From: Vitaly Kuznetsov <vkuznets@redhat.com>
To: Maxim Levitsky <mlevitsk@redhat.com>, kvm@vger.kernel.org
Cc: Anirudh Rayabharam <anrayabh@linux.microsoft.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>,
linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org,
Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>
Subject: Re: [PATCH v3 11/25] KVM: VMX: Get rid of eVMCS specific VMX controls sanitization
Date: Tue, 12 Jul 2022 14:14:06 +0200 [thread overview]
Message-ID: <877d4iplyp.fsf@redhat.com> (raw)
In-Reply-To: <f1d030d7db4aaf3075fe625799b99ae335fc9f60.camel@redhat.com>
Maxim Levitsky <mlevitsk@redhat.com> writes:
> On Fri, 2022-07-08 at 16:42 +0200, Vitaly Kuznetsov wrote:
>> With the updated eVMCSv1 definition, there's no known 'problematic'
>> controls which are exposed in VMX control MSRs but are not present in
>> eVMCSv1. Get rid of VMX control MSRs filtering for KVM on Hyper-V.
>
> If I understand correctly we are taking about running KVM as a nested guest of Hyper-V here:
>
> Don't we need to check the new CPUID bit and only then use the new fields of eVMCS,
> aka check that the 'cpu' supports the updated eVMCS version?
>
I've checked various Hyper-V versions available around and it seems
there's no need for that: these new features are exposed in VMX control
MSRs only when the updated eVMCS is supported.
We can, in theory, preserve the filtering for non-updated eVMCS verison
but I'd vote for putting a WARN_ON() or something around: we can
eventually get rid of it in case we don't get any reports.
> Best regards,
> Maxim Levitsky
>
>
>
>>
>> Note: VMX control MSRs filtering for Hyper-V on KVM
>> (nested_evmcs_filter_control_msr()) stays as even the updated eVMCSv1
>> definition doesn't have all the features implemented by KVM and some
>> fields are still missing. Moreover, nested_evmcs_filter_control_msr()
>> has to support the original eVMCSv1 version when VMM wishes so.
>>
>> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
>> ---
>> arch/x86/kvm/vmx/evmcs.c | 13 -------------
>> arch/x86/kvm/vmx/evmcs.h | 1 -
>> arch/x86/kvm/vmx/vmx.c | 5 -----
>> 3 files changed, 19 deletions(-)
>>
>> diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c
>> index 52a53debd806..b5cfbf7d487b 100644
>> --- a/arch/x86/kvm/vmx/evmcs.c
>> +++ b/arch/x86/kvm/vmx/evmcs.c
>> @@ -320,19 +320,6 @@ const struct evmcs_field vmcs_field_to_evmcs_1[] = {
>> };
>> const unsigned int nr_evmcs_1_fields = ARRAY_SIZE(vmcs_field_to_evmcs_1);
>>
>> -#if IS_ENABLED(CONFIG_HYPERV)
>> -__init void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf)
>> -{
>> - vmcs_conf->cpu_based_exec_ctrl &= ~EVMCS1_UNSUPPORTED_EXEC_CTRL;
>> - vmcs_conf->pin_based_exec_ctrl &= ~EVMCS1_UNSUPPORTED_PINCTRL;
>> - vmcs_conf->cpu_based_2nd_exec_ctrl &= ~EVMCS1_UNSUPPORTED_2NDEXEC;
>> - vmcs_conf->cpu_based_3rd_exec_ctrl = 0;
>> -
>> - vmcs_conf->vmexit_ctrl &= ~EVMCS1_UNSUPPORTED_VMEXIT_CTRL;
>> - vmcs_conf->vmentry_ctrl &= ~EVMCS1_UNSUPPORTED_VMENTRY_CTRL;
>> -}
>> -#endif
>> -
>> bool nested_enlightened_vmentry(struct kvm_vcpu *vcpu, u64 *evmcs_gpa)
>> {
>> struct hv_vp_assist_page assist_page;
>> diff --git a/arch/x86/kvm/vmx/evmcs.h b/arch/x86/kvm/vmx/evmcs.h
>> index 4b809c79ae63..0feac101cce4 100644
>> --- a/arch/x86/kvm/vmx/evmcs.h
>> +++ b/arch/x86/kvm/vmx/evmcs.h
>> @@ -203,7 +203,6 @@ static inline void evmcs_load(u64 phys_addr)
>> vp_ap->enlighten_vmentry = 1;
>> }
>>
>> -__init void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf);
>> #else /* !IS_ENABLED(CONFIG_HYPERV) */
>> static __always_inline void evmcs_write64(unsigned long field, u64 value) {}
>> static inline void evmcs_write32(unsigned long field, u32 value) {}
>> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
>> index b4915d841357..dd905ad72637 100644
>> --- a/arch/x86/kvm/vmx/vmx.c
>> +++ b/arch/x86/kvm/vmx/vmx.c
>> @@ -2689,11 +2689,6 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf,
>> vmcs_conf->vmexit_ctrl = _vmexit_control;
>> vmcs_conf->vmentry_ctrl = _vmentry_control;
>>
>> -#if IS_ENABLED(CONFIG_HYPERV)
>> - if (enlightened_vmcs)
>> - evmcs_sanitize_exec_ctrls(vmcs_conf);
>> -#endif
>> -
>> return 0;
>> }
>>
>
>
--
Vitaly
next prev parent reply other threads:[~2022-07-12 12:14 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-08 14:41 [PATCH v3 00/25] KVM: VMX: Support updated eVMCSv1 revision + use vmcs_config for L1 VMX MSRs Vitaly Kuznetsov
2022-07-08 14:41 ` [PATCH v3 01/25] KVM: x86: hyper-v: Expose access to debug MSRs in the partition privilege flags Vitaly Kuznetsov
2022-07-12 11:49 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 02/25] x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition Vitaly Kuznetsov
2022-07-08 14:42 ` [PATCH v3 03/25] x86/hyperv: Update " Vitaly Kuznetsov
2022-07-12 11:51 ` Maxim Levitsky
2022-07-12 12:19 ` Vitaly Kuznetsov
2022-07-08 14:42 ` [PATCH v3 04/25] KVM: VMX: Define VMCS-to-EVMCS conversion for the new fields Vitaly Kuznetsov
2022-07-12 11:50 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 05/25] KVM: nVMX: Support several new fields in eVMCSv1 Vitaly Kuznetsov
2022-07-12 11:51 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 06/25] KVM: x86: hyper-v: Cache HYPERV_CPUID_NESTED_FEATURES CPUID leaf Vitaly Kuznetsov
2022-07-12 11:51 ` Maxim Levitsky
2022-07-13 15:45 ` Vitaly Kuznetsov
2022-07-08 14:42 ` [PATCH v3 07/25] KVM: selftests: Add ENCLS_EXITING_BITMAP{,HIGH} VMCS fields Vitaly Kuznetsov
2022-07-12 11:51 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 08/25] KVM: selftests: Switch to updated eVMCSv1 definition Vitaly Kuznetsov
2022-07-12 11:52 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 09/25] KVM: VMX: nVMX: Support TSC scaling and PERF_GLOBAL_CTRL with enlightened VMCS Vitaly Kuznetsov
2022-07-12 11:53 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 10/25] KVM: selftests: Enable TSC scaling in evmcs selftest Vitaly Kuznetsov
2022-07-12 11:54 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 11/25] KVM: VMX: Get rid of eVMCS specific VMX controls sanitization Vitaly Kuznetsov
2022-07-12 11:54 ` Maxim Levitsky
2022-07-12 12:14 ` Vitaly Kuznetsov [this message]
2022-07-12 12:16 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 12/25] KVM: VMX: Check VM_ENTRY_IA32E_MODE in setup_vmcs_config() Vitaly Kuznetsov
2022-07-12 11:55 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 13/25] KVM: VMX: Check CPU_BASED_{INTR,NMI}_WINDOW_EXITING " Vitaly Kuznetsov
2022-07-12 11:55 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 14/25] KVM: VMX: Tweak the special handling of SECONDARY_EXEC_ENCLS_EXITING " Vitaly Kuznetsov
2022-07-12 11:56 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 15/25] KVM: VMX: Extend VMX controls macro shenanigans Vitaly Kuznetsov
2022-07-12 11:56 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 16/25] KVM: VMX: Move CPU_BASED_CR8_{LOAD,STORE}_EXITING filtering out of setup_vmcs_config() Vitaly Kuznetsov
2022-07-12 11:56 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 17/25] KVM: VMX: Add missing VMEXIT controls to vmcs_config Vitaly Kuznetsov
2022-07-12 11:57 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 18/25] KVM: VMX: Add missing CPU based VM execution " Vitaly Kuznetsov
2022-07-12 11:57 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 19/25] KVM: VMX: Adjust CR3/INVPLG interception for EPT=y at runtime, not setup Vitaly Kuznetsov
2022-07-12 11:58 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 20/25] KVM: x86: VMX: Replace some Intel model numbers with mnemonics Vitaly Kuznetsov
2022-07-12 11:58 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 21/25] KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata handling out of setup_vmcs_config() Vitaly Kuznetsov
2022-07-12 11:59 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 22/25] KVM: nVMX: Always set required-1 bits of pinbased_ctls to PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR Vitaly Kuznetsov
2022-07-12 12:02 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 23/25] KVM: nVMX: Use sanitized allowed-1 bits for VMX control MSRs Vitaly Kuznetsov
2022-07-12 12:11 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 24/25] KVM: VMX: Cache MSR_IA32_VMX_MISC in vmcs_config Vitaly Kuznetsov
2022-07-12 12:11 ` Maxim Levitsky
2022-07-08 14:42 ` [PATCH v3 25/25] KVM: nVMX: Use cached host MSR_IA32_VMX_MISC value for setting up nested MSR Vitaly Kuznetsov
2022-07-12 12:11 ` Maxim Levitsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877d4iplyp.fsf@redhat.com \
--to=vkuznets@redhat.com \
--cc=anrayabh@linux.microsoft.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.