From: Vitaly Kuznetsov <vkuznets@redhat.com>
To: kvm@vger.kernel.org
Cc: "Stephen Hemminger" <sthemmin@microsoft.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Haiyang Zhang" <haiyangz@microsoft.com>,
x86@kernel.org, linux-kernel@vger.kernel.org,
"Michael Kelley (EOSG)" <Michael.H.Kelley@microsoft.com>,
"Bandan Das" <bsd@redhat.com>,
"Roman Kagan" <rkagan@virtuozzo.com>,
devel@linuxdriverproject.org,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Mohammed Gamal" <mmorsy@redhat.com>
Subject: [PATCH RFC 5/7] KVM: nVMX: add KVM_CAP_HYPERV_ENLIGHTENED_VMCS capability
Date: Mon, 18 Dec 2017 18:17:40 +0100 [thread overview]
Message-ID: <20171218171742.5765-6-vkuznets@redhat.com> (raw)
In-Reply-To: <20171218171742.5765-1-vkuznets@redhat.com>
From: Ladi Prosek <lprosek@redhat.com>
Enlightened VMCS is opt-in. The current version does not contain all
fields supported by nested VMX so we must not advertise the
corresponding VMX features if enlightened VMCS is enabled.
Userspace is given the enlightened VMCS version supported by KVM as
part of enabling KVM_CAP_HYPERV_ENLIGHTENED_VMCS. The version is to
be advertised to the nested hypervisor, currently done via a cpuid
leaf for Hyper-V.
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
arch/x86/include/asm/kvm_host.h | 3 +++
arch/x86/kvm/svm.c | 9 ++++++++
arch/x86/kvm/vmx.c | 51 +++++++++++++++++++++++++++++++++++++++++
arch/x86/kvm/x86.c | 15 ++++++++++++
include/uapi/linux/kvm.h | 1 +
5 files changed, 79 insertions(+)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 516798431328..79c188ae7837 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1079,6 +1079,9 @@ struct kvm_x86_ops {
int (*pre_enter_smm)(struct kvm_vcpu *vcpu, char *smstate);
int (*pre_leave_smm)(struct kvm_vcpu *vcpu, u64 smbase);
int (*enable_smi_window)(struct kvm_vcpu *vcpu);
+
+ int (*enable_enlightened_vmcs)(struct kvm_vcpu *vcpu,
+ uint16_t *vmcs_version);
};
struct kvm_arch_async_pf {
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index eb714f1cdf7e..6dc28d53bb89 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -5505,6 +5505,13 @@ static int enable_smi_window(struct kvm_vcpu *vcpu)
return 0;
}
+static int enable_enlightened_vmcs(struct kvm_vcpu *vcpu,
+ uint16_t *vmcs_version)
+{
+ /* Intel-only feature */
+ return -ENODEV;
+}
+
static struct kvm_x86_ops svm_x86_ops __ro_after_init = {
.cpu_has_kvm_support = has_svm,
.disabled_by_bios = is_disabled,
@@ -5620,6 +5627,8 @@ static struct kvm_x86_ops svm_x86_ops __ro_after_init = {
.pre_enter_smm = svm_pre_enter_smm,
.pre_leave_smm = svm_pre_leave_smm,
.enable_smi_window = enable_smi_window,
+
+ .enable_enlightened_vmcs = enable_enlightened_vmcs,
};
static int __init svm_init(void)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index f3215b6a0531..320bb6670413 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -464,6 +464,8 @@ struct __packed vmcs12 {
*/
#define VMCS12_SIZE 0x1000
+#define ENLIGHTENED_VMCS_VERSION (1 | (1u << 8))
+
/* Used to remember the last vmcs02 used for some recently used vmcs12s */
struct vmcs02_list {
struct list_head list;
@@ -495,6 +497,13 @@ struct nested_vmx {
*/
bool sync_shadow_vmcs;
+ /*
+ * Enlightened VMCS has been enabled. It does not mean that L1 has to
+ * use it. However, VMX features available to L1 will be limited based
+ * on what the enlightened VMCS supports.
+ */
+ bool enlightened_vmcs_enabled;
+
/* vmcs02_list cache of VMCSs recently used to run L2 guests */
struct list_head vmcs02_pool;
int vmcs02_num;
@@ -12129,6 +12138,46 @@ static int enable_smi_window(struct kvm_vcpu *vcpu)
return 0;
}
+static int enable_enlightened_vmcs(struct kvm_vcpu *vcpu,
+ uint16_t *vmcs_version)
+{
+ struct vcpu_vmx *vmx = to_vmx(vcpu);
+
+ /* We don't support disabling the feature for simplicity. */
+ if (vmx->nested.enlightened_vmcs_enabled)
+ return 0;
+ vmx->nested.enlightened_vmcs_enabled = true;
+ *vmcs_version = ENLIGHTENED_VMCS_VERSION;
+
+ /*
+ * Enlightened VMCS doesn't have the POSTED_INTR_DESC_ADDR,
+ * POSTED_INTR_NV, VMX_PREEMPTION_TIMER_VALUE,
+ * GUEST_IA32_PERF_GLOBAL_CTRL, and HOST_IA32_PERF_GLOBAL_CTRL
+ * fields.
+ */
+ vmx->nested.nested_vmx_pinbased_ctls_high &=
+ ~(PIN_BASED_POSTED_INTR |
+ PIN_BASED_VMX_PREEMPTION_TIMER);
+ vmx->nested.nested_vmx_entry_ctls_high &=
+ ~VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL;
+ vmx->nested.nested_vmx_exit_ctls_high &=
+ ~VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL;
+
+ /*
+ * Enlightened VMCS doesn't have the APIC_ACCESS_ADDR,
+ * EOI_EXIT_BITMAP*, GUEST_INTR_STATUS, VM_FUNCTION_CONTROL,
+ * EPTP_LIST_ADDRESS, PML_ADDRESS, and GUEST_PML_INDEX fields.
+ */
+ vmx->nested.nested_vmx_secondary_ctls_high &=
+ ~(SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
+ SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
+ SECONDARY_EXEC_ENABLE_VMFUNC |
+ SECONDARY_EXEC_ENABLE_PML);
+ vmx->nested.nested_vmx_vmfunc_controls &=
+ ~VMX_VMFUNC_EPTP_SWITCHING;
+ return 0;
+}
+
static struct kvm_x86_ops vmx_x86_ops __ro_after_init = {
.cpu_has_kvm_support = cpu_has_kvm_support,
.disabled_by_bios = vmx_disabled_by_bios,
@@ -12259,6 +12308,8 @@ static struct kvm_x86_ops vmx_x86_ops __ro_after_init = {
.pre_enter_smm = vmx_pre_enter_smm,
.pre_leave_smm = vmx_pre_leave_smm,
.enable_smi_window = enable_smi_window,
+
+ .enable_enlightened_vmcs = enable_enlightened_vmcs,
};
static int __init vmx_init(void)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 08eff1cd64bd..9ab0988317d6 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -2701,6 +2701,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
case KVM_CAP_HYPERV_SYNIC:
case KVM_CAP_HYPERV_SYNIC2:
case KVM_CAP_HYPERV_VP_INDEX:
+ case KVM_CAP_HYPERV_ENLIGHTENED_VMCS:
case KVM_CAP_PCI_SEGMENT:
case KVM_CAP_DEBUGREGS:
case KVM_CAP_X86_ROBUST_SINGLESTEP:
@@ -3442,6 +3443,10 @@ static int kvm_set_guest_paused(struct kvm_vcpu *vcpu)
static int kvm_vcpu_ioctl_enable_cap(struct kvm_vcpu *vcpu,
struct kvm_enable_cap *cap)
{
+ int r;
+ uint16_t vmcs_version;
+ void __user *user_ptr;
+
if (cap->flags)
return -EINVAL;
@@ -3454,6 +3459,16 @@ static int kvm_vcpu_ioctl_enable_cap(struct kvm_vcpu *vcpu,
return -EINVAL;
return kvm_hv_activate_synic(vcpu, cap->cap ==
KVM_CAP_HYPERV_SYNIC2);
+ case KVM_CAP_HYPERV_ENLIGHTENED_VMCS:
+ r = kvm_x86_ops->enable_enlightened_vmcs(vcpu, &vmcs_version);
+ if (!r) {
+ user_ptr = (void __user *)(uintptr_t)cap->args[0];
+ if (copy_to_user(user_ptr, &vmcs_version,
+ sizeof(vmcs_version)))
+ r = -EFAULT;
+ }
+ return r;
+
default:
return -EINVAL;
}
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index 496e59a2738b..728dfa2f5638 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -932,6 +932,7 @@ struct kvm_ppc_resize_hpt {
#define KVM_CAP_HYPERV_SYNIC2 148
#define KVM_CAP_HYPERV_VP_INDEX 149
#define KVM_CAP_S390_AIS_MIGRATION 150
+#define KVM_CAP_HYPERV_ENLIGHTENED_VMCS 151
#ifdef KVM_CAP_IRQ_ROUTING
--
2.14.3
next prev parent reply other threads:[~2017-12-18 17:17 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-18 17:17 [PATCH RFC 0/7] KVM: nVMX: enlightened VMCS initial implementation Vitaly Kuznetsov
2017-12-18 17:17 ` [PATCH RFC 1/7] KVM: x86: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE Vitaly Kuznetsov
2017-12-18 17:17 ` [PATCH RFC 2/7] KVM: nVMX: modify vmcs12 fields to match Hyper-V enlightened VMCS Vitaly Kuznetsov
2017-12-18 20:23 ` Jim Mattson
2017-12-18 21:28 ` Jim Mattson
2017-12-19 12:25 ` Vitaly Kuznetsov
2017-12-19 12:37 ` Paolo Bonzini
2017-12-19 17:40 ` Jim Mattson
2017-12-19 21:19 ` Paolo Bonzini
2017-12-21 13:02 ` Vitaly Kuznetsov
2017-12-19 17:44 ` Jim Mattson
2017-12-18 17:17 ` [PATCH RFC 3/7] KVM: nVMX: add I/O exit ECX, ESI, EDI, EIP vmcs12 fields Vitaly Kuznetsov
2017-12-18 17:17 ` [PATCH RFC 4/7] KVM: hyperv: define VP assist page structure and add helpers Vitaly Kuznetsov
2017-12-18 17:17 ` Vitaly Kuznetsov [this message]
2017-12-18 17:17 ` [PATCH RFC 6/7] KVM: nVMX: add enlightened VMCS state Vitaly Kuznetsov
2017-12-18 17:17 ` [PATCH RFC 7/7] KVM: nVMX: implement enlightened VMPTRLD Vitaly Kuznetsov
2017-12-19 12:41 ` [PATCH RFC 0/7] KVM: nVMX: enlightened VMCS initial implementation Paolo Bonzini
2017-12-19 13:21 ` Vitaly Kuznetsov
2017-12-21 12:50 ` Vitaly Kuznetsov
2017-12-21 14:32 ` Paolo Bonzini
2017-12-21 15:08 ` Vitaly Kuznetsov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171218171742.5765-6-vkuznets@redhat.com \
--to=vkuznets@redhat.com \
--cc=Michael.H.Kelley@microsoft.com \
--cc=bsd@redhat.com \
--cc=devel@linuxdriverproject.org \
--cc=haiyangz@microsoft.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mmorsy@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkagan@virtuozzo.com \
--cc=rkrcmar@redhat.com \
--cc=sthemmin@microsoft.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox