From: Tim Deegan <Tim.Deegan@citrix.com>
To: Qing He <qing.he@intel.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
Subject: Re: [PATCH 13/17] vmx: nest: capability reporting MSRs
Date: Thu, 20 May 2010 12:52:58 +0100 [thread overview]
Message-ID: <20100520115258.GS4164@whitby.uk.xensource.com> (raw)
In-Reply-To: <1271929289-18572-14-git-send-email-qing.he@intel.com>
At 10:41 +0100 on 22 Apr (1271932885), Qing He wrote:
> handles VMX capability reporting MSRs.
> Some features are masked so L1 would see a rather
> simple configuration
Would it be better to whitelist features that we know are safely
virtualized?
> Signed-off-by: Qing He <qing.he@intel.com>
>
> ---
> arch/x86/hvm/vmx/nest.c | 94 +++++++++++++++++++++++++++++++++++++++++
> arch/x86/hvm/vmx/vmx.c | 14 ++++--
> include/asm-x86/hvm/vmx/nest.h | 5 ++
> include/asm-x86/hvm/vmx/vmcs.h | 5 ++
> include/asm-x86/msr-index.h | 1
> 5 files changed, 115 insertions(+), 4 deletions(-)
>
> diff -r 25c338cbc024 -r 0f0e32a70c02 xen/arch/x86/hvm/vmx/nest.c
> --- a/xen/arch/x86/hvm/vmx/nest.c Thu Apr 22 22:30:09 2010 +0800
> +++ b/xen/arch/x86/hvm/vmx/nest.c Thu Apr 22 22:30:09 2010 +0800
> @@ -1200,3 +1200,97 @@
>
> return bypass_l0;
> }
> +
> +/*
> + * Capability reporting
> + */
> +int vmx_nest_msr_read_intercept(struct cpu_user_regs *regs, u64 *msr_content)
> +{
> + u32 eax, edx;
> + u64 data = 0;
> + int r = 1;
> + u32 mask = 0;
> +
> + if ( !current->domain->arch.hvm_domain.nesting_avail )
> + return 0;
> +
> + switch (regs->ecx) {
> + case MSR_IA32_VMX_BASIC:
> + rdmsr(regs->ecx, eax, edx);
> + data = edx;
> + data = (data & ~0x1fff) | 0x1000; /* request 4KB for guest VMCS */
> + data &= ~(1 << 23); /* disable TRUE_xxx_CTLS */
> + data = (data << 32) | VVMCS_REVISION; /* VVMCS revision */
> + break;
> + case MSR_IA32_VMX_PINBASED_CTLS:
> +#define REMOVED_PIN_CONTROL_CAP (PIN_BASED_PREEMPT_TIMER)
Did you mean to use this to mask the value below?
> + rdmsr(regs->ecx, eax, edx);
> + data = edx;
> + data = (data << 32) | eax;
> + break;
> + case MSR_IA32_VMX_PROCBASED_CTLS:
> + rdmsr(regs->ecx, eax, edx);
> +#define REMOVED_EXEC_CONTROL_CAP (CPU_BASED_TPR_SHADOW \
> + | CPU_BASED_ACTIVATE_MSR_BITMAP \
> + | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS)
> + data = edx & ~REMOVED_EXEC_CONTROL_CAP;
> + data = (data << 32) | eax;
> + break;
> + case MSR_IA32_VMX_EXIT_CTLS:
> + rdmsr(regs->ecx, eax, edx);
> +#define REMOVED_EXIT_CONTROL_CAP (VM_EXIT_SAVE_GUEST_PAT \
> + | VM_EXIT_LOAD_HOST_PAT \
> + | VM_EXIT_SAVE_GUEST_EFER \
> + | VM_EXIT_LOAD_HOST_EFER \
> + | VM_EXIT_SAVE_PREEMPT_TIMER)
> + data = edx & ~REMOVED_EXIT_CONTROL_CAP;
> + data = (data << 32) | eax;
> + break;
> + case MSR_IA32_VMX_ENTRY_CTLS:
> + rdmsr(regs->ecx, eax, edx);
> +#define REMOVED_ENTRY_CONTROL_CAP (VM_ENTRY_LOAD_GUEST_PAT \
> + | VM_ENTRY_LOAD_GUEST_EFER)
> + data = edx & ~REMOVED_ENTRY_CONTROL_CAP;
> + data = (data << 32) | eax;
> + break;
> + case MSR_IA32_VMX_PROCBASED_CTLS2:
> + mask = 0;
> +
> + rdmsr(regs->ecx, eax, edx);
> + data = edx & mask;
> + data = (data << 32) | eax;
> + break;
> +
> + /* pass through MSRs */
> + case IA32_FEATURE_CONTROL_MSR:
> + case MSR_IA32_VMX_MISC:
> + case MSR_IA32_VMX_CR0_FIXED0:
> + case MSR_IA32_VMX_CR0_FIXED1:
> + case MSR_IA32_VMX_CR4_FIXED0:
> + case MSR_IA32_VMX_CR4_FIXED1:
> + case MSR_IA32_VMX_VMCS_ENUM:
> + rdmsr(regs->ecx, eax, edx);
> + data = edx;
> + data = (data << 32) | eax;
> + gdprintk(XENLOG_INFO,
> + "nest: pass through VMX cap reporting register, %lx\n",
> + regs->ecx);
> + break;
> + default:
> + r = 0;
> + break;
> + }
> +
> + if (r == 1)
> + gdprintk(XENLOG_DEBUG, "nest: intercepted msr access: %lx: %lx\n",
> + regs->ecx, data);
These debug printks should go.
> +
> + *msr_content = data;
> + return r;
> +}
> +
> +int vmx_nest_msr_write_intercept(struct cpu_user_regs *regs, u64 msr_content)
> +{
> + /* silently ignore for now */
> + return 1;
> +}
Cheers,
Tim.
--
Tim Deegan <Tim.Deegan@citrix.com>
Principal Software Engineer, XenServer Engineering
Citrix Systems UK Ltd. (Company #02937203, SL9 0BG)
next prev parent reply other threads:[~2010-05-20 11:52 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-04-22 9:41 [PATCH 00/17][RFC] Nested virtualization for VMX Qing He
2010-04-22 9:41 ` [PATCH 01/17] vmx: nest: fix CR4.VME in update_guest_cr Qing He
2010-05-20 9:26 ` Tim Deegan
2010-05-20 9:36 ` Qing He
2010-04-22 9:41 ` [PATCH 02/17] vmx: nest: rename host_vmcs Qing He
2010-04-22 9:41 ` [PATCH 03/17] vmx: nest: wrapper for control update Qing He
2010-05-20 9:34 ` Tim Deegan
2010-05-20 9:46 ` Qing He
2010-05-20 12:57 ` Keir Fraser
2010-04-22 9:41 ` [PATCH 04/17] vmx: nest: domain and vcpu flags Qing He
2010-05-20 9:37 ` Tim Deegan
2010-05-20 9:51 ` Christoph Egger
2010-05-20 9:54 ` Qing He
2010-05-20 10:55 ` Tim Deegan
2010-05-20 12:53 ` Qing He
2010-05-20 14:06 ` Christoph Egger
2010-04-22 9:41 ` [PATCH 05/17] vmx: nest: nested control structure Qing He
2010-04-22 9:41 ` [PATCH 06/17] vmx: nest: virtual vmcs layout Qing He
2010-04-22 9:41 ` [PATCH 07/17] vmx: nest: handling VMX instruction exits Qing He
2010-05-20 10:53 ` Tim Deegan
2010-05-20 13:28 ` Qing He
2010-04-22 9:41 ` [PATCH 08/17] vmx: nest: L1 <-> L2 context switch Qing He
2010-05-20 11:11 ` Tim Deegan
2010-05-20 13:49 ` Qing He
2010-05-21 9:19 ` Tim Deegan
2010-05-21 10:31 ` Qing He
2010-05-25 15:27 ` Tim Deegan
2010-04-22 9:41 ` [PATCH 09/17] vmx: nest: interrupt Qing He
2010-05-20 11:21 ` Tim Deegan
2010-05-20 15:55 ` Qing He
2010-04-22 9:41 ` [PATCH 10/17] vmx: nest: VMExit handler in L2 Qing He
2010-05-20 11:44 ` Tim Deegan
2010-05-20 16:06 ` Qing He
2010-05-21 8:42 ` Tim Deegan
2010-05-21 10:35 ` Qing He
2010-05-25 15:34 ` Tim Deegan
2010-04-22 9:41 ` [PATCH 11/17] vmx: nest: L2 tsc Qing He
2010-05-20 11:47 ` Tim Deegan
2010-05-20 16:07 ` Qing He
2010-04-22 9:41 ` [PATCH 12/17] vmx: nest: CR0.TS and #NM Qing He
2010-04-22 9:41 ` [PATCH 13/17] vmx: nest: capability reporting MSRs Qing He
2010-05-20 11:52 ` Tim Deegan [this message]
2010-04-22 9:41 ` [PATCH 14/17] vmx: nest: enable virtual VMX Qing He
2010-04-22 9:41 ` [PATCH 15/17] vmx: nest: virtual ept for nested Qing He
2010-05-20 12:21 ` Tim Deegan
2010-05-21 10:24 ` Qing He
2010-05-25 16:02 ` Tim Deegan
2010-04-22 9:41 ` [PATCH 16/17] vmx: nest: hvmtrace " Qing He
2010-04-22 9:41 ` [PATCH 17/17] tools: nest: allow enabling nesting Qing He
2010-04-22 10:15 ` [PATCH 00/17][RFC] Nested virtualization for VMX Christoph Egger
2010-04-23 10:10 ` He, Qing
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100520115258.GS4164@whitby.uk.xensource.com \
--to=tim.deegan@citrix.com \
--cc=qing.he@intel.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.