From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paolo Bonzini Subject: Re: [PATCH v3 09/13] nEPT: Advertise EPT to L1 Date: Mon, 20 May 2013 15:05:40 +0200 Message-ID: <519A1FA4.7090304@redhat.com> References: <1368939152-11406-1-git-send-email-jun.nakajima@intel.com> <1368939152-11406-9-git-send-email-jun.nakajima@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Cc: kvm@vger.kernel.org, Gleb Natapov To: Jun Nakajima Return-path: Received: from mx1.redhat.com ([209.132.183.28]:5388 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756467Ab3ETNFr (ORCPT ); Mon, 20 May 2013 09:05:47 -0400 In-Reply-To: <1368939152-11406-9-git-send-email-jun.nakajima@intel.com> Sender: kvm-owner@vger.kernel.org List-ID: Il 19/05/2013 06:52, Jun Nakajima ha scritto: > From: Nadav Har'El > > Advertise the support of EPT to the L1 guest, through the appropriate MSR. > > This is the last patch of the basic Nested EPT feature, so as to allow > bisection through this patch series: The guest will not see EPT support until > this last patch, and will not attempt to use the half-applied feature. > > Signed-off-by: Nadav Har'El > Signed-off-by: Jun Nakajima > Signed-off-by: Xinhao Xu > --- > arch/x86/include/asm/vmx.h | 2 ++ > arch/x86/kvm/vmx.c | 17 +++++++++++++++-- > 2 files changed, 17 insertions(+), 2 deletions(-) This patch is ok, but it must be placed after patch 10 ("nEPT: Nested INVEPT"). Paolo > diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h > index f3e01a2..4aec45d 100644 > --- a/arch/x86/include/asm/vmx.h > +++ b/arch/x86/include/asm/vmx.h > @@ -394,7 +394,9 @@ enum vmcs_field { > #define VMX_EPTP_WB_BIT (1ull << 14) > #define VMX_EPT_2MB_PAGE_BIT (1ull << 16) > #define VMX_EPT_1GB_PAGE_BIT (1ull << 17) > +#define VMX_EPT_INVEPT_BIT (1ull << 20) > #define VMX_EPT_AD_BIT (1ull << 21) > +#define VMX_EPT_EXTENT_INDIVIDUAL_BIT (1ull << 24) > #define VMX_EPT_EXTENT_CONTEXT_BIT (1ull << 25) > #define VMX_EPT_EXTENT_GLOBAL_BIT (1ull << 26) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 4661a22..1cf8a41 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -2155,6 +2155,7 @@ static u32 nested_vmx_pinbased_ctls_low, nested_vmx_pinbased_ctls_high; > static u32 nested_vmx_exit_ctls_low, nested_vmx_exit_ctls_high; > static u32 nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high; > static u32 nested_vmx_misc_low, nested_vmx_misc_high; > +static u32 nested_vmx_ept_caps; > static __init void nested_vmx_setup_ctls_msrs(void) > { > /* > @@ -2242,6 +2243,18 @@ static __init void nested_vmx_setup_ctls_msrs(void) > SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | > SECONDARY_EXEC_WBINVD_EXITING; > > + if (enable_ept) { > + /* nested EPT: emulate EPT also to L1 */ > + nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT; > + nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT; > + nested_vmx_ept_caps |= > + VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT | > + VMX_EPT_EXTENT_CONTEXT_BIT | > + VMX_EPT_EXTENT_INDIVIDUAL_BIT; > + nested_vmx_ept_caps &= vmx_capability.ept; > + } else > + nested_vmx_ept_caps = 0; > + > /* miscellaneous data */ > rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high); > nested_vmx_misc_low &= VMX_MISC_PREEMPTION_TIMER_RATE_MASK | > @@ -2347,8 +2360,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata) > nested_vmx_secondary_ctls_high); > break; > case MSR_IA32_VMX_EPT_VPID_CAP: > - /* Currently, no nested ept or nested vpid */ > - *pdata = 0; > + /* Currently, no nested vpid support */ > + *pdata = nested_vmx_ept_caps; > break; > default: > return 0; >