This part of the MTRR patches was dropped by Xiao. Bring SVM on feature
parity with VMX, and then do guest MTRR virtualization for both VMX and SVM.
The IPAT bit of VMX extended page tables is emulated by mangling the guest
PAT value.
I do not have any AMD machines that support an IOMMU, so I would like
some help testing these patches. Thanks,
Paolo
Jan Kiszka (1):
KVM: SVM: Sync g_pat with guest-written PAT value
Paolo Bonzini (2):
KVM: SVM: use NPT page attributes
KVM: x86: apply guest MTRR virtualization on host reserved pages
arch/x86/kvm/svm.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++-----
arch/x86/kvm/vmx.c | 11 +++--------
2 files changed, 52 insertions(+), 13 deletions(-)
--
1.8.3.1
Right now, NPT page attributes are not used, and the final page
attribute depends solely on gPAT (which however is not synced
correctly), the guest MTRRs and the guest page attributes.
However, we can do better by mimicking what is done for VMX.
In the absence of PCI passthrough, the guest PAT can be ignored
and the page attributes can be just WB. If passthrough is being
used, instead, keep respecting the guest PAT, and emulate the guest
MTRRs through the PAT field of the nested page tables.
The only snag is that WP memory cannot be emulated correctly,
because Linux's default PAT setting only includes the other types.
Signed-off-by: Paolo Bonzini <[email protected]>
---
arch/x86/kvm/svm.c | 47 ++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 42 insertions(+), 5 deletions(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 602b974a60a6..1eeb412e057b 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -1085,6 +1085,47 @@ static u64 svm_compute_tsc_offset(struct kvm_vcpu *vcpu, u64 target_tsc)
return target_tsc - tsc;
}
+static void svm_set_guest_pat(struct vcpu_svm *svm, u64 *g_pat)
+{
+ struct kvm_vcpu *vcpu = &svm->vcpu;
+
+ /* Unlike Intel, AMD takes the guest's CR0.CD into account.
+ *
+ * AMD doesn't have snooping control in the IOMMU, but if the guest
+ * doesn't use the IOMMU kvm_arch_has_noncoherent_dma will return
+ * false. In this case just set everything to WB to keep RAM
+ * accesses consistent with the host.
+ */
+ if (!kvm_arch_has_noncoherent_dma(vcpu->kvm))
+ *g_pat = 0x0606060606060606;
+ else
+ *g_pat = vcpu->arch.pat;
+}
+
+static u64 svm_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio)
+{
+ u8 cache;
+
+ /*
+ * 1. MMIO: always map as UC
+ * 2. No passthrough: always map as WB, and force guest PAT to WB as well
+ * 3. Passthrough: can't guarantee the result, try to trust guest.
+ */
+ if (is_mmio)
+ return _PAGE_NOCACHE;
+
+ if (!kvm_arch_has_noncoherent_dma(vcpu->kvm))
+ return 0;
+
+ cache = kvm_mtrr_get_guest_memory_type(vcpu, gfn);
+
+ /* Linux's host PAT value does not support WP. */
+ if (cache == _PAGE_CACHE_MODE_WP)
+ cache = _PAGE_CACHE_MODE_UC_MINUS;
+
+ return cachemode2protval(cache);
+}
+
static void init_vmcb(struct vcpu_svm *svm, bool init_event)
{
struct vmcb_control_area *control = &svm->vmcb->control;
@@ -1180,6 +1221,7 @@ static void init_vmcb(struct vcpu_svm *svm, bool init_event)
clr_cr_intercept(svm, INTERCEPT_CR3_READ);
clr_cr_intercept(svm, INTERCEPT_CR3_WRITE);
save->g_pat = svm->vcpu.arch.pat;
+ svm_set_guest_pat(svm, &save->g_pat);
save->cr3 = 0;
save->cr4 = 0;
}
@@ -4088,11 +4130,6 @@ static bool svm_has_high_real_mode_segbase(void)
return true;
}
-static u64 svm_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio)
-{
- return 0;
-}
-
static void svm_cpuid_update(struct kvm_vcpu *vcpu)
{
}
--
1.8.3.1
From: Jan Kiszka <[email protected]>
When hardware supports the g_pat VMCB field, we can use it for emulating
the PAT configuration that the guest configures by writing to the
corresponding MSR.
Signed-off-by: Jan Kiszka <[email protected]>
Signed-off-by: Paolo Bonzini <[email protected]>
---
arch/x86/kvm/svm.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 1eeb412e057b..089153666c54 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -3296,6 +3296,16 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
case MSR_VM_IGNNE:
vcpu_unimpl(vcpu, "unimplemented wrmsr: 0x%x data 0x%llx\n", ecx, data);
break;
+ case MSR_IA32_CR_PAT:
+ if (npt_enabled) {
+ if (!kvm_mtrr_valid(vcpu, MSR_IA32_CR_PAT, data))
+ return 1;
+ vcpu->arch.pat = data;
+ svm_set_guest_pat(svm, &svm->vmcb->save.g_pat);
+ mark_dirty(svm->vmcb, VMCB_NPT);
+ break;
+ }
+ /* fall through */
default:
return kvm_set_msr_common(vcpu, msr);
}
--
1.8.3.1
Currently guest MTRR is avoided if kvm_is_reserved_pfn returns true.
However, the guest could prefer a different page type than UC for
such pages. A good example is that pass-throughed VGA frame buffer is
not always UC as host expected.
This patch enables full use of virtual guest MTRRs.
Suggested-by: Xiao Guangrong <[email protected]>
Signed-off-by: Paolo Bonzini <[email protected]>
---
arch/x86/kvm/svm.c | 7 ++-----
arch/x86/kvm/vmx.c | 11 +++--------
2 files changed, 5 insertions(+), 13 deletions(-)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 089153666c54..c97a96a32768 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -1107,14 +1107,11 @@ static u64 svm_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio)
u8 cache;
/*
- * 1. MMIO: always map as UC
+ * 1. MMIO: trust guest MTRR, so same as item 3.
* 2. No passthrough: always map as WB, and force guest PAT to WB as well
* 3. Passthrough: can't guarantee the result, try to trust guest.
*/
- if (is_mmio)
- return _PAGE_NOCACHE;
-
- if (!kvm_arch_has_noncoherent_dma(vcpu->kvm))
+ if (!is_mmio && !kvm_arch_has_noncoherent_dma(vcpu->kvm))
return 0;
cache = kvm_mtrr_get_guest_memory_type(vcpu, gfn);
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index e856dd566f4c..5b4e9384717a 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -8632,22 +8632,17 @@ static u64 vmx_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio)
u64 ipat = 0;
/* For VT-d and EPT combination
- * 1. MMIO: always map as UC
+ * 1. MMIO: guest may want to apply WC, trust it.
* 2. EPT with VT-d:
* a. VT-d without snooping control feature: can't guarantee the
- * result, try to trust guest.
+ * result, try to trust guest. So the same as item 1.
* b. VT-d with snooping control feature: snooping control feature of
* VT-d engine can guarantee the cache correctness. Just set it
* to WB to keep consistent with host. So the same as item 3.
* 3. EPT without VT-d: always map as WB and set IPAT=1 to keep
* consistent with host MTRR
*/
- if (is_mmio) {
- cache = MTRR_TYPE_UNCACHABLE;
- goto exit;
- }
-
- if (!kvm_arch_has_noncoherent_dma(vcpu->kvm)) {
+ if (!is_mmio && !kvm_arch_has_noncoherent_dma(vcpu->kvm)) {
ipat = VMX_EPT_IPAT_BIT;
cache = MTRR_TYPE_WRBACK;
goto exit;
--
1.8.3.1
Hi Paolo,
On Tue, Jul 07, 2015 at 02:58:12PM +0200, Paolo Bonzini wrote:
> +static void svm_set_guest_pat(struct vcpu_svm *svm, u64 *g_pat)
> +{
> + struct kvm_vcpu *vcpu = &svm->vcpu;
> +
> + /* Unlike Intel, AMD takes the guest's CR0.CD into account.
> + *
> + * AMD doesn't have snooping control in the IOMMU, but if the guest
The AMD IOMMU has snooping control, its just called 'Force Coherent'
there. The AMD IOMMU driver always sets the FC bit in the page tables.
Joerg