From: George Dunlap <george.dunlap@eu.citrix.com>
To: George Dunlap <george.dunlap@eu.citrix.com>
Cc: Keir Fraser <keir@xen.org>, Tim Deegan <tim@xen.org>,
Jan Beulich <jan.beulich@suse.com>,
xen-devel@lists.xen.org
Subject: Re: [PATCH RFC v12 08/21] pvh: vmx-specific changes
Date: Fri, 13 Sep 2013 17:38:41 +0100 [thread overview]
Message-ID: <52333F91.7080606@eu.citrix.com> (raw)
In-Reply-To: <1379089521-25720-9-git-send-email-george.dunlap@eu.citrix.com>
On 13/09/13 17:25, George Dunlap wrote:
> Changes:
> * Enforce HAP mode for now
> * Disable exits related to virtual interrupts or emulated APICs
> * Disable changing paging mode
> - "unrestricted guest" (i.e., real mode for EPT) disabled
> - write guest EFER disabled
> * Start in 64-bit mode
> * Force TSC mode to be "none"
> * Paging mode update to happen in arch_set_info_guest
>
> Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
> Signed-off-by: Mukesh Rathor <mukesh.rathor@oracle.com>
> CC: Jan Beulich <jan.beulich@suse.com>
> CC: Tim Deegan <tim@xen.org>
> CC: Keir Fraser <keir@xen.org>
> ---
> xen/arch/x86/hvm/vmx/vmcs.c | 140 +++++++++++++++++++++++++++++++++++++++++--
> 1 file changed, 135 insertions(+), 5 deletions(-)
>
> diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
> index fa90493..f016343 100644
> --- a/xen/arch/x86/hvm/vmx/vmcs.c
> +++ b/xen/arch/x86/hvm/vmx/vmcs.c
> @@ -828,6 +828,58 @@ void virtual_vmcs_vmwrite(void *vvmcs, u32 vmcs_encoding, u64 val)
> virtual_vmcs_exit(vvmcs);
> }
>
> +static int pvh_check_requirements(struct vcpu *v)
> +{
> + u64 required, tmpval = real_cr4_to_pv_guest_cr4(mmu_cr4_features);
> +
> + if ( !paging_mode_hap(v->domain) )
> + {
> + printk(XENLOG_G_INFO "HAP is required for PVH guest.\n");
> + return -EINVAL;
> + }
> + if ( !cpu_has_vmx_ept )
> + {
> + printk(XENLOG_G_INFO "PVH: CPU does not have EPT support\n");
> + return -ENOSYS;
> + }
> + if ( !cpu_has_vmx_pat )
> + {
> + printk(XENLOG_G_INFO "PVH: CPU does not have PAT support\n");
> + return -ENOSYS;
> + }
> + if ( !cpu_has_vmx_msr_bitmap )
> + {
> + printk(XENLOG_G_INFO "PVH: CPU does not have msr bitmap\n");
> + return -ENOSYS;
> + }
> + if ( !cpu_has_vmx_secondary_exec_control )
> + {
> + printk(XENLOG_G_INFO "CPU Secondary exec is required to run PVH\n");
> + return -ENOSYS;
> + }
> +
> + /*
> + * If rdtsc exiting is turned on and it goes thru emulate_privileged_op,
> + * then pv_vcpu.ctrlreg must be added to the pvh struct.
> + */
> + if ( v->domain->arch.vtsc )
> + {
> + printk(XENLOG_G_INFO
> + "At present PVH only supports the default timer mode\n");
> + return -ENOSYS;
> + }
> +
> + required = X86_CR4_PAE | X86_CR4_VMXE | X86_CR4_OSFXSR;
> + if ( (tmpval & required) != required )
> + {
> + printk(XENLOG_G_INFO "PVH: required CR4 features not available:%lx\n",
> + required);
> + return -ENOSYS;
> + }
> +
> + return 0;
> +}
> +
> static int construct_vmcs(struct vcpu *v)
> {
> struct domain *d = v->domain;
> @@ -836,6 +888,13 @@ static int construct_vmcs(struct vcpu *v)
> u32 vmexit_ctl = vmx_vmexit_control;
> u32 vmentry_ctl = vmx_vmentry_control;
>
> + if ( is_pvh_domain(d) )
> + {
> + int rc = pvh_check_requirements(v);
> + if ( rc )
> + return rc;
> + }
> +
> vmx_vmcs_enter(v);
>
> /* VMCS controls. */
> @@ -874,7 +933,44 @@ static int construct_vmcs(struct vcpu *v)
> /* Do not enable Monitor Trap Flag unless start single step debug */
> v->arch.hvm_vmx.exec_control &= ~CPU_BASED_MONITOR_TRAP_FLAG;
>
> + if ( is_pvh_domain(d) )
> + {
> + /* Disable virtual apics, TPR */
> + v->arch.hvm_vmx.secondary_exec_control &=
> + ~(SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES
> + | SECONDARY_EXEC_APIC_REGISTER_VIRT
> + | SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY);
> + v->arch.hvm_vmx.exec_control &= ~CPU_BASED_TPR_SHADOW;
> +
> + /* Disable wbinvd (only necessary for MMIO),
> + * unrestricted guest (real mode for EPT) */
> + v->arch.hvm_vmx.secondary_exec_control &=
> + ~(SECONDARY_EXEC_UNRESTRICTED_GUEST
> + | SECONDARY_EXEC_WBINVD_EXITING);
> +
> + ASSERT(v->arch.hvm_vmx.exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
> + ASSERT(v->arch.hvm_vmx.exec_control & CPU_BASED_ACTIVATE_MSR_BITMAP);
> + ASSERT(!(v->arch.hvm_vmx.exec_control & CPU_BASED_RDTSC_EXITING));
> +
> + /*
> + * Note: we run with default VM_ENTRY_LOAD_DEBUG_CTLS of 1, which means
> + * upon vmentry, the cpu reads/loads VMCS.DR7 and VMCS.DEBUGCTLS, and not
> + * use the host values. 0 would cause it to not use the VMCS values.
> + */
> +
> + /* PVH: I don't think these are necessary */
> + v->arch.hvm_vmx.exec_control &= ~CPU_BASED_VIRTUAL_NMI_PENDING;
> + vmentry_ctl &= ~VM_ENTRY_LOAD_GUEST_EFER;
> + vmentry_ctl &= ~VM_ENTRY_SMM;
> + vmentry_ctl &= ~VM_ENTRY_DEACT_DUAL_MONITOR;
Mukesh, I couldn't figure out why you had set these. What are these
about, and are they really necessary?
> + /* PVH: Why is ET not set? */
> + v->arch.hvm_vcpu.guest_cr[0] = is_pvh_domain(d) ?
> + ( X86_CR0_PG | X86_CR0_NE | X86_CR0_PE | X86_CR0_WP )
> + : ( X86_CR0_PE | X86_CR0_ET );
I also couldn't figure out why CR0_ET wasn't set for PVH vms; is it not
set for PV vms?
-George
next prev parent reply other threads:[~2013-09-13 16:38 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-13 16:25 Introduce PVH domU support George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 01/21] Fix failure path in hvm_vcpu_initialise George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 02/21] Fix failure path in construct_vmcs George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 03/21] Remove an unnecessary assert from vmx_update_debug_state George Dunlap
2013-09-16 21:09 ` Mukesh Rathor
2013-09-18 10:39 ` George Dunlap
2013-09-18 12:38 ` Jan Beulich
2013-09-18 12:53 ` George Dunlap
2013-09-18 13:51 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 04/21] pvh prep: code motion George Dunlap
2013-09-18 12:59 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 05/21] Introduce pv guest type and has_hvm_container macros George Dunlap
2013-09-18 13:46 ` Jan Beulich
2013-09-19 16:27 ` George Dunlap
2013-09-20 8:11 ` Jan Beulich
2013-09-20 9:23 ` George Dunlap
2013-09-20 9:44 ` Jan Beulich
2013-09-19 16:58 ` George Dunlap
2013-09-20 8:38 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 06/21] pvh: Introduce PVH guest type George Dunlap
2013-09-18 14:10 ` Jan Beulich
2013-09-20 10:01 ` George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 07/21] pvh: Disable unneeded features of HVM containers George Dunlap
2013-09-13 16:36 ` George Dunlap
[not found] ` <CAGU+aus16muryVYd-aOzv-CAXPk_xxVh_e-R7Ug1RxGRJ_MAfQ@mail.gmail.com>
2013-09-13 21:33 ` Aravindh Puthiyaparambil (aravindp)
2013-09-16 23:17 ` Mukesh Rathor
2013-09-18 10:50 ` George Dunlap
2013-09-18 14:18 ` Jan Beulich
2013-09-18 14:43 ` George Dunlap
2013-09-18 14:47 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 08/21] pvh: vmx-specific changes George Dunlap
2013-09-13 16:38 ` George Dunlap [this message]
2013-09-16 7:37 ` Jan Beulich
2013-09-16 9:15 ` George Dunlap
2013-09-16 23:12 ` Mukesh Rathor
2013-09-17 8:48 ` George Dunlap
2013-09-18 0:13 ` Mukesh Rathor
2013-09-18 14:25 ` Jan Beulich
2013-09-20 13:07 ` George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 09/21] pvh: Do not allow PVH guests to change paging modes George Dunlap
2013-09-18 14:32 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 10/21] pvh: PVH access to hypercalls George Dunlap
2013-09-18 14:45 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 11/21] pvh: Use PV e820 George Dunlap
2013-09-18 14:48 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 12/21] pvh: Support guest_kernel_mode for PVH George Dunlap
2013-09-18 14:52 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 13/21] pvh: Support read_segment_register " George Dunlap
2013-09-18 14:56 ` Jan Beulich
2013-09-20 14:18 ` George Dunlap
2013-09-20 14:56 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 14/21] pvh: read_descriptor for PVH guests George Dunlap
2013-09-13 16:40 ` George Dunlap
2013-09-18 15:00 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 15/21] pvh: Set up more PV stuff in set_info_guest George Dunlap
2013-09-18 15:17 ` Jan Beulich
2013-09-20 14:50 ` George Dunlap
2013-09-20 14:58 ` Jan Beulich
2013-09-20 15:12 ` George Dunlap
2013-09-20 15:26 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 16/21] pvh: Use PV handlers for emulated forced invalid ops, cpuid, and IO George Dunlap
2013-09-18 15:31 ` Jan Beulich
2013-09-19 1:02 ` Mukesh Rathor
2013-09-19 10:09 ` Jan Beulich
2013-09-20 17:03 ` George Dunlap
2013-09-20 17:06 ` George Dunlap
2013-09-23 6:49 ` Jan Beulich
2013-09-23 13:48 ` George Dunlap
2013-09-23 14:09 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 17/21] pvh: Disable 32-bit guest support for now George Dunlap
2013-09-18 15:36 ` Jan Beulich
2013-09-13 16:25 ` [PATCH RFC v12 18/21] pvh: Restrict tsc_mode to NEVER_EMULATE " George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 19/21] pvh: Disable debug traps when doing pv emulation for PVH domains George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 20/21] pvh: Disable memevents for PVH guests for now George Dunlap
2013-09-13 16:25 ` [PATCH RFC v12 21/21] pvh: Documentation George Dunlap
2013-09-13 16:41 ` Introduce PVH domU support George Dunlap
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52333F91.7080606@eu.citrix.com \
--to=george.dunlap@eu.citrix.com \
--cc=jan.beulich@suse.com \
--cc=keir@xen.org \
--cc=tim@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.