From: Jon Kohler <jon@nutanix.com>
To: seanjc@google.com, pbonzini@redhat.com, kvm@vger.kernel.org
Cc: Jon Kohler <jon@nutanix.com>
Subject: [kvm-unit-tests PATCH 12/17] x86/vmx: switch to new vmx.h secondary execution controls
Date: Tue, 16 Sep 2025 10:22:41 -0700 [thread overview]
Message-ID: <20250916172247.610021-13-jon@nutanix.com> (raw)
In-Reply-To: <20250916172247.610021-1-jon@nutanix.com>
Migrate to new vmx.h's secondary execution controls, which makes it
easier to grok from one code base to another.
No functional change intended.
Signed-off-by: Jon Kohler <jon@nutanix.com>
---
x86/vmx.c | 6 +-
x86/vmx.h | 20 +----
x86/vmx_tests.c | 220 ++++++++++++++++++++++++++++--------------------
3 files changed, 136 insertions(+), 110 deletions(-)
diff --git a/x86/vmx.c b/x86/vmx.c
index f3368a4a..dc52efa7 100644
--- a/x86/vmx.c
+++ b/x86/vmx.c
@@ -1300,7 +1300,8 @@ static void init_vmx_caps(void)
ctrl_cpu_rev[1].val = rdmsr(MSR_IA32_VMX_PROCBASED_CTLS2);
else
ctrl_cpu_rev[1].val = 0;
- if ((ctrl_cpu_rev[1].clr & (CPU_EPT | CPU_VPID)) != 0)
+ if ((ctrl_cpu_rev[1].clr &
+ (SECONDARY_EXEC_ENABLE_EPT | SECONDARY_EXEC_ENABLE_VPID)) != 0)
ept_vpid.val = rdmsr(MSR_IA32_VMX_EPT_VPID_CAP);
else
ept_vpid.val = 0;
@@ -1607,7 +1608,8 @@ static void test_vmx_caps(void)
"MSR_IA32_VMX_BASIC");
val = rdmsr(MSR_IA32_VMX_MISC);
- report((!(ctrl_cpu_rev[1].clr & CPU_URG) || val & (1ul << 5)) &&
+ report((!(ctrl_cpu_rev[1].clr &
+ SECONDARY_EXEC_UNRESTRICTED_GUEST) || val & (1ul << 5)) &&
((val >> 16) & 0x1ff) <= 256 &&
(val & 0x80007e00) == 0,
"MSR_IA32_VMX_MISC");
diff --git a/x86/vmx.h b/x86/vmx.h
index 16332247..36e784a7 100644
--- a/x86/vmx.h
+++ b/x86/vmx.h
@@ -435,24 +435,6 @@ enum Ctrl_pin {
PIN_POST_INTR = 1ul << 7,
};
-enum Ctrl1 {
- CPU_VIRT_APIC_ACCESSES = 1ul << 0,
- CPU_EPT = 1ul << 1,
- CPU_DESC_TABLE = 1ul << 2,
- CPU_RDTSCP = 1ul << 3,
- CPU_VIRT_X2APIC = 1ul << 4,
- CPU_VPID = 1ul << 5,
- CPU_WBINVD = 1ul << 6,
- CPU_URG = 1ul << 7,
- CPU_APIC_REG_VIRT = 1ul << 8,
- CPU_VINTD = 1ul << 9,
- CPU_RDRAND = 1ul << 11,
- CPU_SHADOW_VMCS = 1ul << 14,
- CPU_RDSEED = 1ul << 16,
- CPU_PML = 1ul << 17,
- CPU_USE_TSC_SCALING = 1ul << 25,
-};
-
enum Intr_type {
VMX_INTR_TYPE_EXT_INTR = 0,
VMX_INTR_TYPE_NMI_INTR = 2,
@@ -686,7 +668,7 @@ static inline bool is_invept_type_supported(u64 type)
static inline bool is_vpid_supported(void)
{
return (ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
- (ctrl_cpu_rev[1].clr & CPU_VPID);
+ (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_VPID);
}
static inline bool is_invvpid_supported(void)
diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c
index f092c22d..ba50f2ee 100644
--- a/x86/vmx_tests.c
+++ b/x86/vmx_tests.c
@@ -909,17 +909,27 @@ static struct insn_table insn_table[] = {
0, 0, 0, this_cpu_has_mwait},
{"PAUSE", CPU_BASED_PAUSE_EXITING, insn_pause, INSN_CPU0, 40, 0, 0, 0},
// Flags for Secondary Processor-Based VM-Execution Controls
- {"WBINVD", CPU_WBINVD, insn_wbinvd, INSN_CPU1, 54, 0, 0, 0},
- {"DESC_TABLE (SGDT)", CPU_DESC_TABLE, insn_sgdt, INSN_CPU1, 46, 0, 0, 0},
- {"DESC_TABLE (LGDT)", CPU_DESC_TABLE, insn_lgdt, INSN_CPU1, 46, 0, 0, 0},
- {"DESC_TABLE (SIDT)", CPU_DESC_TABLE, insn_sidt, INSN_CPU1, 46, 0, 0, 0},
- {"DESC_TABLE (LIDT)", CPU_DESC_TABLE, insn_lidt, INSN_CPU1, 46, 0, 0, 0},
- {"DESC_TABLE (SLDT)", CPU_DESC_TABLE, insn_sldt, INSN_CPU1, 47, 0, 0, 0},
- {"DESC_TABLE (LLDT)", CPU_DESC_TABLE, insn_lldt, INSN_CPU1, 47, 0, 0, 0},
- {"DESC_TABLE (STR)", CPU_DESC_TABLE, insn_str, INSN_CPU1, 47, 0, 0, 0},
+ {"WBINVD", SECONDARY_EXEC_WBINVD_EXITING, insn_wbinvd, INSN_CPU1, 54,
+ 0, 0, 0},
+ {"DESC_TABLE (SGDT)", SECONDARY_EXEC_DESC, insn_sgdt, INSN_CPU1, 46,
+ 0, 0, 0},
+ {"DESC_TABLE (LGDT)", SECONDARY_EXEC_DESC, insn_lgdt, INSN_CPU1, 46,
+ 0, 0, 0},
+ {"DESC_TABLE (SIDT)", SECONDARY_EXEC_DESC, insn_sidt, INSN_CPU1, 46,
+ 0, 0, 0},
+ {"DESC_TABLE (LIDT)", SECONDARY_EXEC_DESC, insn_lidt, INSN_CPU1, 46,
+ 0, 0, 0},
+ {"DESC_TABLE (SLDT)", SECONDARY_EXEC_DESC, insn_sldt, INSN_CPU1, 47,
+ 0, 0, 0},
+ {"DESC_TABLE (LLDT)", SECONDARY_EXEC_DESC, insn_lldt, INSN_CPU1, 47,
+ 0, 0, 0},
+ {"DESC_TABLE (STR)", SECONDARY_EXEC_DESC, insn_str, INSN_CPU1, 47,
+ 0, 0, 0},
/* LTR causes a #GP if done with a busy selector, so it is not tested. */
- {"RDRAND", CPU_RDRAND, insn_rdrand, INSN_CPU1, VMX_RDRAND, 0, 0, 0},
- {"RDSEED", CPU_RDSEED, insn_rdseed, INSN_CPU1, VMX_RDSEED, 0, 0, 0},
+ {"RDRAND", SECONDARY_EXEC_RDRAND_EXITING, insn_rdrand, INSN_CPU1,
+ VMX_RDRAND, 0, 0, 0},
+ {"RDSEED", SECONDARY_EXEC_RDSEED_EXITING, insn_rdseed, INSN_CPU1,
+ VMX_RDSEED, 0, 0, 0},
// Instructions always trap
{"CPUID", 0, insn_cpuid, INSN_ALWAYS_TRAP, 10, 0, 0, 0},
{"INVD", 0, insn_invd, INSN_ALWAYS_TRAP, 13, 0, 0, 0},
@@ -1052,7 +1062,7 @@ static int insn_intercept_exit_handler(union exit_reason exit_reason)
static int __setup_ept(u64 hpa, bool enable_ad)
{
if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) ||
- !(ctrl_cpu_rev[1].clr & CPU_EPT)) {
+ !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_EPT)) {
printf("\tEPT is not supported\n");
return 1;
}
@@ -1077,7 +1087,8 @@ static int __setup_ept(u64 hpa, bool enable_ad)
vmcs_write(EPTP, eptp);
vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
- vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1)| CPU_EPT);
+ vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) |
+ SECONDARY_EXEC_ENABLE_EPT);
return 0;
}
@@ -1131,8 +1142,8 @@ static void setup_dummy_ept(void)
static int enable_unrestricted_guest(bool need_valid_ept)
{
if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) ||
- !(ctrl_cpu_rev[1].clr & CPU_URG) ||
- !(ctrl_cpu_rev[1].clr & CPU_EPT))
+ !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_UNRESTRICTED_GUEST) ||
+ !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_EPT))
return 1;
if (need_valid_ept)
@@ -1142,7 +1153,8 @@ static int enable_unrestricted_guest(bool need_valid_ept)
vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
- vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | CPU_URG);
+ vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) |
+ SECONDARY_EXEC_UNRESTRICTED_GUEST);
return 0;
}
@@ -1550,7 +1562,7 @@ static int pml_init(struct vmcs *vmcs)
return r;
if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) ||
- !(ctrl_cpu_rev[1].clr & CPU_PML)) {
+ !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_PML)) {
printf("\tPML is not supported");
return VMX_TEST_EXIT;
}
@@ -1559,7 +1571,7 @@ static int pml_init(struct vmcs *vmcs)
vmcs_write(PMLADDR, (u64)pml_log);
vmcs_write(GUEST_PML_INDEX, PML_INDEX - 1);
- ctrl_cpu = vmcs_read(CPU_EXEC_CTRL1) | CPU_PML;
+ ctrl_cpu = vmcs_read(CPU_EXEC_CTRL1) | SECONDARY_EXEC_ENABLE_PML;
vmcs_write(CPU_EXEC_CTRL1, ctrl_cpu);
return VMX_TEST_START;
@@ -2104,7 +2116,7 @@ static int disable_rdtscp_init(struct vmcs *vmcs)
if (ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) {
ctrl_cpu1 = vmcs_read(CPU_EXEC_CTRL1);
- ctrl_cpu1 &= ~CPU_RDTSCP;
+ ctrl_cpu1 &= ~SECONDARY_EXEC_ENABLE_RDTSCP;
vmcs_write(CPU_EXEC_CTRL1, ctrl_cpu1);
}
@@ -3885,7 +3897,8 @@ static void test_apic_access_addr(void)
vmcs_write(APIC_ACCS_ADDR, virt_to_phys(apic_access_page));
- test_vmcs_addr_reference(CPU_VIRT_APIC_ACCESSES, APIC_ACCS_ADDR,
+ test_vmcs_addr_reference(SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES,
+ APIC_ACCS_ADDR,
"APIC-access address",
"virtualize APIC-accesses", PAGE_SIZE,
true, false);
@@ -3896,9 +3909,9 @@ static bool set_bit_pattern(u8 mask, u32 *secondary)
u8 i;
bool flag = false;
u32 test_bits[3] = {
- CPU_VIRT_X2APIC,
- CPU_APIC_REG_VIRT,
- CPU_VINTD
+ SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE,
+ SECONDARY_EXEC_APIC_REGISTER_VIRT,
+ SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY
};
for (i = 0; i < ARRAY_SIZE(test_bits); i++) {
@@ -3948,7 +3961,9 @@ static void test_apic_virtual_ctls(void)
while (1) {
for (j = 1; j < 8; j++) {
- secondary &= ~(CPU_VIRT_X2APIC | CPU_APIC_REG_VIRT | CPU_VINTD);
+ secondary &= ~(SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
+ SECONDARY_EXEC_APIC_REGISTER_VIRT |
+ SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY);
if (primary & CPU_BASED_TPR_SHADOW) {
is_ctrl_valid = true;
} else {
@@ -3959,8 +3974,12 @@ static void test_apic_virtual_ctls(void)
}
vmcs_write(CPU_EXEC_CTRL1, secondary);
- report_prefix_pushf("Use TPR shadow %s, virtualize x2APIC mode %s, APIC-register virtualization %s, virtual-interrupt delivery %s",
- str, (secondary & CPU_VIRT_X2APIC) ? "enabled" : "disabled", (secondary & CPU_APIC_REG_VIRT) ? "enabled" : "disabled", (secondary & CPU_VINTD) ? "enabled" : "disabled");
+ report_prefix_pushf(
+ "Use TPR shadow %s, virtualize x2APIC mode %s, APIC-register virtualization %s, virtual-interrupt delivery %s",
+ str,
+ (secondary & SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE) ? "enabled" : "disabled",
+ (secondary & SECONDARY_EXEC_APIC_REGISTER_VIRT) ? "enabled" : "disabled",
+ (secondary & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) ? "enabled" : "disabled");
if (is_ctrl_valid)
test_vmx_valid_controls();
else
@@ -3980,7 +3999,8 @@ static void test_apic_virtual_ctls(void)
/*
* Second test
*/
- u32 apic_virt_ctls = (CPU_VIRT_X2APIC | CPU_VIRT_APIC_ACCESSES);
+ u32 apic_virt_ctls = (SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
+ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
primary = saved_primary;
secondary = saved_secondary;
@@ -3989,23 +4009,27 @@ static void test_apic_virtual_ctls(void)
vmcs_write(CPU_EXEC_CTRL0,
primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
- secondary &= ~CPU_VIRT_APIC_ACCESSES;
- vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VIRT_X2APIC);
+ secondary &= ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
+ vmcs_write(CPU_EXEC_CTRL1,
+ secondary & ~SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE);
report_prefix_pushf("Virtualize x2APIC mode disabled; virtualize APIC access disabled");
test_vmx_valid_controls();
report_prefix_pop();
- vmcs_write(CPU_EXEC_CTRL1, secondary | CPU_VIRT_APIC_ACCESSES);
+ vmcs_write(CPU_EXEC_CTRL1,
+ secondary | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
report_prefix_pushf("Virtualize x2APIC mode disabled; virtualize APIC access enabled");
test_vmx_valid_controls();
report_prefix_pop();
- vmcs_write(CPU_EXEC_CTRL1, secondary | CPU_VIRT_X2APIC);
+ vmcs_write(CPU_EXEC_CTRL1,
+ secondary | SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE);
report_prefix_pushf("Virtualize x2APIC mode enabled; virtualize APIC access enabled");
test_vmx_invalid_controls();
report_prefix_pop();
- vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VIRT_APIC_ACCESSES);
+ vmcs_write(CPU_EXEC_CTRL1,
+ secondary & ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
report_prefix_pushf("Virtualize x2APIC mode enabled; virtualize APIC access disabled");
test_vmx_valid_controls();
report_prefix_pop();
@@ -4028,20 +4052,22 @@ static void test_virtual_intr_ctls(void)
u32 secondary = saved_secondary;
u32 pin = saved_pin;
- if (!((ctrl_cpu_rev[1].clr & CPU_VINTD) &&
+ if (!((ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) &&
(ctrl_pin_rev.clr & PIN_EXTINT)))
return;
vmcs_write(CPU_EXEC_CTRL0,
primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS |
CPU_BASED_TPR_SHADOW);
- vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VINTD);
+ vmcs_write(CPU_EXEC_CTRL1,
+ secondary & ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY);
vmcs_write(PIN_CONTROLS, pin & ~PIN_EXTINT);
report_prefix_pushf("Virtualize interrupt-delivery disabled; external-interrupt exiting disabled");
test_vmx_valid_controls();
report_prefix_pop();
- vmcs_write(CPU_EXEC_CTRL1, secondary | CPU_VINTD);
+ vmcs_write(CPU_EXEC_CTRL1,
+ secondary | SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY);
report_prefix_pushf("Virtualize interrupt-delivery enabled; external-interrupt exiting disabled");
test_vmx_invalid_controls();
report_prefix_pop();
@@ -4099,7 +4125,7 @@ static void test_posted_intr(void)
int i;
if (!((ctrl_pin_rev.clr & PIN_POST_INTR) &&
- (ctrl_cpu_rev[1].clr & CPU_VINTD) &&
+ (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) &&
(ctrl_exit_rev.clr & EXI_INTA)))
return;
@@ -4112,13 +4138,13 @@ static void test_posted_intr(void)
*/
pin |= PIN_POST_INTR;
vmcs_write(PIN_CONTROLS, pin);
- secondary &= ~CPU_VINTD;
+ secondary &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery disabled");
test_vmx_invalid_controls();
report_prefix_pop();
- secondary |= CPU_VINTD;
+ secondary |= SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled");
test_vmx_invalid_controls();
@@ -4136,13 +4162,13 @@ static void test_posted_intr(void)
test_vmx_valid_controls();
report_prefix_pop();
- secondary &= ~CPU_VINTD;
+ secondary &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery disabled; acknowledge-interrupt-on-exit enabled");
test_vmx_invalid_controls();
report_prefix_pop();
- secondary |= CPU_VINTD;
+ secondary |= SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled; acknowledge-interrupt-on-exit enabled");
test_vmx_valid_controls();
@@ -4223,13 +4249,15 @@ static void test_vpid(void)
vmcs_write(CPU_EXEC_CTRL0,
saved_primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
- vmcs_write(CPU_EXEC_CTRL1, saved_secondary & ~CPU_VPID);
+ vmcs_write(CPU_EXEC_CTRL1,
+ saved_secondary & ~SECONDARY_EXEC_ENABLE_VPID);
vmcs_write(VPID, vpid);
report_prefix_pushf("VPID disabled; VPID value %x", vpid);
test_vmx_valid_controls();
report_prefix_pop();
- vmcs_write(CPU_EXEC_CTRL1, saved_secondary | CPU_VPID);
+ vmcs_write(CPU_EXEC_CTRL1,
+ saved_secondary | SECONDARY_EXEC_ENABLE_VPID);
report_prefix_pushf("VPID enabled; VPID value %x", vpid);
test_vmx_invalid_controls();
report_prefix_pop();
@@ -4259,7 +4287,8 @@ static void try_tpr_threshold_and_vtpr(unsigned threshold, unsigned vtpr)
if ((primary & CPU_BASED_TPR_SHADOW) &&
(!(primary & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) ||
- !(secondary & (CPU_VINTD | CPU_VIRT_APIC_ACCESSES))))
+ !(secondary & (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
+ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES))))
valid = (threshold & 0xf) <= ((vtpr >> 4) & 0xf);
set_vtpr(vtpr);
@@ -4352,7 +4381,7 @@ static void test_invalid_event_injection(void)
/* Assert that unrestricted guest is disabled or unsupported */
assert(!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) ||
- !(secondary_save & CPU_URG));
+ !(secondary_save & SECONDARY_EXEC_UNRESTRICTED_GUEST));
ent_intr_info = ent_intr_info_base | INTR_TYPE_HARD_EXCEPTION |
GP_VECTOR;
@@ -4593,7 +4622,7 @@ static void try_tpr_threshold(unsigned threshold)
if ((primary & CPU_BASED_TPR_SHADOW) &&
!((primary & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
- (secondary & CPU_VINTD)))
+ (secondary & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY)))
valid = !(threshold >> 4);
set_vtpr(-1);
@@ -4667,12 +4696,14 @@ static void test_tpr_threshold(void)
report_prefix_pop();
if (!((ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
- (ctrl_cpu_rev[1].clr & (CPU_VINTD | CPU_VIRT_APIC_ACCESSES))))
+ (ctrl_cpu_rev[1].clr & (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
+ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES))))
goto out;
u32 secondary = vmcs_read(CPU_EXEC_CTRL1);
- if (ctrl_cpu_rev[1].clr & CPU_VINTD) {
- vmcs_write(CPU_EXEC_CTRL1, CPU_VINTD);
+ if (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) {
+ vmcs_write(CPU_EXEC_CTRL1,
+ SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY);
report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses disabled");
test_tpr_threshold_values();
report_prefix_pop();
@@ -4685,11 +4716,12 @@ static void test_tpr_threshold(void)
report_prefix_pop();
}
- if (ctrl_cpu_rev[1].clr & CPU_VIRT_APIC_ACCESSES) {
+ if (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES) {
vmcs_write(CPU_EXEC_CTRL0,
vmcs_read(CPU_EXEC_CTRL0) &
~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
- vmcs_write(CPU_EXEC_CTRL1, CPU_VIRT_APIC_ACCESSES);
+ vmcs_write(CPU_EXEC_CTRL1,
+ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled");
test_tpr_threshold_values();
report_prefix_pop();
@@ -4703,13 +4735,14 @@ static void test_tpr_threshold(void)
}
if ((ctrl_cpu_rev[1].clr &
- (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)) ==
- (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)) {
+ (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) ==
+ (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) {
vmcs_write(CPU_EXEC_CTRL0,
vmcs_read(CPU_EXEC_CTRL0) &
~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
vmcs_write(CPU_EXEC_CTRL1,
- CPU_VINTD | CPU_VIRT_APIC_ACCESSES);
+ SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
+ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled");
test_tpr_threshold_values();
report_prefix_pop();
@@ -4961,29 +4994,30 @@ static void test_ept_eptp(void)
report_prefix_pop();
}
- secondary &= ~(CPU_EPT | CPU_URG);
+ secondary &= ~(SECONDARY_EXEC_ENABLE_EPT |
+ SECONDARY_EXEC_UNRESTRICTED_GUEST);
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("Enable-EPT disabled, unrestricted-guest disabled");
test_vmx_valid_controls();
report_prefix_pop();
- if (!(ctrl_cpu_rev[1].clr & CPU_URG))
+ if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_UNRESTRICTED_GUEST))
goto skip_unrestricted_guest;
- secondary |= CPU_URG;
+ secondary |= SECONDARY_EXEC_UNRESTRICTED_GUEST;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("Enable-EPT disabled, unrestricted-guest enabled");
test_vmx_invalid_controls();
report_prefix_pop();
- secondary |= CPU_EPT;
+ secondary |= SECONDARY_EXEC_ENABLE_EPT;
setup_dummy_ept();
report_prefix_pushf("Enable-EPT enabled, unrestricted-guest enabled");
test_vmx_valid_controls();
report_prefix_pop();
skip_unrestricted_guest:
- secondary &= ~CPU_URG;
+ secondary &= ~SECONDARY_EXEC_UNRESTRICTED_GUEST;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("Enable-EPT enabled, unrestricted-guest disabled");
test_vmx_valid_controls();
@@ -5013,38 +5047,40 @@ static void test_pml(void)
u32 secondary = secondary_saved;
if (!((ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) &&
- (ctrl_cpu_rev[1].clr & CPU_EPT) && (ctrl_cpu_rev[1].clr & CPU_PML))) {
+ (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_EPT) &&
+ (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_PML))) {
report_skip("%s : \"Secondary execution\" or \"enable EPT\" or \"enable PML\" control not supported", __func__);
return;
}
primary |= CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
vmcs_write(CPU_EXEC_CTRL0, primary);
- secondary &= ~(CPU_PML | CPU_EPT);
+ secondary &= ~(SECONDARY_EXEC_ENABLE_PML | SECONDARY_EXEC_ENABLE_EPT);
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("enable-PML disabled, enable-EPT disabled");
test_vmx_valid_controls();
report_prefix_pop();
- secondary |= CPU_PML;
+ secondary |= SECONDARY_EXEC_ENABLE_PML;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("enable-PML enabled, enable-EPT disabled");
test_vmx_invalid_controls();
report_prefix_pop();
- secondary |= CPU_EPT;
+ secondary |= SECONDARY_EXEC_ENABLE_EPT;
setup_dummy_ept();
report_prefix_pushf("enable-PML enabled, enable-EPT enabled");
test_vmx_valid_controls();
report_prefix_pop();
- secondary &= ~CPU_PML;
+ secondary &= ~SECONDARY_EXEC_ENABLE_PML;
vmcs_write(CPU_EXEC_CTRL1, secondary);
report_prefix_pushf("enable-PML disabled, enable EPT enabled");
test_vmx_valid_controls();
report_prefix_pop();
- test_vmcs_addr_reference(CPU_PML, PMLADDR, "PML address", "PML",
+ test_vmcs_addr_reference(SECONDARY_EXEC_ENABLE_PML,
+ PMLADDR, "PML address", "PML",
PAGE_SIZE, false, false);
vmcs_write(CPU_EXEC_CTRL0, primary_saved);
@@ -5297,13 +5333,14 @@ static void vmx_mtf_pdpte_test(void)
return;
}
- if (!(ctrl_cpu_rev[1].clr & CPU_URG)) {
+ if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_UNRESTRICTED_GUEST)) {
report_skip("%s : \"Unrestricted guest\" exec control not supported", __func__);
return;
}
vmcs_write(EXC_BITMAP, ~0);
- vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | CPU_URG);
+ vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) |
+ SECONDARY_EXEC_UNRESTRICTED_GUEST);
/*
* Copy the guest code to an identity-mapped page.
@@ -6205,13 +6242,13 @@ static enum Config_type configure_apic_reg_virt_test(
}
if (apic_reg_virt_config->virtualize_apic_accesses) {
- if (!(ctrl_cpu_rev[1].clr & CPU_VIRT_APIC_ACCESSES)) {
+ if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) {
printf("VM-execution control \"virtualize APIC accesses\" NOT supported.\n");
return CONFIG_TYPE_UNSUPPORTED;
}
- cpu_exec_ctrl1 |= CPU_VIRT_APIC_ACCESSES;
+ cpu_exec_ctrl1 |= SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
} else {
- cpu_exec_ctrl1 &= ~CPU_VIRT_APIC_ACCESSES;
+ cpu_exec_ctrl1 &= ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
}
if (apic_reg_virt_config->use_tpr_shadow) {
@@ -6225,23 +6262,23 @@ static enum Config_type configure_apic_reg_virt_test(
}
if (apic_reg_virt_config->apic_register_virtualization) {
- if (!(ctrl_cpu_rev[1].clr & CPU_APIC_REG_VIRT)) {
+ if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_APIC_REGISTER_VIRT)) {
printf("VM-execution control \"APIC-register virtualization\" NOT supported.\n");
return CONFIG_TYPE_UNSUPPORTED;
}
- cpu_exec_ctrl1 |= CPU_APIC_REG_VIRT;
+ cpu_exec_ctrl1 |= SECONDARY_EXEC_APIC_REGISTER_VIRT;
} else {
- cpu_exec_ctrl1 &= ~CPU_APIC_REG_VIRT;
+ cpu_exec_ctrl1 &= ~SECONDARY_EXEC_APIC_REGISTER_VIRT;
}
if (apic_reg_virt_config->virtualize_x2apic_mode) {
- if (!(ctrl_cpu_rev[1].clr & CPU_VIRT_X2APIC)) {
+ if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE)) {
printf("VM-execution control \"virtualize x2APIC mode\" NOT supported.\n");
return CONFIG_TYPE_UNSUPPORTED;
}
- cpu_exec_ctrl1 |= CPU_VIRT_X2APIC;
+ cpu_exec_ctrl1 |= SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE;
} else {
- cpu_exec_ctrl1 &= ~CPU_VIRT_X2APIC;
+ cpu_exec_ctrl1 &= ~SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE;
}
vmcs_write(CPU_EXEC_CTRL0, cpu_exec_ctrl0);
@@ -6255,8 +6292,8 @@ static enum Config_type configure_apic_reg_virt_test(
static bool cpu_has_apicv(void)
{
- return ((ctrl_cpu_rev[1].clr & CPU_APIC_REG_VIRT) &&
- (ctrl_cpu_rev[1].clr & CPU_VINTD) &&
+ return ((ctrl_cpu_rev[1].clr & SECONDARY_EXEC_APIC_REGISTER_VIRT) &&
+ (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) &&
(ctrl_pin_rev.clr & PIN_POST_INTR));
}
@@ -6277,7 +6314,7 @@ static void apic_reg_virt_test(void)
}
control = cpu_exec_ctrl1;
- control &= ~CPU_VINTD;
+ control &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
vmcs_write(CPU_EXEC_CTRL1, control);
test_set_guest(apic_reg_virt_guest);
@@ -7004,13 +7041,13 @@ static enum Config_type configure_virt_x2apic_mode_test(
}
if (virt_x2apic_mode_config->virtual_interrupt_delivery) {
- if (!(ctrl_cpu_rev[1].clr & CPU_VINTD)) {
+ if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY)) {
report_skip("%s : \"virtual-interrupt delivery\" exec control not supported", __func__);
return CONFIG_TYPE_UNSUPPORTED;
}
- cpu_exec_ctrl1 |= CPU_VINTD;
+ cpu_exec_ctrl1 |= SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
} else {
- cpu_exec_ctrl1 &= ~CPU_VINTD;
+ cpu_exec_ctrl1 &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
}
vmcs_write(CPU_EXEC_CTRL0, cpu_exec_ctrl0);
@@ -8089,7 +8126,7 @@ static void test_guest_segment_sel_fields(void)
cpu_ctrl1_saved = vmcs_read(CPU_EXEC_CTRL1);
ar_saved = vmcs_read(GUEST_AR_SS);
/* Turn off "unrestricted guest" vm-execution control */
- vmcs_write(CPU_EXEC_CTRL1, cpu_ctrl1_saved & ~CPU_URG);
+ vmcs_write(CPU_EXEC_CTRL1, cpu_ctrl1_saved & ~SECONDARY_EXEC_UNRESTRICTED_GUEST);
cs_rpl_bits = vmcs_read(GUEST_SEL_CS) & 0x3;
sel_saved = vmcs_read(GUEST_SEL_SS);
TEST_INVALID_SEG_SEL(GUEST_SEL_SS, ((sel_saved & ~0x3) | (~cs_rpl_bits & 0x3)));
@@ -8302,13 +8339,17 @@ static void vmentry_unrestricted_guest_test(void)
test_set_guest(unrestricted_guest_main);
setup_unrestricted_guest();
- test_guest_state("Unrestricted guest test", false, CPU_URG, "CPU_URG");
+ test_guest_state("Unrestricted guest test", false,
+ SECONDARY_EXEC_UNRESTRICTED_GUEST,
+ "SECONDARY_EXEC_UNRESTRICTED_GUEST");
/*
* Let the guest finish execution as a regular guest
*/
unsetup_unrestricted_guest();
- vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) & ~CPU_URG);
+ vmcs_write(CPU_EXEC_CTRL1,
+ vmcs_read(CPU_EXEC_CTRL1) &
+ ~SECONDARY_EXEC_UNRESTRICTED_GUEST);
enter_guest();
}
@@ -9538,7 +9579,8 @@ static void enable_vid(void)
vmcs_set_bits(CPU_EXEC_CTRL0,
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW);
- vmcs_set_bits(CPU_EXEC_CTRL1, CPU_VINTD | CPU_VIRT_X2APIC);
+ vmcs_set_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
+ SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE);
}
#define PI_VECTOR 255
@@ -10395,7 +10437,7 @@ static void vmx_vmcs_shadow_test(void)
return;
}
- if (!(ctrl_cpu_rev[1].clr & CPU_SHADOW_VMCS)) {
+ if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_SHADOW_VMCS)) {
report_skip("%s : \"VMCS shadowing\" not supported", __func__);
return;
}
@@ -10421,7 +10463,7 @@ static void vmx_vmcs_shadow_test(void)
vmcs_clear_bits(CPU_EXEC_CTRL0, CPU_BASED_RDTSC_EXITING);
vmcs_set_bits(CPU_EXEC_CTRL0, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
- vmcs_set_bits(CPU_EXEC_CTRL1, CPU_SHADOW_VMCS);
+ vmcs_set_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_SHADOW_VMCS);
vmcs_write(VMCS_LINK_PTR, virt_to_phys(shadow));
report_prefix_push("valid link pointer");
@@ -10475,7 +10517,7 @@ static void rdtsc_vmexit_diff_test_guest(void)
static unsigned long long host_time_to_guest_time(unsigned long long t)
{
TEST_ASSERT(!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) ||
- !(vmcs_read(CPU_EXEC_CTRL1) & CPU_USE_TSC_SCALING));
+ !(vmcs_read(CPU_EXEC_CTRL1) & SECONDARY_EXEC_TSC_SCALING));
if (vmcs_read(CPU_EXEC_CTRL0) & CPU_BASED_USE_TSC_OFFSETTING)
t += vmcs_read(TSC_OFFSET);
@@ -10783,7 +10825,7 @@ static void invalidate_tlb_no_vpid(void *data)
static void vmx_pf_no_vpid_test(void)
{
if (is_vpid_supported())
- vmcs_clear_bits(CPU_EXEC_CTRL1, CPU_VPID);
+ vmcs_clear_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_ENABLE_VPID);
__vmx_pf_exception_test(invalidate_tlb_no_vpid, NULL,
vmx_pf_exception_test_guest);
@@ -10820,7 +10862,7 @@ static void __vmx_pf_vpid_test(invalidate_tlb_t inv_fn, u16 vpid)
test_skip("INVVPID unsupported");
vmcs_set_bits(CPU_EXEC_CTRL0, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS);
- vmcs_set_bits(CPU_EXEC_CTRL1, CPU_VPID);
+ vmcs_set_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_ENABLE_VPID);
vmcs_write(VPID, vpid);
__vmx_pf_exception_test(inv_fn, &vpid, vmx_pf_exception_test_guest);
--
2.43.0
next prev parent reply other threads:[~2025-09-16 16:45 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-16 17:22 [kvm-unit-tests PATCH 00/17] x86/vmx: align with Linux kernel VMX definitions Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 01/17] lib: add linux vmx.h clone from 6.16 Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 02/17] lib: add linux trapnr.h " Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 03/17] lib: add vmxfeatures.h " Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 04/17] lib: define __aligned() in compiler.h Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 05/17] x86/vmx: basic integration for new vmx.h Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 06/17] x86/vmx: switch to new vmx.h EPT violation defs Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 07/17] x86/vmx: switch to new vmx.h EPT RWX defs Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 08/17] x86/vmx: switch to new vmx.h EPT access and dirty defs Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 09/17] x86/vmx: switch to new vmx.h EPT capability and memory type defs Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 10/17] x86/vmx: switch to new vmx.h primary processor-based VM-execution controls Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 11/17] x86/vmx: switch to new vmx.h secondary execution control bit Jon Kohler
2025-09-16 17:22 ` Jon Kohler [this message]
2025-09-16 17:22 ` [kvm-unit-tests PATCH 13/17] x86/vmx: switch to new vmx.h pin based VM-execution controls Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 14/17] x86/vmx: switch to new vmx.h exit controls Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 15/17] x86/vmx: switch to new vmx.h entry controls Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 16/17] x86/vmx: switch to new vmx.h interrupt defs Jon Kohler
2025-09-16 17:22 ` [kvm-unit-tests PATCH 17/17] x86/vmx: align exit reasons with Linux uapi Jon Kohler
2025-11-12 19:02 ` [kvm-unit-tests PATCH 00/17] x86/vmx: align with Linux kernel VMX definitions Sean Christopherson
2025-11-14 14:52 ` Jon Kohler
2025-11-17 17:41 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250916172247.610021-13-jon@nutanix.com \
--to=jon@nutanix.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox