D raw_smp_processor_id(); u64 phys_addr =3D __pa(per_cpu(vmxarea, cpu)); @@ -2375,7 +2376,7 @@ static void vmclear_local_loaded_vmcss(void) __loaded_vmcs_clear(v); } =20 -static void hardware_disable(void) +void vmx_hardware_disable(void) { vmclear_local_loaded_vmcss(); =20 @@ -2917,7 +2918,7 @@ static void exit_lmode(struct kvm_vcpu *vcpu) =20 #endif =20 -static void vmx_flush_tlb_all(struct kvm_vcpu *vcpu) +void vmx_flush_tlb_all(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -2947,7 +2948,7 @@ static inline int vmx_get_current_vpid(struct kvm_vcp= u *vcpu) return to_vmx(vcpu)->vpid; } =20 -static void vmx_flush_tlb_current(struct kvm_vcpu *vcpu) +void vmx_flush_tlb_current(struct kvm_vcpu *vcpu) { struct kvm_mmu *mmu =3D vcpu->arch.mmu; u64 root_hpa =3D mmu->root_hpa; @@ -2963,7 +2964,7 @@ static void vmx_flush_tlb_current(struct kvm_vcpu *vc= pu) vpid_sync_context(vmx_get_current_vpid(vcpu)); } =20 -static void vmx_flush_tlb_gva(struct kvm_vcpu *vcpu, gva_t addr) +void vmx_flush_tlb_gva(struct kvm_vcpu *vcpu, gva_t addr) { /* * vpid_sync_vcpu_addr() is a nop if vpid=3D=3D0, see the comment in @@ -2972,7 +2973,7 @@ static void vmx_flush_tlb_gva(struct kvm_vcpu *vcpu, = gva_t addr) vpid_sync_vcpu_addr(vmx_get_current_vpid(vcpu), addr); } =20 -static void vmx_flush_tlb_guest(struct kvm_vcpu *vcpu) +void vmx_flush_tlb_guest(struct kvm_vcpu *vcpu) { /* * vpid_sync_context() is a nop if vpid=3D=3D0, e.g. if enable_vpid=3D=3D= 0 or a @@ -3127,8 +3128,7 @@ u64 construct_eptp(struct kvm_vcpu *vcpu, hpa_t root_= hpa, int root_level) return eptp; } =20 -static void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, - int root_level) +void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_leve= l) { struct kvm *kvm =3D vcpu->kvm; bool update_guest_cr3 =3D true; @@ -3156,8 +3156,7 @@ static void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, h= pa_t root_hpa, vmcs_writel(GUEST_CR3, guest_cr3); } =20 - -static bool vmx_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) +bool vmx_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) { /* * We operate under the default treatment of SMM, so VMX cannot be @@ -3273,7 +3272,7 @@ void vmx_get_segment(struct kvm_vcpu *vcpu, struct kv= m_segment *var, int seg) var->g =3D (ar >> 15) & 1; } =20 -static u64 vmx_get_segment_base(struct kvm_vcpu *vcpu, int seg) +u64 vmx_get_segment_base(struct kvm_vcpu *vcpu, int seg) { struct kvm_segment s; =20 @@ -3353,14 +3352,14 @@ void __vmx_set_segment(struct kvm_vcpu *vcpu, struc= t kvm_segment *var, int seg) vmcs_write32(sf->ar_bytes, vmx_segment_access_rights(var)); } =20 -static void vmx_set_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var= , int seg) +void vmx_set_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int s= eg) { __vmx_set_segment(vcpu, var, seg); =20 to_vmx(vcpu)->emulation_required =3D vmx_emulation_required(vcpu); } =20 -static void vmx_get_cs_db_l_bits(struct kvm_vcpu *vcpu, int *db, int *l) +void vmx_get_cs_db_l_bits(struct kvm_vcpu *vcpu, int *db, int *l) { u32 ar =3D vmx_read_guest_seg_ar(to_vmx(vcpu), VCPU_SREG_CS); =20 @@ -3368,25 +3367,25 @@ static void vmx_get_cs_db_l_bits(struct kvm_vcpu *v= cpu, int *db, int *l) *l =3D (ar >> 13) & 1; } =20 -static void vmx_get_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) +void vmx_get_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) { dt->size =3D vmcs_read32(GUEST_IDTR_LIMIT); dt->address =3D vmcs_readl(GUEST_IDTR_BASE); } =20 -static void vmx_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) +void vmx_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) { vmcs_write32(GUEST_IDTR_LIMIT, dt->size); vmcs_writel(GUEST_IDTR_BASE, dt->address); } =20 -static void vmx_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) +void vmx_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) { dt->size =3D vmcs_read32(GUEST_GDTR_LIMIT); dt->address =3D vmcs_readl(GUEST_GDTR_BASE); } =20 -static void vmx_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) +void vmx_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) { vmcs_write32(GUEST_GDTR_LIMIT, dt->size); vmcs_writel(GUEST_GDTR_BASE, dt->address); @@ -3882,7 +3881,7 @@ void pt_update_intercept_for_msr(struct kvm_vcpu *vcp= u) } } =20 -static bool vmx_guest_apic_has_interrupt(struct kvm_vcpu *vcpu) +bool vmx_guest_apic_has_interrupt(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); void *vapic_page; @@ -3902,7 +3901,7 @@ static bool vmx_guest_apic_has_interrupt(struct kvm_v= cpu *vcpu) return ((rvi & 0xf0) > (vppr & 0xf0)); } =20 -static void vmx_msr_filter_changed(struct kvm_vcpu *vcpu) +void vmx_msr_filter_changed(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); u32 i; @@ -4034,8 +4033,8 @@ static int vmx_deliver_posted_interrupt(struct kvm_vc= pu *vcpu, int vector) return 0; } =20 -static void vmx_deliver_interrupt(struct kvm_lapic *apic, int delivery_mod= e, - int trig_mode, int vector) +void vmx_deliver_interrupt(struct kvm_lapic *apic, int delivery_mode, + int trig_mode, int vector) { struct kvm_vcpu *vcpu =3D apic->vcpu; =20 @@ -4178,7 +4177,7 @@ static u32 vmx_vmexit_ctrl(void) ~(VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL | VM_EXIT_LOAD_IA32_EFER); } =20 -static void vmx_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu) +void vmx_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -4501,7 +4500,7 @@ static void __vmx_vcpu_reset(struct kvm_vcpu *vcpu) vmx->pi_desc.sn =3D 1; } =20 -static void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) +void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -4558,12 +4557,12 @@ static void vmx_vcpu_reset(struct kvm_vcpu *vcpu, b= ool init_event) vpid_sync_context(vmx->vpid); } =20 -static void vmx_enable_irq_window(struct kvm_vcpu *vcpu) +void vmx_enable_irq_window(struct kvm_vcpu *vcpu) { exec_controls_setbit(to_vmx(vcpu), CPU_BASED_INTR_WINDOW_EXITING); } =20 -static void vmx_enable_nmi_window(struct kvm_vcpu *vcpu) +void vmx_enable_nmi_window(struct kvm_vcpu *vcpu) { if (!enable_vnmi || vmcs_read32(GUEST_INTERRUPTIBILITY_INFO) & GUEST_INTR_STATE_STI) { @@ -4574,7 +4573,7 @@ static void vmx_enable_nmi_window(struct kvm_vcpu *vc= pu) exec_controls_setbit(to_vmx(vcpu), CPU_BASED_NMI_WINDOW_EXITING); } =20 -static void vmx_inject_irq(struct kvm_vcpu *vcpu) +void vmx_inject_irq(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); uint32_t intr; @@ -4602,7 +4601,7 @@ static void vmx_inject_irq(struct kvm_vcpu *vcpu) vmx_clear_hlt(vcpu); } =20 -static void vmx_inject_nmi(struct kvm_vcpu *vcpu) +void vmx_inject_nmi(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -4680,7 +4679,7 @@ bool vmx_nmi_blocked(struct kvm_vcpu *vcpu) GUEST_INTR_STATE_NMI)); } =20 -static int vmx_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection) +int vmx_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection) { if (to_vmx(vcpu)->nested.nested_run_pending) return -EBUSY; @@ -4702,7 +4701,7 @@ bool vmx_interrupt_blocked(struct kvm_vcpu *vcpu) (GUEST_INTR_STATE_STI | GUEST_INTR_STATE_MOV_SS)); } =20 -static int vmx_interrupt_allowed(struct kvm_vcpu *vcpu, bool for_injection) +int vmx_interrupt_allowed(struct kvm_vcpu *vcpu, bool for_injection) { if (to_vmx(vcpu)->nested.nested_run_pending) return -EBUSY; @@ -4717,7 +4716,7 @@ static int vmx_interrupt_allowed(struct kvm_vcpu *vcp= u, bool for_injection) return !vmx_interrupt_blocked(vcpu); } =20 -static int vmx_set_tss_addr(struct kvm *kvm, unsigned int addr) +int vmx_set_tss_addr(struct kvm *kvm, unsigned int addr) { void __user *ret; =20 @@ -4737,7 +4736,7 @@ static int vmx_set_tss_addr(struct kvm *kvm, unsigned= int addr) return init_rmode_tss(kvm, ret); } =20 -static int vmx_set_identity_map_addr(struct kvm *kvm, u64 ident_addr) +int vmx_set_identity_map_addr(struct kvm *kvm, u64 ident_addr) { to_kvm_vmx(kvm)->ept_identity_map_addr =3D ident_addr; return 0; @@ -5016,8 +5015,7 @@ static int handle_io(struct kvm_vcpu *vcpu) return kvm_fast_pio(vcpu, size, port, in); } =20 -static void -vmx_patch_hypercall(struct kvm_vcpu *vcpu, unsigned char *hypercall) +void vmx_patch_hypercall(struct kvm_vcpu *vcpu, unsigned char *hypercall) { /* * Patch in the VMCALL instruction: @@ -5227,7 +5225,7 @@ static int handle_dr(struct kvm_vcpu *vcpu) return kvm_complete_insn_gp(vcpu, err); } =20 -static void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu) +void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu) { get_debugreg(vcpu->arch.db[0], 0); get_debugreg(vcpu->arch.db[1], 1); @@ -5246,7 +5244,7 @@ static void vmx_sync_dirty_debug_regs(struct kvm_vcpu= *vcpu) set_debugreg(DR6_RESERVED, 6); } =20 -static void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val) +void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val) { vmcs_writel(GUEST_DR7, val); } @@ -5512,7 +5510,7 @@ static int handle_invalid_guest_state(struct kvm_vcpu= *vcpu) return 1; } =20 -static int vmx_vcpu_pre_run(struct kvm_vcpu *vcpu) +int vmx_vcpu_pre_run(struct kvm_vcpu *vcpu) { if (vmx_emulation_required_with_pending_exception(vcpu)) { kvm_prepare_emulation_failure_exit(vcpu); @@ -5749,9 +5747,8 @@ static int (*kvm_vmx_exit_handlers[])(struct kvm_vcpu= *vcpu) =3D { static const int kvm_vmx_max_exit_handlers =3D ARRAY_SIZE(kvm_vmx_exit_handlers); =20 -static void vmx_get_exit_info(struct kvm_vcpu *vcpu, u32 *reason, - u64 *info1, u64 *info2, - u32 *intr_info, u32 *error_code) +void vmx_get_exit_info(struct kvm_vcpu *vcpu, u32 *reason, + u64 *info1, u64 *info2, u32 *intr_info, u32 *error_code) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -6184,7 +6181,7 @@ static int __vmx_handle_exit(struct kvm_vcpu *vcpu, f= astpath_t exit_fastpath) return 0; } =20 -static int vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) +int vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) { int ret =3D __vmx_handle_exit(vcpu, exit_fastpath); =20 @@ -6272,7 +6269,7 @@ static noinstr void vmx_l1d_flush(struct kvm_vcpu *vc= pu) : "eax", "ebx", "ecx", "edx"); } =20 -static void vmx_update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int i= rr) +void vmx_update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr) { struct vmcs12 *vmcs12 =3D get_vmcs12(vcpu); int tpr_threshold; @@ -6342,7 +6339,7 @@ void vmx_set_virtual_apic_mode(struct kvm_vcpu *vcpu) vmx_update_msr_bitmap_x2apic(vcpu); } =20 -static void vmx_set_apic_access_page_addr(struct kvm_vcpu *vcpu) +void vmx_set_apic_access_page_addr(struct kvm_vcpu *vcpu) { struct page *page; =20 @@ -6370,7 +6367,7 @@ static void vmx_set_apic_access_page_addr(struct kvm_= vcpu *vcpu) put_page(page); } =20 -static void vmx_hwapic_isr_update(struct kvm_vcpu *vcpu, int max_isr) +void vmx_hwapic_isr_update(struct kvm_vcpu *vcpu, int max_isr) { u16 status; u8 old; @@ -6404,7 +6401,7 @@ static void vmx_set_rvi(int vector) } } =20 -static void vmx_hwapic_irr_update(struct kvm_vcpu *vcpu, int max_irr) +void vmx_hwapic_irr_update(struct kvm_vcpu *vcpu, int max_irr) { /* * When running L2, updating RVI is only relevant when @@ -6418,7 +6415,7 @@ static void vmx_hwapic_irr_update(struct kvm_vcpu *vc= pu, int max_irr) vmx_set_rvi(max_irr); } =20 -static int vmx_sync_pir_to_irr(struct kvm_vcpu *vcpu) +int vmx_sync_pir_to_irr(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); int max_irr; @@ -6464,7 +6461,7 @@ static int vmx_sync_pir_to_irr(struct kvm_vcpu *vcpu) return max_irr; } =20 -static void vmx_load_eoi_exitmap(struct kvm_vcpu *vcpu, u64 *eoi_exit_bitm= ap) +void vmx_load_eoi_exitmap(struct kvm_vcpu *vcpu, u64 *eoi_exit_bitmap) { if (!kvm_vcpu_apicv_active(vcpu)) return; @@ -6475,7 +6472,7 @@ static void vmx_load_eoi_exitmap(struct kvm_vcpu *vcp= u, u64 *eoi_exit_bitmap) vmcs_write64(EOI_EXIT_BITMAP3, eoi_exit_bitmap[3]); } =20 -static void vmx_apicv_post_state_restore(struct kvm_vcpu *vcpu) +void vmx_apicv_post_state_restore(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -6547,7 +6544,7 @@ static void handle_external_interrupt_irqoff(struct k= vm_vcpu *vcpu) handle_interrupt_nmi_irqoff(vcpu, gate_offset(desc)); } =20 -static void vmx_handle_exit_irqoff(struct kvm_vcpu *vcpu) +void vmx_handle_exit_irqoff(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -6564,7 +6561,7 @@ static void vmx_handle_exit_irqoff(struct kvm_vcpu *v= cpu) * The kvm parameter can be NULL (module initialization, or invocation bef= ore * VM creation). Be sure to check the kvm parameter before using it. */ -static bool vmx_has_emulated_msr(struct kvm *kvm, u32 index) +bool vmx_has_emulated_msr(struct kvm *kvm, u32 index) { switch (index) { case MSR_IA32_SMBASE: @@ -6685,7 +6682,7 @@ static void vmx_complete_interrupts(struct vcpu_vmx *= vmx) IDT_VECTORING_ERROR_CODE); } =20 -static void vmx_cancel_injection(struct kvm_vcpu *vcpu) +void vmx_cancel_injection(struct kvm_vcpu *vcpu) { __vmx_complete_interrupts(vcpu, vmcs_read32(VM_ENTRY_INTR_INFO_FIELD), @@ -6781,7 +6778,7 @@ static noinstr void vmx_vcpu_enter_exit(struct kvm_vc= pu *vcpu, guest_state_exit_irqoff(); } =20 -static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu) +fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); unsigned long cr3, cr4; @@ -6975,7 +6972,7 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu) return vmx_exit_handlers_fastpath(vcpu); } =20 -static void vmx_free_vcpu(struct kvm_vcpu *vcpu) +void vmx_vcpu_free(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -6986,7 +6983,7 @@ static void vmx_free_vcpu(struct kvm_vcpu *vcpu) free_loaded_vmcs(vmx->loaded_vmcs); } =20 -static int vmx_create_vcpu(struct kvm_vcpu *vcpu) +int vmx_vcpu_create(struct kvm_vcpu *vcpu) { struct vmx_uret_msr *tsx_ctrl; struct vcpu_vmx *vmx; @@ -7091,7 +7088,7 @@ static int vmx_create_vcpu(struct kvm_vcpu *vcpu) #define L1TF_MSG_SMT "L1TF CPU bug present and SMT on, data leak possible.= See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/h= w-vuln/l1tf.html for details.\n" #define L1TF_MSG_L1D "L1TF CPU bug present and virtualization mitigation d= isabled, data leak possible. See CVE-2018-3646 and https://www.kernel.org/d= oc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" =20 -static int vmx_vm_init(struct kvm *kvm) +int vmx_vm_init(struct kvm *kvm) { if (!ple_gap) kvm->arch.pause_in_guest =3D true; @@ -7122,7 +7119,7 @@ static int vmx_vm_init(struct kvm *kvm) return 0; } =20 -static int __init vmx_check_processor_compat(void) +int __init vmx_check_processor_compat(void) { struct vmcs_config vmcs_conf; struct vmx_capability vmx_cap; @@ -7145,7 +7142,7 @@ static int __init vmx_check_processor_compat(void) return 0; } =20 -static u64 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio) +u64 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio) { u8 cache; =20 @@ -7334,7 +7331,7 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) vmx->pt_desc.ctl_bitmask &=3D ~(0xfULL << (32 + i * 4)); } =20 -static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) +void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -7439,7 +7436,7 @@ static __init void vmx_set_cpu_caps(void) kvm_cpu_cap_check_and_set(X86_FEATURE_WAITPKG); } =20 -static void vmx_request_immediate_exit(struct kvm_vcpu *vcpu) +void vmx_request_immediate_exit(struct kvm_vcpu *vcpu) { to_vmx(vcpu)->req_immediate_exit =3D true; } @@ -7478,10 +7475,10 @@ static int vmx_check_intercept_io(struct kvm_vcpu *= vcpu, return intercept ? X86EMUL_UNHANDLEABLE : X86EMUL_CONTINUE; } =20 -static int vmx_check_intercept(struct kvm_vcpu *vcpu, - struct x86_instruction_info *info, - enum x86_intercept_stage stage, - struct x86_exception *exception) +int vmx_check_intercept(struct kvm_vcpu *vcpu, + struct x86_instruction_info *info, + enum x86_intercept_stage stage, + struct x86_exception *exception) { struct vmcs12 *vmcs12 =3D get_vmcs12(vcpu); =20 @@ -7546,8 +7543,8 @@ static inline int u64_shl_div_u64(u64 a, unsigned int= shift, return 0; } =20 -static int vmx_set_hv_timer(struct kvm_vcpu *vcpu, u64 guest_deadline_tsc, - bool *expired) +int vmx_set_hv_timer(struct kvm_vcpu *vcpu, u64 guest_deadline_tsc, + bool *expired) { struct vcpu_vmx *vmx; u64 tscl, guest_tscl, delta_tsc, lapic_timer_advance_cycles; @@ -7586,13 +7583,13 @@ static int vmx_set_hv_timer(struct kvm_vcpu *vcpu, = u64 guest_deadline_tsc, return 0; } =20 -static void vmx_cancel_hv_timer(struct kvm_vcpu *vcpu) +void vmx_cancel_hv_timer(struct kvm_vcpu *vcpu) { to_vmx(vcpu)->hv_deadline_tsc =3D -1; } #endif =20 -static void vmx_sched_in(struct kvm_vcpu *vcpu, int cpu) +void vmx_sched_in(struct kvm_vcpu *vcpu, int cpu) { if (!kvm_pause_in_guest(vcpu->kvm)) shrink_ple_window(vcpu); @@ -7618,7 +7615,7 @@ void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vc= pu) secondary_exec_controls_clearbit(vmx, SECONDARY_EXEC_ENABLE_PML); } =20 -static void vmx_setup_mce(struct kvm_vcpu *vcpu) +void vmx_setup_mce(struct kvm_vcpu *vcpu) { if (vcpu->arch.mcg_cap & MCG_LMCE_P) to_vmx(vcpu)->msr_ia32_feature_control_valid_bits |=3D @@ -7628,7 +7625,7 @@ static void vmx_setup_mce(struct kvm_vcpu *vcpu) ~FEAT_CTL_LMCE_ENABLED; } =20 -static int vmx_smi_allowed(struct kvm_vcpu *vcpu, bool for_injection) +int vmx_smi_allowed(struct kvm_vcpu *vcpu, bool for_injection) { /* we need a nested vmexit to enter SMM, postpone if run is pending */ if (to_vmx(vcpu)->nested.nested_run_pending) @@ -7636,7 +7633,7 @@ static int vmx_smi_allowed(struct kvm_vcpu *vcpu, boo= l for_injection) return !is_smm(vcpu); } =20 -static int vmx_enter_smm(struct kvm_vcpu *vcpu, char *smstate) +int vmx_enter_smm(struct kvm_vcpu *vcpu, char *smstate) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -7650,7 +7647,7 @@ static int vmx_enter_smm(struct kvm_vcpu *vcpu, char = *smstate) return 0; } =20 -static int vmx_leave_smm(struct kvm_vcpu *vcpu, const char *smstate) +int vmx_leave_smm(struct kvm_vcpu *vcpu, const char *smstate) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); int ret; @@ -7671,17 +7668,17 @@ static int vmx_leave_smm(struct kvm_vcpu *vcpu, con= st char *smstate) return 0; } =20 -static void vmx_enable_smi_window(struct kvm_vcpu *vcpu) +void vmx_enable_smi_window(struct kvm_vcpu *vcpu) { /* RSM will cause a vmexit anyway. */ } =20 -static bool vmx_apic_init_signal_blocked(struct kvm_vcpu *vcpu) +bool vmx_apic_init_signal_blocked(struct kvm_vcpu *vcpu) { return to_vmx(vcpu)->nested.vmxon && !is_guest_mode(vcpu); } =20 -static void vmx_migrate_timers(struct kvm_vcpu *vcpu) +void vmx_migrate_timers(struct kvm_vcpu *vcpu) { if (is_guest_mode(vcpu)) { struct hrtimer *timer =3D &to_vmx(vcpu)->nested.preemption_timer; @@ -7691,7 +7688,7 @@ static void vmx_migrate_timers(struct kvm_vcpu *vcpu) } } =20 -static void hardware_unsetup(void) +void vmx_hardware_unsetup(void) { kvm_set_posted_intr_wakeup_handler(NULL); =20 @@ -7701,7 +7698,7 @@ static void hardware_unsetup(void) free_kvm_area(); } =20 -static bool vmx_check_apicv_inhibit_reasons(ulong bit) +bool vmx_check_apicv_inhibit_reasons(ulong bit) { ulong supported =3D BIT(APICV_INHIBIT_REASON_DISABLE) | BIT(APICV_INHIBIT_REASON_ABSENT) | @@ -7711,143 +7708,6 @@ static bool vmx_check_apicv_inhibit_reasons(ulong b= it) return supported & BIT(bit); } =20 -static struct kvm_x86_ops vmx_x86_ops __initdata =3D { - .name =3D "kvm_intel", - - .hardware_unsetup =3D hardware_unsetup, - - .hardware_enable =3D hardware_enable, - .hardware_disable =3D hardware_disable, - .cpu_has_accelerated_tpr =3D report_flexpriority, - .has_emulated_msr =3D vmx_has_emulated_msr, - - .vm_size =3D sizeof(struct kvm_vmx), - .vm_init =3D vmx_vm_init, - - .vcpu_create =3D vmx_create_vcpu, - .vcpu_free =3D vmx_free_vcpu, - .vcpu_reset =3D vmx_vcpu_reset, - - .prepare_guest_switch =3D vmx_prepare_switch_to_guest, - .vcpu_load =3D vmx_vcpu_load, - .vcpu_put =3D vmx_vcpu_put, - - .update_exception_bitmap =3D vmx_update_exception_bitmap, - .get_msr_feature =3D vmx_get_msr_feature, - .get_msr =3D vmx_get_msr, - .set_msr =3D vmx_set_msr, - .get_segment_base =3D vmx_get_segment_base, - .get_segment =3D vmx_get_segment, - .set_segment =3D vmx_set_segment, - .get_cpl =3D vmx_get_cpl, - .get_cs_db_l_bits =3D vmx_get_cs_db_l_bits, - .set_cr0 =3D vmx_set_cr0, - .is_valid_cr4 =3D vmx_is_valid_cr4, - .set_cr4 =3D vmx_set_cr4, - .set_efer =3D vmx_set_efer, - .get_idt =3D vmx_get_idt, - .set_idt =3D vmx_set_idt, - .get_gdt =3D vmx_get_gdt, - .set_gdt =3D vmx_set_gdt, - .set_dr7 =3D vmx_set_dr7, - .sync_dirty_debug_regs =3D vmx_sync_dirty_debug_regs, - .cache_reg =3D vmx_cache_reg, - .get_rflags =3D vmx_get_rflags, - .set_rflags =3D vmx_set_rflags, - .get_if_flag =3D vmx_get_if_flag, - - .tlb_flush_all =3D vmx_flush_tlb_all, - .tlb_flush_current =3D vmx_flush_tlb_current, - .tlb_flush_gva =3D vmx_flush_tlb_gva, - .tlb_flush_guest =3D vmx_flush_tlb_guest, - - .vcpu_pre_run =3D vmx_vcpu_pre_run, - .run =3D vmx_vcpu_run, - .handle_exit =3D vmx_handle_exit, - .skip_emulated_instruction =3D vmx_skip_emulated_instruction, - .update_emulated_instruction =3D vmx_update_emulated_instruction, - .set_interrupt_shadow =3D vmx_set_interrupt_shadow, - .get_interrupt_shadow =3D vmx_get_interrupt_shadow, - .patch_hypercall =3D vmx_patch_hypercall, - .set_irq =3D vmx_inject_irq, - .set_nmi =3D vmx_inject_nmi, - .queue_exception =3D vmx_queue_exception, - .cancel_injection =3D vmx_cancel_injection, - .interrupt_allowed =3D vmx_interrupt_allowed, - .nmi_allowed =3D vmx_nmi_allowed, - .get_nmi_mask =3D vmx_get_nmi_mask, - .set_nmi_mask =3D vmx_set_nmi_mask, - .enable_nmi_window =3D vmx_enable_nmi_window, - .enable_irq_window =3D vmx_enable_irq_window, - .update_cr8_intercept =3D vmx_update_cr8_intercept, - .set_virtual_apic_mode =3D vmx_set_virtual_apic_mode, - .set_apic_access_page_addr =3D vmx_set_apic_access_page_addr, - .refresh_apicv_exec_ctrl =3D vmx_refresh_apicv_exec_ctrl, - .load_eoi_exitmap =3D vmx_load_eoi_exitmap, - .apicv_post_state_restore =3D vmx_apicv_post_state_restore, - .check_apicv_inhibit_reasons =3D vmx_check_apicv_inhibit_reasons, - .hwapic_irr_update =3D vmx_hwapic_irr_update, - .hwapic_isr_update =3D vmx_hwapic_isr_update, - .guest_apic_has_interrupt =3D vmx_guest_apic_has_interrupt, - .sync_pir_to_irr =3D vmx_sync_pir_to_irr, - .deliver_interrupt =3D vmx_deliver_interrupt, - .dy_apicv_has_pending_interrupt =3D pi_has_pending_interrupt, - - .set_tss_addr =3D vmx_set_tss_addr, - .set_identity_map_addr =3D vmx_set_identity_map_addr, - .get_mt_mask =3D vmx_get_mt_mask, - - .get_exit_info =3D vmx_get_exit_info, - - .vcpu_after_set_cpuid =3D vmx_vcpu_after_set_cpuid, - - .has_wbinvd_exit =3D cpu_has_vmx_wbinvd_exit, - - .get_l2_tsc_offset =3D vmx_get_l2_tsc_offset, - .get_l2_tsc_multiplier =3D vmx_get_l2_tsc_multiplier, - .write_tsc_offset =3D vmx_write_tsc_offset, - .write_tsc_multiplier =3D vmx_write_tsc_multiplier, - - .load_mmu_pgd =3D vmx_load_mmu_pgd, - - .check_intercept =3D vmx_check_intercept, - .handle_exit_irqoff =3D vmx_handle_exit_irqoff, - - .request_immediate_exit =3D vmx_request_immediate_exit, - - .sched_in =3D vmx_sched_in, - - .cpu_dirty_log_size =3D PML_ENTITY_NUM, - .update_cpu_dirty_logging =3D vmx_update_cpu_dirty_logging, - - .pmu_ops =3D &intel_pmu_ops, - .nested_ops =3D &vmx_nested_ops, - - .update_pi_irte =3D pi_update_irte, - .start_assignment =3D vmx_pi_start_assignment, - -#ifdef CONFIG_X86_64 - .set_hv_timer =3D vmx_set_hv_timer, - .cancel_hv_timer =3D vmx_cancel_hv_timer, -#endif - - .setup_mce =3D vmx_setup_mce, - - .smi_allowed =3D vmx_smi_allowed, - .enter_smm =3D vmx_enter_smm, - .leave_smm =3D vmx_leave_smm, - .enable_smi_window =3D vmx_enable_smi_window, - - .can_emulate_instruction =3D vmx_can_emulate_instruction, - .apic_init_signal_blocked =3D vmx_apic_init_signal_blocked, - .migrate_timers =3D vmx_migrate_timers, - - .msr_filter_changed =3D vmx_msr_filter_changed, - .complete_emulated_msr =3D kvm_complete_insn_gp, - - .vcpu_deliver_sipi_vector =3D kvm_vcpu_deliver_sipi_vector, -}; - static unsigned int vmx_handle_intel_pt_intr(void) { struct kvm_vcpu *vcpu =3D kvm_get_running_vcpu(); @@ -7888,9 +7748,7 @@ static __init void vmx_setup_user_return_msrs(void) kvm_add_user_return_msr(vmx_uret_msrs_list[i]); } =20 -static struct kvm_x86_init_ops vmx_init_ops __initdata; - -static __init int hardware_setup(void) +__init int vmx_hardware_setup(void) { unsigned long host_bndcfgs; struct desc_ptr dt; @@ -7950,16 +7808,16 @@ static __init int hardware_setup(void) * using the APIC_ACCESS_ADDR VMCS field. */ if (!flexpriority_enabled) - vmx_x86_ops.set_apic_access_page_addr =3D NULL; + vt_x86_ops.set_apic_access_page_addr =3D NULL; =20 if (!cpu_has_vmx_tpr_shadow()) - vmx_x86_ops.update_cr8_intercept =3D NULL; + vt_x86_ops.update_cr8_intercept =3D NULL; =20 #if IS_ENABLED(CONFIG_HYPERV) if (ms_hyperv.nested_features & HV_X64_NESTED_GUEST_MAPPING_FLUSH && enable_ept) { - vmx_x86_ops.tlb_remote_flush =3D hv_remote_flush_tlb; - vmx_x86_ops.tlb_remote_flush_with_range =3D + vt_x86_ops.tlb_remote_flush =3D hv_remote_flush_tlb; + vt_x86_ops.tlb_remote_flush_with_range =3D hv_remote_flush_tlb_with_range; } #endif @@ -7975,7 +7833,7 @@ static __init int hardware_setup(void) if (!cpu_has_vmx_apicv()) enable_apicv =3D 0; if (!enable_apicv) - vmx_x86_ops.sync_pir_to_irr =3D NULL; + vt_x86_ops.sync_pir_to_irr =3D NULL; =20 if (cpu_has_vmx_tsc_scaling()) { kvm_has_tsc_control =3D true; @@ -8002,7 +7860,7 @@ static __init int hardware_setup(void) enable_pml =3D 0; =20 if (!enable_pml) - vmx_x86_ops.cpu_dirty_log_size =3D 0; + vt_x86_ops.cpu_dirty_log_size =3D 0; =20 if (!cpu_has_vmx_preemption_timer()) enable_preemption_timer =3D false; @@ -8029,9 +7887,9 @@ static __init int hardware_setup(void) } =20 if (!enable_preemption_timer) { - vmx_x86_ops.set_hv_timer =3D NULL; - vmx_x86_ops.cancel_hv_timer =3D NULL; - vmx_x86_ops.request_immediate_exit =3D __kvm_request_immediate_exit; + vt_x86_ops.set_hv_timer =3D NULL; + vt_x86_ops.cancel_hv_timer =3D NULL; + vt_x86_ops.request_immediate_exit =3D __kvm_request_immediate_exit; } =20 kvm_mce_cap_supported |=3D MCG_LMCE_P; @@ -8041,9 +7899,9 @@ static __init int hardware_setup(void) if (!enable_ept || !cpu_has_vmx_intel_pt()) pt_mode =3D PT_MODE_SYSTEM; if (pt_mode =3D=3D PT_MODE_HOST_GUEST) - vmx_init_ops.handle_intel_pt_intr =3D vmx_handle_intel_pt_intr; + vt_init_ops.handle_intel_pt_intr =3D vmx_handle_intel_pt_intr; else - vmx_init_ops.handle_intel_pt_intr =3D NULL; + vt_init_ops.handle_intel_pt_intr =3D NULL; =20 setup_default_sgx_lepubkeyhash(); =20 @@ -8067,16 +7925,6 @@ static __init int hardware_setup(void) return r; } =20 -static struct kvm_x86_init_ops vmx_init_ops __initdata =3D { - .cpu_has_kvm_support =3D cpu_has_kvm_support, - .disabled_by_bios =3D vmx_disabled_by_bios, - .check_processor_compatibility =3D vmx_check_processor_compat, - .hardware_setup =3D hardware_setup, - .handle_intel_pt_intr =3D NULL, - - .runtime_ops =3D &vmx_x86_ops, -}; - static void vmx_cleanup_l1d_flush(void) { if (vmx_l1d_flush_pages) { @@ -8155,7 +8003,7 @@ static int __init vmx_init(void) } =20 if (ms_hyperv.nested_features & HV_X64_NESTED_DIRECT_FLUSH) - vmx_x86_ops.enable_direct_tlbflush + vt_x86_ops.enable_direct_tlbflush =3D hv_enable_direct_tlbflush; =20 } else { @@ -8163,8 +8011,8 @@ static int __init vmx_init(void) } #endif =20 - r =3D kvm_init(&vmx_init_ops, sizeof(struct vcpu_vmx), - __alignof__(struct vcpu_vmx), THIS_MODULE); + r =3D kvm_init(&vt_init_ops, sizeof(struct vcpu_vmx), + __alignof__(struct vcpu_vmx), THIS_MODULE); if (r) return r; =20 diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h new file mode 100644 index 000000000000..40c64fb1f505 --- /dev/null +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -0,0 +1,126 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __KVM_X86_VMX_X86_OPS_H +#define __KVM_X86_VMX_X86_OPS_H + +#include + +#include + +#include "x86.h" + +extern struct kvm_x86_init_ops vt_init_ops __initdata; + +__init int vmx_cpu_has_kvm_support(void); +__init int vmx_disabled_by_bios(void); +int __init vmx_check_processor_compat(void); +__init int vmx_hardware_setup(void); + +extern struct kvm_x86_ops vt_x86_ops __initdata; +extern struct kvm_x86_init_ops vt_init_ops __initdata; + +void vmx_hardware_unsetup(void); +int vmx_hardware_enable(void); +void vmx_hardware_disable(void); +bool report_flexpriority(void); +int vmx_vm_init(struct kvm *kvm); +int vmx_vcpu_create(struct kvm_vcpu *vcpu); +int vmx_vcpu_pre_run(struct kvm_vcpu *vcpu); +fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu); +void vmx_vcpu_free(struct kvm_vcpu *vcpu); +void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event); +void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu); +void vmx_vcpu_put(struct kvm_vcpu *vcpu); +int vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath); +void vmx_handle_exit_irqoff(struct kvm_vcpu *vcpu); +int vmx_skip_emulated_instruction(struct kvm_vcpu *vcpu); +void vmx_update_emulated_instruction(struct kvm_vcpu *vcpu); +int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info); +int vmx_smi_allowed(struct kvm_vcpu *vcpu, bool for_injection); +int vmx_enter_smm(struct kvm_vcpu *vcpu, char *smstate); +int vmx_leave_smm(struct kvm_vcpu *vcpu, const char *smstate); +void vmx_enable_smi_window(struct kvm_vcpu *vcpu); +bool vmx_can_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type, + void *insn, int insn_len); +int vmx_check_intercept(struct kvm_vcpu *vcpu, + struct x86_instruction_info *info, + enum x86_intercept_stage stage, + struct x86_exception *exception); +bool vmx_apic_init_signal_blocked(struct kvm_vcpu *vcpu); +void vmx_migrate_timers(struct kvm_vcpu *vcpu); +void vmx_set_virtual_apic_mode(struct kvm_vcpu *vcpu); +void vmx_apicv_post_state_restore(struct kvm_vcpu *vcpu); +bool vmx_check_apicv_inhibit_reasons(ulong bit); +void vmx_hwapic_irr_update(struct kvm_vcpu *vcpu, int max_irr); +void vmx_hwapic_isr_update(struct kvm_vcpu *vcpu, int max_isr); +bool vmx_guest_apic_has_interrupt(struct kvm_vcpu *vcpu); +int vmx_sync_pir_to_irr(struct kvm_vcpu *vcpu); +void vmx_deliver_interrupt(struct kvm_lapic *apic, int delivery_mode, + int trig_mode, int vector); +void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu); +bool vmx_has_emulated_msr(struct kvm *kvm, u32 index); +void vmx_msr_filter_changed(struct kvm_vcpu *vcpu); +void vmx_prepare_switch_to_guest(struct kvm_vcpu *vcpu); +void vmx_update_exception_bitmap(struct kvm_vcpu *vcpu); +int vmx_get_msr_feature(struct kvm_msr_entry *msr); +int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info); +u64 vmx_get_segment_base(struct kvm_vcpu *vcpu, int seg); +void vmx_get_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int s= eg); +void vmx_set_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int s= eg); +int vmx_get_cpl(struct kvm_vcpu *vcpu); +void vmx_get_cs_db_l_bits(struct kvm_vcpu *vcpu, int *db, int *l); +void vmx_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0); +void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_leve= l); +void vmx_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4); +bool vmx_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4); +int vmx_set_efer(struct kvm_vcpu *vcpu, u64 efer); +void vmx_get_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt); +void vmx_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt); +void vmx_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt); +void vmx_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt); +void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val); +void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu); +void vmx_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg); +unsigned long vmx_get_rflags(struct kvm_vcpu *vcpu); +void vmx_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags); +bool vmx_get_if_flag(struct kvm_vcpu *vcpu); +void vmx_flush_tlb_all(struct kvm_vcpu *vcpu); +void vmx_flush_tlb_current(struct kvm_vcpu *vcpu); +void vmx_flush_tlb_gva(struct kvm_vcpu *vcpu, gva_t addr); +void vmx_flush_tlb_guest(struct kvm_vcpu *vcpu); +void vmx_set_interrupt_shadow(struct kvm_vcpu *vcpu, int mask); +u32 vmx_get_interrupt_shadow(struct kvm_vcpu *vcpu); +void vmx_patch_hypercall(struct kvm_vcpu *vcpu, unsigned char *hypercall); +void vmx_inject_irq(struct kvm_vcpu *vcpu); +void vmx_inject_nmi(struct kvm_vcpu *vcpu); +void vmx_queue_exception(struct kvm_vcpu *vcpu); +void vmx_cancel_injection(struct kvm_vcpu *vcpu); +int vmx_interrupt_allowed(struct kvm_vcpu *vcpu, bool for_injection); +int vmx_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection); +bool vmx_get_nmi_mask(struct kvm_vcpu *vcpu); +void vmx_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked); +void vmx_enable_nmi_window(struct kvm_vcpu *vcpu); +void vmx_enable_irq_window(struct kvm_vcpu *vcpu); +void vmx_update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr); +void vmx_set_apic_access_page_addr(struct kvm_vcpu *vcpu); +void vmx_refresh_apicv_exec_ctrl(struct kvm_vcpu *vcpu); +void vmx_load_eoi_exitmap(struct kvm_vcpu *vcpu, u64 *eoi_exit_bitmap); +int vmx_set_tss_addr(struct kvm *kvm, unsigned int addr); +int vmx_set_identity_map_addr(struct kvm *kvm, u64 ident_addr); +u64 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio); +void vmx_get_exit_info(struct kvm_vcpu *vcpu, u32 *reason, + u64 *info1, u64 *info2, u32 *intr_info, u32 *error_code); +u64 vmx_get_l2_tsc_offset(struct kvm_vcpu *vcpu); +u64 vmx_get_l2_tsc_multiplier(struct kvm_vcpu *vcpu); +void vmx_write_tsc_offset(struct kvm_vcpu *vcpu, u64 offset); +void vmx_write_tsc_multiplier(struct kvm_vcpu *vcpu, u64 multiplier); +void vmx_request_immediate_exit(struct kvm_vcpu *vcpu); +void vmx_sched_in(struct kvm_vcpu *vcpu, int cpu); +void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcpu); +#ifdef CONFIG_X86_64 +int vmx_set_hv_timer(struct kvm_vcpu *vcpu, u64 guest_deadline_tsc, + bool *expired); +void vmx_cancel_hv_timer(struct kvm_vcpu *vcpu); +#endif +void vmx_setup_mce(struct kvm_vcpu *vcpu); + +#endif /* __KVM_X86_VMX_X86_OPS_H */ --=20 2.25.1 From nobody Mon Jun 22 22:43:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7434C433EF for ; Tue, 15 Mar 2022 22:50:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352406AbiCOWve (ORCPT ); Tue, 15 Mar 2022 18:51:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55294 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S243678AbiCOWv2 (ORCPT ); Tue, 15 Mar 2022 18:51:28 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 18E2C5D1A2; Tue, 15 Mar 2022 15:50:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647384616; x=1678920616; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=DcYwzhG3BAwKMmOKfVqm6mROgZ/YXgBVRreQCgMf4e4=; b=mcxReMi3TBrKxXGKeREvHU7go2IIqu3VKcNO2ibLy4VuByIS2ZjHUcAa 2GTOWMcX1YNaaHoQNSD+mOExO/UrT8s40WFuOUDQt4J026a9il93og8li Ij7NPHEeW/i0zYZV+5pw9XXY268CSSGWvZhTgbbrg83e8+OlJT8LYsZ1M zQuxilBvCmCXlUgZvElHtUpkz9SWcWe4GchfbIZjv+1iQgxfCJUjFCuUN yOggmVau9MTGFUfrIQqAy0IraXrvqPhsqazY8rHQuVQ+ionc4LhDi65ab vhgYxRrj2GuUkxfqhYFWWGSaJuyEs9jY9xmoABjyUDH7zTzvqneWyfRb/ Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10286"; a="256390617" X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="256390617" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:12 -0700 X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="690368461" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:12 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , Jim Mattson , erdemaktas@google.com, Connor Kuehl , Sean Christopherson Subject: [PATCH 3/6] KVM: x86: Refactor KVM VMX module init/exit functions Date: Tue, 15 Mar 2022 15:50:07 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata Currently, KVM VMX module initialization/exit functions are a single function each. Refactor KVM VMX module initialization functions into KVM common part and VMX part so that TDX specific part can be added cleanly. Opportunistically refactor module exit function as well. The current module initialization flow is, 1.) calculate the sizes of VMX kvm structure and VMX vcpu structure, 2.) hyper-v specific initialization 3.) report those sizes to the KVM common layer and KVM common initialization, and 4.) VMX specific system-wide initialization. Refactor the KVM VMX module initialization function into functions with a wrapper function to separate VMX logic in vmx.c from a file, main.c, common among VMX and TDX. We have a wrapper function, "vt_init() {vmx kvm/vcpu size calculation; hv_vp_assist_page_init(); kvm_init(); vmx_init(); }" in main.c, and hv_vp_assist_page_init() and vmx_init() in vmx.c. hv_vp_assist_page_init() initializes hyper-v specific assist pages, kvm_init() does system-wide initialization of the KVM common layer, and vmx_init() does system-wide VMX initialization. The KVM architecture common layer allocates struct kvm with reported size for architecture-specific code. The KVM VMX module defines its structure as struct vmx_kvm { struct kvm; VMX specific members;} and uses it as struct vmx kvm. Similar for vcpu structure. TDX KVM patches will define TDX specific kvm and vcpu structures. The current module exit function is also a single function, a combination of VMX specific logic and common KVM logic. Refactor it into VMX specific logic and KVM common logic. This is just refactoring to keep the VMX specific logic in vmx.c from main.c. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/main.c | 37 +++++++++++++++ arch/x86/kvm/vmx/vmx.c | 94 ++++++++++++++++++-------------------- arch/x86/kvm/vmx/x86_ops.h | 5 +- 3 files changed, 86 insertions(+), 50 deletions(-) diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index b08ea9c42a11..8b50427f404b 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -152,3 +152,40 @@ struct kvm_x86_init_ops vt_init_ops __initdata =3D { =20 .runtime_ops =3D &vt_x86_ops, }; + +static int __init vt_init(void) +{ + unsigned int vcpu_size, vcpu_align; + int r; + + vt_x86_ops.vm_size =3D sizeof(struct kvm_vmx); + vcpu_size =3D sizeof(struct vcpu_vmx); + vcpu_align =3D __alignof__(struct vcpu_vmx); + + hv_vp_assist_page_init(); + + r =3D kvm_init(&vt_init_ops, vcpu_size, vcpu_align, THIS_MODULE); + if (r) + goto err_vmx_post_exit; + + r =3D vmx_init(); + if (r) + goto err_kvm_exit; + + return 0; + +err_kvm_exit: + kvm_exit(); +err_vmx_post_exit: + hv_vp_assist_page_exit(); + return r; +} +module_init(vt_init); + +static void vt_exit(void) +{ + vmx_exit(); + kvm_exit(); + hv_vp_assist_page_exit(); +} +module_exit(vt_exit); diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f1c44ad712f7..538b91380c06 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7935,48 +7935,8 @@ static void vmx_cleanup_l1d_flush(void) l1tf_vmx_mitigation =3D VMENTER_L1D_FLUSH_AUTO; } =20 -static void vmx_exit(void) +void __init hv_vp_assist_page_init(void) { -#ifdef CONFIG_KEXEC_CORE - RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); - synchronize_rcu(); -#endif - - kvm_exit(); - -#if IS_ENABLED(CONFIG_HYPERV) - if (static_branch_unlikely(&enable_evmcs)) { - int cpu; - struct hv_vp_assist_page *vp_ap; - /* - * Reset everything to support using non-enlightened VMCS - * access later (e.g. when we reload the module with - * enlightened_vmcs=3D0) - */ - for_each_online_cpu(cpu) { - vp_ap =3D hv_get_vp_assist_page(cpu); - - if (!vp_ap) - continue; - - vp_ap->nested_control.features.directhypercall =3D 0; - vp_ap->current_nested_vmcs =3D 0; - vp_ap->enlighten_vmentry =3D 0; - } - - static_branch_disable(&enable_evmcs); - } -#endif - vmx_cleanup_l1d_flush(); - - allow_smaller_maxphyaddr =3D false; -} -module_exit(vmx_exit); - -static int __init vmx_init(void) -{ - int r, cpu; - #if IS_ENABLED(CONFIG_HYPERV) /* * Enlightened VMCS usage should be recommended and the host needs @@ -8010,11 +7970,38 @@ static int __init vmx_init(void) enlightened_vmcs =3D false; } #endif +} =20 - r =3D kvm_init(&vt_init_ops, sizeof(struct vcpu_vmx), - __alignof__(struct vcpu_vmx), THIS_MODULE); - if (r) - return r; +void hv_vp_assist_page_exit(void) +{ +#if IS_ENABLED(CONFIG_HYPERV) + if (static_branch_unlikely(&enable_evmcs)) { + int cpu; + struct hv_vp_assist_page *vp_ap; + /* + * Reset everything to support using non-enlightened VMCS + * access later (e.g. when we reload the module with + * enlightened_vmcs=3D0) + */ + for_each_online_cpu(cpu) { + vp_ap =3D hv_get_vp_assist_page(cpu); + + if (!vp_ap) + continue; + + vp_ap->nested_control.features.directhypercall =3D 0; + vp_ap->current_nested_vmcs =3D 0; + vp_ap->enlighten_vmentry =3D 0; + } + + static_branch_disable(&enable_evmcs); + } +#endif +} + +int __init vmx_init(void) +{ + int r, cpu; =20 /* * Must be called after kvm_init() so enable_ept is properly set @@ -8024,10 +8011,8 @@ static int __init vmx_init(void) * mitigation mode. */ r =3D vmx_setup_l1d_flush(vmentry_l1d_flush_param); - if (r) { - vmx_exit(); + if (r) return r; - } =20 for_each_possible_cpu(cpu) { INIT_LIST_HEAD(&per_cpu(loaded_vmcss_on_cpu, cpu)); @@ -8051,4 +8036,15 @@ static int __init vmx_init(void) =20 return 0; } -module_init(vmx_init); + +void vmx_exit(void) +{ +#ifdef CONFIG_KEXEC_CORE + RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); + synchronize_rcu(); +#endif + + vmx_cleanup_l1d_flush(); + + allow_smaller_maxphyaddr =3D false; +} diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 40c64fb1f505..74465c3d3c5f 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -8,7 +8,10 @@ =20 #include "x86.h" =20 -extern struct kvm_x86_init_ops vt_init_ops __initdata; +void __init hv_vp_assist_page_init(void); +void hv_vp_assist_page_exit(void); +int __init vmx_init(void); +void vmx_exit(void); =20 __init int vmx_cpu_has_kvm_support(void); __init int vmx_disabled_by_bios(void); --=20 2.25.1 From nobody Mon Jun 22 22:43:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B888CC4332F for ; Tue, 15 Mar 2022 22:50:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352427AbiCOWvj (ORCPT ); Tue, 15 Mar 2022 18:51:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352349AbiCOWva (ORCPT ); Tue, 15 Mar 2022 18:51:30 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 17EC05D1A8; Tue, 15 Mar 2022 15:50:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647384617; x=1678920617; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=G6wU/34ck5dJazez1GHKSlKvkf4t7Zi1Bj8Q+6SFQoU=; b=HPKxEcz+0U1ekqEJstP25LQJd4yNUy0+JrbilK3jfFrymXny6fugTQHU Bh1R2T7++2J6PRHnUa0zi/51+/ip0LlVChCpx/0etacYpJIDvQxvVj3r+ VPILEG0qItGsLOKiCSyMOUH6DqOc10Qdejz0J8CobaH3e19/pYkzuGH8E FYKKoFVJLjYeBLaQwuoMxZfrvc7mCNt3kct6PYRrkMZdVN2ij/m7gn6PQ umqvx2BwEQ+tkqry57T/ubQncySxKjaB117/p3VbYcGgwVIzxxLscap7I UB1bez1/43j+gh68P2ZnMKCDUV6fE45aPnOk5kSwRSdz65vBdR143eKKa g==; X-IronPort-AV: E=McAfee;i="6200,9189,10286"; a="256390618" X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="256390618" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:13 -0700 X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="690368465" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:12 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , Jim Mattson , erdemaktas@google.com, Connor Kuehl , Sean Christopherson Subject: [PATCH 4/6] KVM: TDX: Add placeholders for TDX VM/vcpu structure Date: Tue, 15 Mar 2022 15:50:08 -0700 Message-Id: <64b2878c69db959ea3b4f9e01e59a9af716d81f2.1647384148.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata Add placeholders TDX VM/vcpu structure that overlays with VMX VM/vcpu structures. Initialize VM structure size and vcpu size/align so that x86 KVM common code knows those size irrespective of VMX or TDX. Those structures will be populated as guest creation logic develops. Add helper functions to check if the VM is guest TD and add conversion functions between KVM VM/VCPU and TDX VM/VCPU. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/main.c | 8 +++--- arch/x86/kvm/vmx/tdx.h | 54 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 3 deletions(-) create mode 100644 arch/x86/kvm/vmx/tdx.h diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 8b50427f404b..7acbb317caa8 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -5,6 +5,7 @@ #include "vmx.h" #include "nested.h" #include "pmu.h" +#include "tdx.h" =20 struct kvm_x86_ops vt_x86_ops __initdata =3D { .name =3D "kvm_intel", @@ -158,9 +159,10 @@ static int __init vt_init(void) unsigned int vcpu_size, vcpu_align; int r; =20 - vt_x86_ops.vm_size =3D sizeof(struct kvm_vmx); - vcpu_size =3D sizeof(struct vcpu_vmx); - vcpu_align =3D __alignof__(struct vcpu_vmx); + vt_x86_ops.vm_size =3D max(sizeof(struct kvm_vmx), sizeof(struct kvm_tdx)= ); + vcpu_size =3D max(sizeof(struct vcpu_vmx), sizeof(struct vcpu_tdx)); + vcpu_align =3D max(__alignof__(struct vcpu_vmx), + __alignof__(struct vcpu_tdx)); =20 hv_vp_assist_page_init(); =20 diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h new file mode 100644 index 000000000000..060bf48ec3d6 --- /dev/null +++ b/arch/x86/kvm/vmx/tdx.h @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __KVM_X86_TDX_H +#define __KVM_X86_TDX_H + +#ifdef CONFIG_INTEL_TDX_HOST +struct kvm_tdx { + struct kvm kvm; + /* TDX specific members follow. */ +}; + +struct vcpu_tdx { + struct kvm_vcpu vcpu; + /* TDX specific members follow. */ +}; + +static inline bool is_td(struct kvm *kvm) +{ + /* + * TDX VM type isn't defined yet. + * return kvm->arch.vm_type =3D=3D KVM_X86_TDX_VM; + */ + return false; +} + +static inline bool is_td_vcpu(struct kvm_vcpu *vcpu) +{ + return is_td(vcpu->kvm); +} + +static inline struct kvm_tdx *to_kvm_tdx(struct kvm *kvm) +{ + return container_of(kvm, struct kvm_tdx, kvm); +} + +static inline struct vcpu_tdx *to_tdx(struct kvm_vcpu *vcpu) +{ + return container_of(vcpu, struct vcpu_tdx, vcpu); +} +#else +struct kvm_tdx { + struct kvm kvm; +}; + +struct vcpu_tdx { + struct kvm_vcpu vcpu; +}; + +static inline bool is_td(struct kvm *kvm) { return false; } +static inline bool is_td_vcpu(struct kvm_vcpu *vcpu) { return false; } +static inline struct kvm_tdx *to_kvm_tdx(struct kvm *kvm) { return NULL; } +static inline struct vcpu_tdx *to_tdx(struct kvm_vcpu *vcpu) { return NULL= ; } +#endif /* CONFIG_INTEL_TDX_HOST */ + +#endif /* __KVM_X86_TDX_H */ --=20 2.25.1 From nobody Mon Jun 22 22:43:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 275A7C433F5 for ; Tue, 15 Mar 2022 22:50:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352441AbiCOWvn (ORCPT ); Tue, 15 Mar 2022 18:51:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55432 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352377AbiCOWva (ORCPT ); Tue, 15 Mar 2022 18:51:30 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 449A45D1B8; Tue, 15 Mar 2022 15:50:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647384617; x=1678920617; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=PgaT9mB9xoUvv8y7xzREbtfBG6Jfb2pjJN0zDMM4jLg=; b=gytEoER/S/10e5Upu1O5gBxTJMNBpOhtbyR17u//H7YpNLcD4IbGwET3 5nr3NB4uXNfwMiv4oXPVJ00NF17E0hd//9psPiOPc7a9qjdix76GnWw2i /IH7MOPpvqOaDEKDvU45tkRGuMiMLMoZJBKafY/7/z20jnZ86OIynJfHC ZhGgVn8xiS4/BCyOT9hKhH+3gdIQB4XIuhsL5SqBqA+vYhUAFMC4u28oY 53/0qzd4tAj5UGahgI//n8FxtCH7VkzFZ1wFPMFIuXFJwRwlxsYi1+4zh 7W5WZ+SJImkNFJzlALOMTBzJUWL5+EXiZjSXq4gWvCBLgY8xlWzc5qIou Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10286"; a="256390619" X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="256390619" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:13 -0700 X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="690368468" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:13 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , Jim Mattson , erdemaktas@google.com, Connor Kuehl , Sean Christopherson Subject: [PATCH 5/6] KVM: x86: Introduce vm_type to differentiate default VMs from confidential VMs Date: Tue, 15 Mar 2022 15:50:09 -0700 Message-Id: <9780952e0c91eb6a7eb5a1ec1b8850ee38338785.1647384148.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Unlike default VMs, confidential VMs (Intel TDX and AMD SEV-ES) don't allow some operations (e.g., memory read/write, register state access, etc). Introduce vm_type to track the type of the VM to x86 KVM. Other arch KVMs already use vm_type, KVM_INIT_VM accepts vm_type, and x86 KVM callback vm_init accepts vm_type. So follow them. Further, a different policy can be made based on vm_type. Define KVM_X86_DEFAULT_VM for default VM as default and define KVM_X86_TDX_VM for Intel TDX VM. The wrapper function will be defined as "bool is_td(kvm) { return vm_type =3D=3D VM_TYPE_TDX; }" Add a capability KVM_CAP_VM_TYPES to effectively allow device model, e.g. qemu, to query what VM types are supported by KVM. This (introduce a new capability and add vm_type) is chosen to align with other arch KVMs that have VM types already. Other arch KVMs uses different name to query supported vm types and there is no common name for it, so new name was introduced. Co-developed-by: Xiaoyao Li Signed-off-by: Xiaoyao Li Signed-off-by: Sean Christopherson Signed-off-by: Isaku Yamahata Reviewed-by: Paolo Bonzini --- Documentation/virt/kvm/api.rst | 15 +++++++++++++++ arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/include/uapi/asm/kvm.h | 3 +++ arch/x86/kvm/svm/svm.c | 6 ++++++ arch/x86/kvm/vmx/main.c | 1 + arch/x86/kvm/vmx/tdx.h | 6 +----- arch/x86/kvm/vmx/vmx.c | 5 +++++ arch/x86/kvm/vmx/x86_ops.h | 1 + arch/x86/kvm/x86.c | 9 ++++++++- include/uapi/linux/kvm.h | 1 + tools/arch/x86/include/uapi/asm/kvm.h | 3 +++ tools/include/uapi/linux/kvm.h | 1 + 13 files changed, 48 insertions(+), 6 deletions(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 9f3172376ec3..b1e142719ec0 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -147,15 +147,30 @@ described as 'basic' will be available. The new VM has no virtual cpus and no memory. You probably want to use 0 as machine type. =20 +X86: +^^^^ + +Supported vm type can be queried from KVM_CAP_VM_TYPES, which returns the +bitmap of supported vm types. The 1-setting of bit @n means vm type with +value @n is supported. + +S390: +^^^^^ + In order to create user controlled virtual machines on S390, check KVM_CAP_S390_UCONTROL and use the flag KVM_VM_S390_UCONTROL as privileged user (CAP_SYS_ADMIN). =20 +MIPS: +^^^^^ + To use hardware assisted virtualization on MIPS (VZ ASE) rather than the default trap & emulate implementation (which changes the virtual memory layout to fit in user mode), check KVM_CAP_MIPS_VZ and use the flag KVM_VM_MIPS_VZ. =20 +ARM64: +^^^^^^ =20 On arm64, the physical address size for a VM (IPA Size limit) is limited to 40bits by default. The limit can be configured if the host supports the diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index d39e0de06be2..8125d43d3566 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -18,6 +18,7 @@ KVM_X86_OP_NULL(hardware_unsetup) KVM_X86_OP_NULL(cpu_has_accelerated_tpr) KVM_X86_OP(has_emulated_msr) KVM_X86_OP(vcpu_after_set_cpuid) +KVM_X86_OP(is_vm_type_supported) KVM_X86_OP(vm_init) KVM_X86_OP_NULL(vm_destroy) KVM_X86_OP(vcpu_create) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index ec9830d2aabf..f1d2f21a8c87 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1047,6 +1047,7 @@ struct kvm_x86_msr_filter { #define APICV_INHIBIT_REASON_ABSENT 7 =20 struct kvm_arch { + unsigned long vm_type; unsigned long n_used_mmu_pages; unsigned long n_requested_mmu_pages; unsigned long n_max_mmu_pages; @@ -1321,6 +1322,7 @@ struct kvm_x86_ops { bool (*has_emulated_msr)(struct kvm *kvm, u32 index); void (*vcpu_after_set_cpuid)(struct kvm_vcpu *vcpu); =20 + bool (*is_vm_type_supported)(unsigned long vm_type); unsigned int vm_size; int (*vm_init)(struct kvm *kvm); void (*vm_destroy)(struct kvm *kvm); diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kv= m.h index bf6e96011dfe..71a5851475e7 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -525,4 +525,7 @@ struct kvm_pmu_event_filter { #define KVM_VCPU_TSC_CTRL 0 /* control group for the timestamp counter (TS= C) */ #define KVM_VCPU_TSC_OFFSET 0 /* attribute for the TSC offset */ =20 +#define KVM_X86_DEFAULT_VM 0 +#define KVM_X86_TDX_VM 1 + #endif /* _ASM_X86_KVM_H */ diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index fd3a00c892c7..778075b71dc3 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4512,6 +4512,11 @@ static void svm_vm_destroy(struct kvm *kvm) sev_vm_destroy(kvm); } =20 +static bool svm_is_vm_type_supported(unsigned long type) +{ + return type =3D=3D KVM_X86_DEFAULT_VM; +} + static int svm_vm_init(struct kvm *kvm) { if (!pause_filter_count || !pause_filter_thresh) @@ -4539,6 +4544,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .vcpu_free =3D svm_free_vcpu, .vcpu_reset =3D svm_vcpu_reset, =20 + .is_vm_type_supported =3D svm_is_vm_type_supported, .vm_size =3D sizeof(struct kvm_svm), .vm_init =3D svm_vm_init, .vm_destroy =3D svm_vm_destroy, diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 7acbb317caa8..459087fcf7b7 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -17,6 +17,7 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .cpu_has_accelerated_tpr =3D report_flexpriority, .has_emulated_msr =3D vmx_has_emulated_msr, =20 + .is_vm_type_supported =3D vmx_is_vm_type_supported, .vm_size =3D sizeof(struct kvm_vmx), .vm_init =3D vmx_vm_init, =20 diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h index 060bf48ec3d6..473013265bd8 100644 --- a/arch/x86/kvm/vmx/tdx.h +++ b/arch/x86/kvm/vmx/tdx.h @@ -15,11 +15,7 @@ struct vcpu_tdx { =20 static inline bool is_td(struct kvm *kvm) { - /* - * TDX VM type isn't defined yet. - * return kvm->arch.vm_type =3D=3D KVM_X86_TDX_VM; - */ - return false; + return kvm->arch.vm_type =3D=3D KVM_X86_TDX_VM; } =20 static inline bool is_td_vcpu(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 538b91380c06..191e653355dd 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7085,6 +7085,11 @@ int vmx_vcpu_create(struct kvm_vcpu *vcpu) return err; } =20 +bool vmx_is_vm_type_supported(unsigned long type) +{ + return type =3D=3D KVM_X86_DEFAULT_VM; +} + #define L1TF_MSG_SMT "L1TF CPU bug present and SMT on, data leak possible.= See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/h= w-vuln/l1tf.html for details.\n" #define L1TF_MSG_L1D "L1TF CPU bug present and virtualization mitigation d= isabled, data leak possible. See CVE-2018-3646 and https://www.kernel.org/d= oc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" =20 diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 74465c3d3c5f..e0a4c6438c88 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -25,6 +25,7 @@ void vmx_hardware_unsetup(void); int vmx_hardware_enable(void); void vmx_hardware_disable(void); bool report_flexpriority(void); +bool vmx_is_vm_type_supported(unsigned long type); int vmx_vm_init(struct kvm *kvm); int vmx_vcpu_create(struct kvm_vcpu *vcpu); int vmx_vcpu_pre_run(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index eb4029660bd9..fcd250c4647c 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4344,6 +4344,11 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, lo= ng ext) r =3D sizeof(struct kvm_xsave); break; } + case KVM_CAP_VM_TYPES: + r =3D BIT(KVM_X86_DEFAULT_VM); + if (static_call(kvm_x86_is_vm_type_supported)(KVM_X86_TDX_VM)) + r |=3D BIT(KVM_X86_TDX_VM); + break; default: break; } @@ -11584,9 +11589,11 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned lon= g type) int ret; unsigned long flags; =20 - if (type) + if (!static_call(kvm_x86_is_vm_type_supported)(type)) return -EINVAL; =20 + kvm->arch.vm_type =3D type; + ret =3D kvm_page_track_init(kvm); if (ret) return ret; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 507ee1f2aa96..1a99d0aae852 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1135,6 +1135,7 @@ struct kvm_ppc_resize_hpt { #define KVM_CAP_XSAVE2 208 #define KVM_CAP_SYS_ATTRIBUTES 209 #define KVM_CAP_PPC_AIL_MODE_3 210 +#define KVM_CAP_VM_TYPES 211 =20 #ifdef KVM_CAP_IRQ_ROUTING =20 diff --git a/tools/arch/x86/include/uapi/asm/kvm.h b/tools/arch/x86/include= /uapi/asm/kvm.h index bf6e96011dfe..71a5851475e7 100644 --- a/tools/arch/x86/include/uapi/asm/kvm.h +++ b/tools/arch/x86/include/uapi/asm/kvm.h @@ -525,4 +525,7 @@ struct kvm_pmu_event_filter { #define KVM_VCPU_TSC_CTRL 0 /* control group for the timestamp counter (TS= C) */ #define KVM_VCPU_TSC_OFFSET 0 /* attribute for the TSC offset */ =20 +#define KVM_X86_DEFAULT_VM 0 +#define KVM_X86_TDX_VM 1 + #endif /* _ASM_X86_KVM_H */ diff --git a/tools/include/uapi/linux/kvm.h b/tools/include/uapi/linux/kvm.h index 507ee1f2aa96..1a99d0aae852 100644 --- a/tools/include/uapi/linux/kvm.h +++ b/tools/include/uapi/linux/kvm.h @@ -1135,6 +1135,7 @@ struct kvm_ppc_resize_hpt { #define KVM_CAP_XSAVE2 208 #define KVM_CAP_SYS_ATTRIBUTES 209 #define KVM_CAP_PPC_AIL_MODE_3 210 +#define KVM_CAP_VM_TYPES 211 =20 #ifdef KVM_CAP_IRQ_ROUTING =20 --=20 2.25.1 From nobody Mon Jun 22 22:43:28 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29E74C433EF for ; Tue, 15 Mar 2022 22:50:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352451AbiCOWvu (ORCPT ); Tue, 15 Mar 2022 18:51:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55484 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352393AbiCOWvb (ORCPT ); Tue, 15 Mar 2022 18:51:31 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D5A05D1A2; Tue, 15 Mar 2022 15:50:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1647384618; x=1678920618; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=AoL+AQKyb3WLrBNANBB4c8DGr0XOP5pxqBpjs6Zn37k=; b=OoBFAhblftbHGfQ88LcYHUWNVM0yrOoFFMpHa3+abHvgnuiYr2WNOYxe CkM7Az3p1R6oX3Hxs2nsEeZcfGrWQ5ocSM8njQWAyYi3IPsTKi1v/xSEl p5Z/2hxPUzS8l2y6Q1EbmB221eCXXpABfZiqt2H3l/RUOl2CPN4t7pjmB bY8yFIdBazHfvBRdWXs9nSrfM68ZPVa2ky1TWa5Xco0aBIigj6pcPOLJY HnHLM4EidL0CBIx7UF3rpyPWV65aQVlyu4u0wFxm1vXhAhz5NvlXEHP/B XKA1iM9iM4aSsp8bnYg1jMNzR1RKUOZ8Y3dLldo5C44rO29+/mBgSkD/E w==; X-IronPort-AV: E=McAfee;i="6200,9189,10286"; a="256390620" X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="256390620" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:13 -0700 X-IronPort-AV: E=Sophos;i="5.90,185,1643702400"; d="scan'208";a="690368472" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Mar 2022 15:50:13 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , Jim Mattson , erdemaktas@google.com, Connor Kuehl , Sean Christopherson Subject: [PATCH 6/6] KVM: TDX: Make TDX VM type supported Date: Tue, 15 Mar 2022 15:50:10 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata As first step TDX VM support, return that TDX VM type supported to device model, e.g. qemu. The callback to create guest TD is vm_init callback for KVM_CREATE_VM. Add a place holder function and call a function to initialize TDX module on demand because in that callback VMX is enabled by hardware_enable callback (vmx_hardware_enable). Although guest TD isn't functional at this point, it's possible for KVM developer to exercise (partially implemented) TDX KVM code. Introduce X86_TDX_KVM_EXPERIMENTAL to allow TDX KVM code to be exercised. Once TDX KVM is functional, the config will be removed. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/Kconfig | 14 ++++++++++++++ arch/x86/kvm/Makefile | 1 + arch/x86/kvm/vmx/main.c | 7 ++++++- arch/x86/kvm/vmx/tdx.c | 17 +++++++++++++++++ arch/x86/kvm/vmx/vmx.c | 5 ----- arch/x86/kvm/vmx/x86_ops.h | 7 ++++++- 6 files changed, 44 insertions(+), 7 deletions(-) create mode 100644 arch/x86/kvm/vmx/tdx.c diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 2b1548da00eb..a3287440aa9e 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -98,6 +98,20 @@ config X86_SGX_KVM =20 If unsure, say N. =20 +config X86_TDX_KVM_EXPERIMENTAL + bool "EXPERIMENTAL Trust Domian Extensions (TDX) KVM support" + default n + depends on INTEL_TDX_HOST + depends on KVM_INTEL + help + Enable experimental TDX KVM support. TDX KVM needs many patches and + the patches will be merged step by step, not at once. Even if TDX KVM + support is incomplete, enable TDX KVM support so that developper can + exercise TDX KVM code. TODO: Remove this configuration once the + (first step of) TDX KVM support is complete. + + If unsure, say N. + config KVM_AMD tristate "KVM for AMD processors support" depends on KVM diff --git a/arch/x86/kvm/Makefile b/arch/x86/kvm/Makefile index ee4d0999f20f..e2c05195cb95 100644 --- a/arch/x86/kvm/Makefile +++ b/arch/x86/kvm/Makefile @@ -24,6 +24,7 @@ kvm-$(CONFIG_KVM_XEN) +=3D xen.o kvm-intel-y +=3D vmx/vmx.o vmx/vmenter.o vmx/pmu_intel.o vmx/vmcs12.o \ vmx/evmcs.o vmx/nested.o vmx/posted_intr.o vmx/main.o kvm-intel-$(CONFIG_X86_SGX_KVM) +=3D vmx/sgx.o +kvm-intel-$(CONFIG_INTEL_TDX_HOST) +=3D vmx/tdx.o =20 kvm-amd-y +=3D svm/svm.o svm/vmenter.o svm/pmu.o svm/nested.o svm/avic.o = svm/sev.o =20 diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 459087fcf7b7..086b5106c15a 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -7,6 +7,11 @@ #include "pmu.h" #include "tdx.h" =20 +static bool vt_is_vm_type_supported(unsigned long type) +{ + return type =3D=3D KVM_X86_DEFAULT_VM || tdx_is_vm_type_supported(type); +} + struct kvm_x86_ops vt_x86_ops __initdata =3D { .name =3D "kvm_intel", =20 @@ -17,7 +22,7 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .cpu_has_accelerated_tpr =3D report_flexpriority, .has_emulated_msr =3D vmx_has_emulated_msr, =20 - .is_vm_type_supported =3D vmx_is_vm_type_supported, + .is_vm_type_supported =3D vt_is_vm_type_supported, .vm_size =3D sizeof(struct kvm_vmx), .vm_init =3D vmx_vm_init, =20 diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c new file mode 100644 index 000000000000..02271a3e2733 --- /dev/null +++ b/arch/x86/kvm/vmx/tdx.c @@ -0,0 +1,17 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include "x86_ops.h" + +#undef pr_fmt +#define pr_fmt(fmt) "tdx: " fmt + +static bool __read_mostly enable_tdx =3D true; +module_param_named(tdx, enable_tdx, bool, 0644); +bool tdx_is_vm_type_supported(unsigned long type) +{ +#ifdef CONFIG_X86_TDX_KVM_EXPERIMENTAL + return type =3D=3D KVM_X86_TDX_VM && READ_ONCE(enable_tdx); +#else + return false; +#endif +} diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 191e653355dd..538b91380c06 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7085,11 +7085,6 @@ int vmx_vcpu_create(struct kvm_vcpu *vcpu) return err; } =20 -bool vmx_is_vm_type_supported(unsigned long type) -{ - return type =3D=3D KVM_X86_DEFAULT_VM; -} - #define L1TF_MSG_SMT "L1TF CPU bug present and SMT on, data leak possible.= See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/h= w-vuln/l1tf.html for details.\n" #define L1TF_MSG_L1D "L1TF CPU bug present and virtualization mitigation d= isabled, data leak possible. See CVE-2018-3646 and https://www.kernel.org/d= oc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" =20 diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index e0a4c6438c88..2fb5df625bb1 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -25,7 +25,6 @@ void vmx_hardware_unsetup(void); int vmx_hardware_enable(void); void vmx_hardware_disable(void); bool report_flexpriority(void); -bool vmx_is_vm_type_supported(unsigned long type); int vmx_vm_init(struct kvm *kvm); int vmx_vcpu_create(struct kvm_vcpu *vcpu); int vmx_vcpu_pre_run(struct kvm_vcpu *vcpu); @@ -127,4 +126,10 @@ void vmx_cancel_hv_timer(struct kvm_vcpu *vcpu); #endif void vmx_setup_mce(struct kvm_vcpu *vcpu); =20 +#ifdef CONFIG_INTEL_TDX_HOST +bool tdx_is_vm_type_supported(unsigned long type); +#else +static inline bool tdx_is_vm_type_supported(unsigned long type) { return f= alse; } +#endif + #endif /* __KVM_X86_VMX_X86_OPS_H */ --=20 2.25.1