From: Maxim Levitsky <mlevitsk@redhat.com>
To: kvm@vger.kernel.org
Cc: Tony Luck <tony.luck@intel.com>,
"Chang S. Bae" <chang.seok.bae@intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Wanpeng Li <wanpengli@tencent.com>,
Ingo Molnar <mingo@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Paolo Bonzini <pbonzini@redhat.com>,
linux-kernel@vger.kernel.org,
Rodrigo Vivi <rodrigo.vivi@intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
intel-gvt-dev@lists.freedesktop.org,
Joonas Lahtinen <joonas.lahtinen@linux.intel.com>,
Joerg Roedel <joro@8bytes.org>,
Sean Christopherson <seanjc@google.com>,
David Airlie <airlied@linux.ie>, Zhi Wang <zhi.a.wang@intel.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Jim Mattson <jmattson@google.com>,
x86@kernel.org, Daniel Vetter <daniel@ffwll.ch>,
Borislav Petkov <bp@alien8.de>,
Zhenyu Wang <zhenyuw@linux.intel.com>,
Kan Liang <kan.liang@linux.intel.com>,
Jani Nikula <jani.nikula@linux.intel.com>,
Maxim Levitsky <mlevitsk@redhat.com>
Subject: [PATCH RESEND 22/30] KVM: x86: nSVM: correctly virtualize LBR msrs when L2 is running
Date: Mon, 7 Feb 2022 17:54:39 +0200 [thread overview]
Message-ID: <20220207155447.840194-23-mlevitsk@redhat.com> (raw)
In-Reply-To: <20220207155447.840194-1-mlevitsk@redhat.com>
When L2 is running without LBR virtualization, we should ensure
that L1's LBR msrs continue to update as usual.
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
---
arch/x86/kvm/svm/nested.c | 11 +++++
arch/x86/kvm/svm/svm.c | 98 +++++++++++++++++++++++++++++++--------
arch/x86/kvm/svm/svm.h | 2 +
3 files changed, 92 insertions(+), 19 deletions(-)
diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index ac9159b0618c7..9f7bc7db08dd3 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -535,6 +535,9 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm *svm, struct vmcb *vmcb12
svm->vcpu.arch.dr6 = svm->nested.save.dr6 | DR6_ACTIVE_LOW;
vmcb_mark_dirty(svm->vmcb, VMCB_DR);
}
+
+ if (unlikely(svm->vmcb01.ptr->control.virt_ext & LBR_CTL_ENABLE_MASK))
+ svm_copy_lbrs(svm->vmcb01.ptr, svm->vmcb);
}
static void nested_vmcb02_prepare_control(struct vcpu_svm *svm)
@@ -587,6 +590,9 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm)
svm->vmcb->control.event_inj = svm->nested.ctl.event_inj;
svm->vmcb->control.event_inj_err = svm->nested.ctl.event_inj_err;
+ svm->vmcb->control.virt_ext = svm->vmcb01.ptr->control.virt_ext &
+ LBR_CTL_ENABLE_MASK;
+
nested_svm_transition_tlb_flush(vcpu);
/* Enter Guest-Mode */
@@ -852,6 +858,11 @@ int nested_svm_vmexit(struct vcpu_svm *svm)
svm_switch_vmcb(svm, &svm->vmcb01);
+ if (unlikely(svm->vmcb->control.virt_ext & LBR_CTL_ENABLE_MASK)) {
+ svm_copy_lbrs(svm->nested.vmcb02.ptr, svm->vmcb);
+ svm_update_lbrv(vcpu);
+ }
+
/*
* On vmexit the GIF is set to false and
* no event can be injected in L1.
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index b88ca7f07a0fc..294e016f575a8 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -805,6 +805,17 @@ static void init_msrpm_offsets(void)
}
}
+void svm_copy_lbrs(struct vmcb *from_vmcb, struct vmcb *to_vmcb)
+{
+ to_vmcb->save.dbgctl = from_vmcb->save.dbgctl;
+ to_vmcb->save.br_from = from_vmcb->save.br_from;
+ to_vmcb->save.br_to = from_vmcb->save.br_to;
+ to_vmcb->save.last_excp_from = from_vmcb->save.last_excp_from;
+ to_vmcb->save.last_excp_to = from_vmcb->save.last_excp_to;
+
+ vmcb_mark_dirty(to_vmcb, VMCB_LBR);
+}
+
static void svm_enable_lbrv(struct kvm_vcpu *vcpu)
{
struct vcpu_svm *svm = to_svm(vcpu);
@@ -814,6 +825,10 @@ static void svm_enable_lbrv(struct kvm_vcpu *vcpu)
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 1, 1);
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTFROMIP, 1, 1);
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 1, 1);
+
+ /* Move the LBR msrs to the vmcb02 so that the guest can see them. */
+ if (is_guest_mode(vcpu))
+ svm_copy_lbrs(svm->vmcb01.ptr, svm->vmcb);
}
static void svm_disable_lbrv(struct kvm_vcpu *vcpu)
@@ -825,6 +840,63 @@ static void svm_disable_lbrv(struct kvm_vcpu *vcpu)
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 0, 0);
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTFROMIP, 0, 0);
set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 0, 0);
+
+ /*
+ * Move the LBR msrs back to the vmcb01 to avoid copying them
+ * on nested guest entries.
+ */
+ if (is_guest_mode(vcpu))
+ svm_copy_lbrs(svm->vmcb, svm->vmcb01.ptr);
+}
+
+static int svm_get_lbr_msr(struct vcpu_svm *svm, u32 index)
+{
+ /*
+ * If the LBR virtualization is disabled, the LBR msrs are always
+ * kept in the vmcb01 to avoid copying them on nested guest entries.
+ *
+ * If nested, and the LBR virtualization is enabled/disabled, the msrs
+ * are moved between the vmcb01 and vmcb02 as needed.
+ */
+ struct vmcb *vmcb =
+ (svm->vmcb->control.virt_ext & LBR_CTL_ENABLE_MASK) ?
+ svm->vmcb : svm->vmcb01.ptr;
+
+ switch (index) {
+ case MSR_IA32_DEBUGCTLMSR:
+ return vmcb->save.dbgctl;
+ case MSR_IA32_LASTBRANCHFROMIP:
+ return vmcb->save.br_from;
+ case MSR_IA32_LASTBRANCHTOIP:
+ return vmcb->save.br_to;
+ case MSR_IA32_LASTINTFROMIP:
+ return vmcb->save.last_excp_from;
+ case MSR_IA32_LASTINTTOIP:
+ return vmcb->save.last_excp_to;
+ default:
+ KVM_BUG(false, svm->vcpu.kvm,
+ "%s: Unknown MSR 0x%x", __func__, index);
+ return 0;
+ }
+}
+
+void svm_update_lbrv(struct kvm_vcpu *vcpu)
+{
+ struct vcpu_svm *svm = to_svm(vcpu);
+
+ bool enable_lbrv = svm_get_lbr_msr(svm, MSR_IA32_DEBUGCTLMSR) &
+ DEBUGCTLMSR_LBR;
+
+ bool current_enable_lbrv = !!(svm->vmcb->control.virt_ext &
+ LBR_CTL_ENABLE_MASK);
+
+ if (enable_lbrv == current_enable_lbrv)
+ return;
+
+ if (enable_lbrv)
+ svm_enable_lbrv(vcpu);
+ else
+ svm_disable_lbrv(vcpu);
}
void disable_nmi_singlestep(struct vcpu_svm *svm)
@@ -2591,25 +2663,12 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
case MSR_TSC_AUX:
msr_info->data = svm->tsc_aux;
break;
- /*
- * Nobody will change the following 5 values in the VMCB so we can
- * safely return them on rdmsr. They will always be 0 until LBRV is
- * implemented.
- */
case MSR_IA32_DEBUGCTLMSR:
- msr_info->data = svm->vmcb->save.dbgctl;
- break;
case MSR_IA32_LASTBRANCHFROMIP:
- msr_info->data = svm->vmcb->save.br_from;
- break;
case MSR_IA32_LASTBRANCHTOIP:
- msr_info->data = svm->vmcb->save.br_to;
- break;
case MSR_IA32_LASTINTFROMIP:
- msr_info->data = svm->vmcb->save.last_excp_from;
- break;
case MSR_IA32_LASTINTTOIP:
- msr_info->data = svm->vmcb->save.last_excp_to;
+ msr_info->data = svm_get_lbr_msr(svm, msr_info->index);
break;
case MSR_VM_HSAVE_PA:
msr_info->data = svm->nested.hsave_msr;
@@ -2840,12 +2899,13 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
if (data & DEBUGCTL_RESERVED_BITS)
return 1;
- svm->vmcb->save.dbgctl = data;
- vmcb_mark_dirty(svm->vmcb, VMCB_LBR);
- if (data & (1ULL<<0))
- svm_enable_lbrv(vcpu);
+ if (svm->vmcb->control.virt_ext & LBR_CTL_ENABLE_MASK)
+ svm->vmcb->save.dbgctl = data;
else
- svm_disable_lbrv(vcpu);
+ svm->vmcb01.ptr->save.dbgctl = data;
+
+ svm_update_lbrv(vcpu);
+
break;
case MSR_VM_HSAVE_PA:
/*
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index c02903641d13d..b83e06d5d942a 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -476,6 +476,8 @@ u32 svm_msrpm_offset(u32 msr);
u32 *svm_vcpu_alloc_msrpm(void);
void svm_vcpu_init_msrpm(struct kvm_vcpu *vcpu, u32 *msrpm);
void svm_vcpu_free_msrpm(u32 *msrpm);
+void svm_copy_lbrs(struct vmcb *from_vmcb, struct vmcb *to_vmcb);
+void svm_update_lbrv(struct kvm_vcpu *vcpu);
int svm_set_efer(struct kvm_vcpu *vcpu, u64 efer);
void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0);
--
2.26.3
next prev parent reply other threads:[~2022-02-07 16:02 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-07 15:54 [PATCH RESEND 00/30] My patch queue Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 01/30] KVM: x86: SVM: don't passthrough SMAP/SMEP/PKE bits in !NPT && !gCR0.PG case Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 02/30] KVM: x86: nSVM: fix potential NULL derefernce on nested migration Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 03/30] KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved state Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 04/30] KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which is a result of RSM Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 05/30] KVM: x86: nSVM: expose clean bit support to the guest Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 06/30] KVM: x86: mark syntethic SMM vmexit as SVM_EXIT_SW Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 07/30] KVM: x86: nSVM: deal with L1 hypervisor that intercepts interrupts but lets L2 control them Maxim Levitsky
2022-02-08 11:33 ` Paolo Bonzini
2022-02-08 11:55 ` Maxim Levitsky
2022-02-08 12:24 ` Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 08/30] KVM: x86: lapic: don't touch irr_pending in kvm_apic_update_apicv when inhibiting it Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 09/30] KVM: x86: SVM: move avic definitions from AMD's spec to svm.h Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 10/30] KVM: x86: SVM: fix race between interrupt delivery and AVIC inhibition Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 11/30] KVM: x86: SVM: use vmcb01 in avic_init_vmcb Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 12/30] KVM: x86: SVM: allow AVIC to co-exist with a nested guest running Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 13/30] KVM: x86: lapic: don't allow to change APIC ID when apic acceleration is enabled Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 14/30] KVM: x86: lapic: don't allow to change local apic id when using older x2apic api Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 15/30] KVM: x86: SVM: remove avic's broken code that updated APIC ID Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 16/30] KVM: x86: SVM: allow to force AVIC to be enabled Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 17/30] KVM: x86: mmu: trace kvm_mmu_set_spte after the new SPTE was set Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 18/30] KVM: x86: mmu: add strict mmu mode Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 19/30] KVM: x86: mmu: add gfn_in_memslot helper Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 20/30] KVM: x86: mmu: allow to enable write tracking externally Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 21/30] x86: KVMGT: use kvm_page_track_write_tracking_enable Maxim Levitsky
2022-02-07 15:54 ` Maxim Levitsky [this message]
2022-02-07 15:54 ` [PATCH RESEND 23/30] KVM: x86: nSVM: implement nested LBR virtualization Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 24/30] KVM: x86: nSVM: implement nested VMLOAD/VMSAVE Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 25/30] KVM: x86: nSVM: support PAUSE filter threshold and count when cpu_pm=on Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 26/30] KVM: x86: nSVM: implement nested vGIF Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 27/30] KVM: x86: add force_intercept_exceptions_mask Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 28/30] KVM: SVM: implement force_intercept_exceptions_mask Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 29/30] KVM: VMX: " Maxim Levitsky
2022-02-07 15:54 ` [PATCH RESEND 30/30] KVM: x86: get rid of KVM_REQ_GET_NESTED_STATE_PAGES Maxim Levitsky
2022-02-08 12:02 ` [PATCH RESEND 00/30] My patch queue Paolo Bonzini
2022-02-08 12:45 ` Maxim Levitsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220207155447.840194-23-mlevitsk@redhat.com \
--to=mlevitsk@redhat.com \
--cc=airlied@linux.ie \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=chang.seok.bae@intel.com \
--cc=daniel@ffwll.ch \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=intel-gvt-dev@lists.freedesktop.org \
--cc=jani.nikula@linux.intel.com \
--cc=jmattson@google.com \
--cc=joonas.lahtinen@linux.intel.com \
--cc=joro@8bytes.org \
--cc=kan.liang@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=rodrigo.vivi@intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
--cc=zhenyuw@linux.intel.com \
--cc=zhi.a.wang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox