From: Sean Christopherson <seanjc@google.com>
To: Robert Hoo <robert.hu@linux.intel.com>
Cc: pbonzini@redhat.com, vkuznets@redhat.com, wanpengli@tencent.com,
jmattson@google.com, joro@8bytes.org, chang.seok.bae@intel.com,
kvm@vger.kernel.org, robert.hu@intel.com
Subject: Re: [RFC PATCH 07/12] kvm/vmx/nested: Support new IA32_VMX_PROCBASED_CTLS3 vmx feature control MSR
Date: Mon, 5 Apr 2021 15:44:47 +0000 [thread overview]
Message-ID: <YGswb1BM/58JiCZz@google.com> (raw)
In-Reply-To: <1611565580-47718-8-git-send-email-robert.hu@linux.intel.com>
On Mon, Jan 25, 2021, Robert Hoo wrote:
> diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
> index 89af692..9eb1c0b 100644
> --- a/arch/x86/kvm/vmx/nested.c
> +++ b/arch/x86/kvm/vmx/nested.c
> @@ -1285,6 +1285,13 @@ static int vmx_restore_vmx_basic(struct vcpu_vmx *vmx, u64 data)
> lowp = &vmx->nested.msrs.secondary_ctls_low;
> highp = &vmx->nested.msrs.secondary_ctls_high;
> break;
> + /*
> + * MSR_IA32_VMX_PROCBASED_CTLS3 is 64bit, all allow-1.
> + * No need to check. Just return.
Uh, yes need to check. Unsupported bits need to be '0'.
> + */
> + case MSR_IA32_VMX_PROCBASED_CTLS3:
> + vmx->nested.msrs.tertiary_ctls = data;
> + return 0;
> default:
> BUG();
> }
> @@ -1421,6 +1428,7 @@ int vmx_set_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 data)
> case MSR_IA32_VMX_TRUE_EXIT_CTLS:
> case MSR_IA32_VMX_TRUE_ENTRY_CTLS:
> case MSR_IA32_VMX_PROCBASED_CTLS2:
> + case MSR_IA32_VMX_PROCBASED_CTLS3:
> return vmx_restore_control_msr(vmx, msr_index, data);
> case MSR_IA32_VMX_MISC:
> return vmx_restore_vmx_misc(vmx, data);
> @@ -1516,6 +1524,9 @@ int vmx_get_vmx_msr(struct nested_vmx_msrs *msrs, u32 msr_index, u64 *pdata)
> msrs->secondary_ctls_low,
> msrs->secondary_ctls_high);
> break;
> + case MSR_IA32_VMX_PROCBASED_CTLS3:
> + *pdata = msrs->tertiary_ctls;
> + break;
> case MSR_IA32_VMX_EPT_VPID_CAP:
> *pdata = msrs->ept_caps |
> ((u64)msrs->vpid_caps << 32);
> @@ -6375,7 +6386,8 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, u32 ept_caps)
> CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_TRAP_FLAG |
> CPU_BASED_MONITOR_EXITING | CPU_BASED_RDPMC_EXITING |
> CPU_BASED_RDTSC_EXITING | CPU_BASED_PAUSE_EXITING |
> - CPU_BASED_TPR_SHADOW | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
> + CPU_BASED_TPR_SHADOW | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS |
> + CPU_BASED_ACTIVATE_TERTIARY_CONTROLS;
> /*
> * We can allow some features even when not supported by the
> * hardware. For example, L1 can specify an MSR bitmap - and we
> @@ -6413,6 +6425,10 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, u32 ept_caps)
> SECONDARY_EXEC_RDSEED_EXITING |
> SECONDARY_EXEC_XSAVES;
>
> + if (msrs->procbased_ctls_high & CPU_BASED_ACTIVATE_TERTIARY_CONTROLS)
> + rdmsrl(MSR_IA32_VMX_PROCBASED_CTLS3,
> + msrs->tertiary_ctls);
No need to split that into two lines.
> + msrs->tertiary_ctls &= ~TERTIARY_EXEC_LOADIWKEY_EXITING;
That's wrong, it should simply be "msrs->tertiary_ctls &= 0" until LOADIWKEY is
supported.
> /*
> * We can emulate "VMCS shadowing," even if the hardware
> * doesn't support it.
next prev parent reply other threads:[~2021-04-05 15:44 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-25 9:06 [RFC PATCH 00/12] KVM: Support Intel KeyLocker Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 01/12] x86/keylocker: Move LOADIWKEY opcode definition from keylocker.c to keylocker.h Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 02/12] x86/cpufeature: Add CPUID.19H:{EBX,ECX} cpuid leaves Robert Hoo
2021-04-05 15:32 ` Sean Christopherson
2021-04-06 3:34 ` Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 03/12] kvm/vmx: Introduce the new tertiary processor-based VM-execution controls Robert Hoo
2021-01-25 9:41 ` Vitaly Kuznetsov
2021-01-26 9:27 ` Robert Hoo
2021-02-03 6:32 ` Robert Hoo
2021-02-03 8:45 ` Vitaly Kuznetsov
2021-04-05 15:38 ` Sean Christopherson
2021-04-06 3:37 ` Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 04/12] kvm/vmx: enable LOADIWKEY vm-exit support in " Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 05/12] kvm/vmx: Add KVM support on KeyLocker operations Robert Hoo
2021-04-05 16:25 ` Sean Christopherson
2021-04-08 5:44 ` Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 06/12] kvm/cpuid: Enumerate KeyLocker feature in KVM Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 07/12] kvm/vmx/nested: Support new IA32_VMX_PROCBASED_CTLS3 vmx feature control MSR Robert Hoo
2021-04-05 15:44 ` Sean Christopherson [this message]
2021-04-08 5:45 ` Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 08/12] kvm/vmx: Refactor vmx_compute_tertiary_exec_control() Robert Hoo
2021-04-05 15:46 ` Sean Christopherson
2021-04-08 5:45 ` Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 09/12] kvm/vmx/vmcs12: Add Tertiary Exec-Control field in vmcs12 Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 10/12] kvm/vmx/nested: Support tertiary VM-Exec control in vmcs02 Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 11/12] kvm/vmx/nested: Support CR4.KL in nested Robert Hoo
2021-01-25 9:06 ` [RFC PATCH 12/12] kvm/vmx/nested: Enable nested LOADIWKey VM-exit Robert Hoo
2021-04-05 16:03 ` [RFC PATCH 00/12] KVM: Support Intel KeyLocker Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YGswb1BM/58JiCZz@google.com \
--to=seanjc@google.com \
--cc=chang.seok.bae@intel.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=robert.hu@intel.com \
--cc=robert.hu@linux.intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.