Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3295310pxj; Tue, 1 Jun 2021 01:49:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzmPN2TtOPRdP9PDXb17s9iTZToBaH3pUPN+vSIQaUn44N1IEkYdnM8yXBWduYapfbvLQbk X-Received: by 2002:a05:6e02:118c:: with SMTP id y12mr5264336ili.288.1622537388708; Tue, 01 Jun 2021 01:49:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622537388; cv=none; d=google.com; s=arc-20160816; b=Tz92VP6XfGDKvH1x46MyQ/kkPHbFAPBvCEQSFzifvWEwNkAePWbcuNQg4/pnnKE+PC mKvH00jttykYcEld565OKHklMdMLc96aWWmMExiqyBkVdimZ7rw5eGsFlxMaFnSruZTn ta7uDeMrETPNXCPfC/tl007KiyrqrnMJY6/Jj4WtC2dPIhdwfVG7SQu4gVOIr9Jc8Zlj kLRhFBx9saVXhNC+vnvYI5q5LtQIHMTa2tacWbI/zevrxpg6lH+Xh6GFhifvql+Jq0AQ viqAoqQsDOiIoV5U3Rs9grfS6Hly17jGtabeePa1VaA3UYPWv3jxfbvNZvrc8vHW5W0a 6LYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:ironport-sdr:ironport-sdr; bh=zu7GTLxginrkkmb3pWt8VIm9IdF+Y98boac8KTGw+1Y=; b=uQd57h8pYC0TAofDSQU7loYIk+QX1frdUq/KFK1DMYqrSzNTMq4vAlYxaqStYb2FAc wVrrj9yp5ulNIBz+RkU/LnJeTkOJJ2tvJhRu8EX3/q4gNLU81KnhjsuRc6AreGggE9ng DCVNjtjX0288VBBk2xBBBHSr4QGjhCgMeofighpiejHJpGV57AKtwrGmTib6leF+AVGx 9wPy2o/1X4LEKtY609Xmpreqb5J4RNe5xY5q2c9ZvMDMamo6VT3kfVwRJk9YSGA6JFqy ADPf5ADjd2NPqzlw9/drZZF8fdjtUzzCq0t+EjHt9gJBeCG6Tvq1e6esHv7Egn0EM3ok +oqQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r21si7125168ioc.48.2021.06.01.01.49.35; Tue, 01 Jun 2021 01:49:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233846AbhFAIuK (ORCPT + 99 others); Tue, 1 Jun 2021 04:50:10 -0400 Received: from mga07.intel.com ([134.134.136.100]:45142 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233815AbhFAItw (ORCPT ); Tue, 1 Jun 2021 04:49:52 -0400 IronPort-SDR: MiXq/JtI+GYXubowU9VdcMavTnDuBud929BqRM8Dm5i0OpuD9EHQHpDEPKxvJI1uW5BU+qCKnk sx8NUfRPrCwg== X-IronPort-AV: E=McAfee;i="6200,9189,10001"; a="267381326" X-IronPort-AV: E=Sophos;i="5.83,239,1616482800"; d="scan'208";a="267381326" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jun 2021 01:48:09 -0700 IronPort-SDR: T5LQ++tYZETNnGLjYaG+/+XzXSCDeaG02gBwux8Z5KF5kHzVNbKBcWNjxjG0jrzaIeBMy1hOfe bUxCwUsprbCA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.83,239,1616482800"; d="scan'208";a="437967776" Received: from sqa-gate.sh.intel.com (HELO robert-ivt.tsp.org) ([10.239.48.212]) by orsmga007.jf.intel.com with ESMTP; 01 Jun 2021 01:48:06 -0700 From: Robert Hoo To: pbonzini@redhat.com, seanjc@google.com, vkuznets@redhat.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, kvm@vger.kernel.org Cc: x86@kernel.org, linux-kernel@vger.kernel.org, chang.seok.bae@intel.com, robert.hu@intel.com, robert.hu@linux.intel.com Subject: [PATCH 04/15] kvm/vmx: Detect Tertiary VM-Execution control when setup VMCS config Date: Tue, 1 Jun 2021 16:47:43 +0800 Message-Id: <1622537274-146420-5-git-send-email-robert.hu@linux.intel.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1622537274-146420-1-git-send-email-robert.hu@linux.intel.com> References: <1622537274-146420-1-git-send-email-robert.hu@linux.intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: "Hu, Robert" Add new Tertiary VM-Exec Control field for vmcs_config and related functions. And when eVMCS in use, filter it out. Signed-off-by: Hu, Robert --- arch/x86/include/asm/vmx.h | 1 + arch/x86/kvm/vmx/capabilities.h | 7 +++++++ arch/x86/kvm/vmx/evmcs.c | 2 ++ arch/x86/kvm/vmx/evmcs.h | 1 + arch/x86/kvm/vmx/vmx.c | 5 ++++- 5 files changed, 15 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 0ffaa315..c035649 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -31,6 +31,7 @@ #define CPU_BASED_RDTSC_EXITING VMCS_CONTROL_BIT(RDTSC_EXITING) #define CPU_BASED_CR3_LOAD_EXITING VMCS_CONTROL_BIT(CR3_LOAD_EXITING) #define CPU_BASED_CR3_STORE_EXITING VMCS_CONTROL_BIT(CR3_STORE_EXITING) +#define CPU_BASED_ACTIVATE_TERTIARY_CONTROLS VMCS_CONTROL_BIT(TER_CONTROLS) #define CPU_BASED_CR8_LOAD_EXITING VMCS_CONTROL_BIT(CR8_LOAD_EXITING) #define CPU_BASED_CR8_STORE_EXITING VMCS_CONTROL_BIT(CR8_STORE_EXITING) #define CPU_BASED_TPR_SHADOW VMCS_CONTROL_BIT(VIRTUAL_TPR) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilities.h index d1d7798..df7550c 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -60,6 +60,7 @@ struct vmcs_config { u32 pin_based_exec_ctrl; u32 cpu_based_exec_ctrl; u32 cpu_based_2nd_exec_ctrl; + u64 cpu_based_3rd_exec_ctrl; u32 vmexit_ctrl; u32 vmentry_ctrl; struct nested_vmx_msrs nested; @@ -133,6 +134,12 @@ static inline bool cpu_has_secondary_exec_ctrls(void) CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; } +static inline bool cpu_has_tertiary_exec_ctrls(void) +{ + return vmcs_config.cpu_based_exec_ctrl & + CPU_BASED_ACTIVATE_TERTIARY_CONTROLS; +} + static inline bool cpu_has_vmx_virtualize_apic_accesses(void) { return vmcs_config.cpu_based_2nd_exec_ctrl & diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c index 41f2466..1e883ff 100644 --- a/arch/x86/kvm/vmx/evmcs.c +++ b/arch/x86/kvm/vmx/evmcs.c @@ -299,8 +299,10 @@ __init void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf) { + vmcs_conf->cpu_based_exec_ctrl &= ~EVMCS1_UNSUPPORTED_EXEC_CTRL; vmcs_conf->pin_based_exec_ctrl &= ~EVMCS1_UNSUPPORTED_PINCTRL; vmcs_conf->cpu_based_2nd_exec_ctrl &= ~EVMCS1_UNSUPPORTED_2NDEXEC; + vmcs_conf->cpu_based_3rd_exec_ctrl = 0; vmcs_conf->vmexit_ctrl &= ~EVMCS1_UNSUPPORTED_VMEXIT_CTRL; vmcs_conf->vmentry_ctrl &= ~EVMCS1_UNSUPPORTED_VMENTRY_CTRL; diff --git a/arch/x86/kvm/vmx/evmcs.h b/arch/x86/kvm/vmx/evmcs.h index bd41d94..bf2c5e7 100644 --- a/arch/x86/kvm/vmx/evmcs.h +++ b/arch/x86/kvm/vmx/evmcs.h @@ -50,6 +50,7 @@ */ #define EVMCS1_UNSUPPORTED_PINCTRL (PIN_BASED_POSTED_INTR | \ PIN_BASED_VMX_PREEMPTION_TIMER) +#define EVMCS1_UNSUPPORTED_EXEC_CTRL (CPU_BASED_ACTIVATE_TERTIARY_CONTROLS) #define EVMCS1_UNSUPPORTED_2NDEXEC \ (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | \ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | \ diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index d000cdd..554e572 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2506,6 +2506,7 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, u32 _pin_based_exec_control = 0; u32 _cpu_based_exec_control = 0; u32 _cpu_based_2nd_exec_control = 0; + u64 _cpu_based_3rd_exec_control = 0; u32 _vmexit_control = 0; u32 _vmentry_control = 0; @@ -2527,7 +2528,8 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, opt = CPU_BASED_TPR_SHADOW | CPU_BASED_USE_MSR_BITMAPS | - CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | + CPU_BASED_ACTIVATE_TERTIARY_CONTROLS; if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_PROCBASED_CTLS, &_cpu_based_exec_control) < 0) return -EIO; @@ -2688,6 +2690,7 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, vmcs_conf->pin_based_exec_ctrl = _pin_based_exec_control; vmcs_conf->cpu_based_exec_ctrl = _cpu_based_exec_control; vmcs_conf->cpu_based_2nd_exec_ctrl = _cpu_based_2nd_exec_control; + vmcs_conf->cpu_based_3rd_exec_ctrl = _cpu_based_3rd_exec_control; vmcs_conf->vmexit_ctrl = _vmexit_control; vmcs_conf->vmentry_ctrl = _vmentry_control; -- 1.8.3.1