* [PATCH 00/10] nested vmx: bug fixes and feature enabling
@ 2012-12-04 5:53 Dongxiao Xu
2012-12-04 5:53 ` [PATCH 01/10] nested vmx: emulate MSR bitmaps Dongxiao Xu
` (10 more replies)
0 siblings, 11 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
This series of patches contain some bug fixes and feature enabling for nested vmx, please help to review and pull.
Thanks,
Dongxiao
Dongxiao Xu (10):
nested vmx: emulate MSR bitmaps
nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM
nested vmx: fix rflags status in virtual vmexit
nested vmx: fix handling of RDTSC
nested vmx: fix DR access VM exit
nested vmx: enable IA32E mode while do VM entry
nested vmx: enable "Virtualize APIC accesses" feature for L1 VMM
nested vmx: enable PAUSE and RDPMC exiting for L1 VMM
nested vmx: fix interrupt delivery to L2 guest
nested vmx: check host ability when intercept MSR read
xen/arch/x86/hvm/vmx/intr.c | 11 ++-
xen/arch/x86/hvm/vmx/vmcs.c | 28 ++++++++
xen/arch/x86/hvm/vmx/vmx.c | 2 +-
xen/arch/x86/hvm/vmx/vvmx.c | 128 ++++++++++++++++++++++++++++++------
xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
xen/include/asm-x86/hvm/vmx/vmx.h | 2 +
xen/include/asm-x86/hvm/vmx/vvmx.h | 1 +
7 files changed, 148 insertions(+), 25 deletions(-)
^ permalink raw reply [flat|nested] 19+ messages in thread
* [PATCH 01/10] nested vmx: emulate MSR bitmaps
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 5:53 ` [PATCH 02/10] nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM Dongxiao Xu
` (9 subsequent siblings)
10 siblings, 0 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
In nested vmx virtualization for MSR bitmaps, L0 hypervisor will trap all the VM
exit from L2 guest by disable the MSR_BITMAP feature. When handling this VM exit,
L0 hypervisor judges whether L1 hypervisor uses MSR_BITMAP feature and the
corresponding bit is set to 1. If so, L0 will inject such VM exit into L1
hypervisor; otherwise, L0 will be responsible for handling this VM exit.
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vmcs.c | 28 +++++++++++++++++++++++++
xen/arch/x86/hvm/vmx/vvmx.c | 39 ++++++++++++++++++++++++++++++++++-
xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
xen/include/asm-x86/hvm/vmx/vvmx.h | 1 +
4 files changed, 67 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index 0fbdd75..205e705 100644
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -674,6 +674,34 @@ void vmx_disable_intercept_for_msr(struct vcpu *v, u32 msr, int type)
}
/*
+ * access_type: read == 0, write == 1
+ */
+int vmx_check_msr_bitmap(unsigned long *msr_bitmap, u32 msr, int access_type)
+{
+ int ret = 1;
+ if ( !msr_bitmap )
+ return 1;
+
+ if ( msr <= 0x1fff )
+ {
+ if ( access_type == 0 )
+ ret = test_bit(msr, msr_bitmap + 0x000/BYTES_PER_LONG); /* read-low */
+ else if ( access_type == 1 )
+ ret = test_bit(msr, msr_bitmap + 0x800/BYTES_PER_LONG); /* write-low */
+ }
+ else if ( (msr >= 0xc0000000) && (msr <= 0xc0001fff) )
+ {
+ msr &= 0x1fff;
+ if ( access_type == 0 )
+ ret = test_bit(msr, msr_bitmap + 0x400/BYTES_PER_LONG); /* read-high */
+ else if ( access_type == 1 )
+ ret = test_bit(msr, msr_bitmap + 0xc00/BYTES_PER_LONG); /* write-high */
+ }
+ return ret;
+}
+
+
+/*
* Switch VMCS between layer 1 & 2 guest
*/
void vmx_vmcs_switch(struct vmcs_struct *from, struct vmcs_struct *to)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index ed47780..719bfce 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -48,6 +48,7 @@ int nvmx_vcpu_initialise(struct vcpu *v)
nvmx->intr.error_code = 0;
nvmx->iobitmap[0] = NULL;
nvmx->iobitmap[1] = NULL;
+ nvmx->msrbitmap = NULL;
return 0;
out:
return -ENOMEM;
@@ -561,6 +562,17 @@ static void __clear_current_vvmcs(struct vcpu *v)
__vmpclear(virt_to_maddr(nvcpu->nv_n2vmcx));
}
+static void __map_msr_bitmap(struct vcpu *v)
+{
+ struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
+ unsigned long gpa;
+
+ if ( nvmx->msrbitmap )
+ hvm_unmap_guest_frame (nvmx->msrbitmap);
+ gpa = __get_vvmcs(vcpu_nestedhvm(v).nv_vvmcx, MSR_BITMAP);
+ nvmx->msrbitmap = hvm_map_guest_frame_ro(gpa >> PAGE_SHIFT);
+}
+
static void __map_io_bitmap(struct vcpu *v, u64 vmcs_reg)
{
struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
@@ -597,6 +609,10 @@ static void nvmx_purge_vvmcs(struct vcpu *v)
nvmx->iobitmap[i] = NULL;
}
}
+ if ( nvmx->msrbitmap ) {
+ hvm_unmap_guest_frame(nvmx->msrbitmap);
+ nvmx->msrbitmap = NULL;
+ }
}
u64 nvmx_get_tsc_offset(struct vcpu *v)
@@ -1153,6 +1169,7 @@ int nvmx_handle_vmptrld(struct cpu_user_regs *regs)
nvcpu->nv_vvmcx = hvm_map_guest_frame_rw(gpa >> PAGE_SHIFT);
nvcpu->nv_vvmcxaddr = gpa;
map_io_bitmap_all (v);
+ __map_msr_bitmap(v);
}
vmreturn(regs, VMSUCCEED);
@@ -1270,6 +1287,9 @@ int nvmx_handle_vmwrite(struct cpu_user_regs *regs)
vmcs_encoding == IO_BITMAP_B_HIGH )
__map_io_bitmap (v, IO_BITMAP_B);
+ if ( vmcs_encoding == MSR_BITMAP || vmcs_encoding == MSR_BITMAP_HIGH )
+ __map_msr_bitmap(v);
+
vmreturn(regs, VMSUCCEED);
return X86EMUL_OKAY;
}
@@ -1320,6 +1340,7 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
CPU_BASED_RDTSC_EXITING |
CPU_BASED_MONITOR_TRAP_FLAG |
CPU_BASED_VIRTUAL_NMI_PENDING |
+ CPU_BASED_ACTIVATE_MSR_BITMAP |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
/* bit 1, 4-6,8,13-16,26 must be 1 (refer G4 of SDM) */
tmp = ( (1<<26) | (0xf << 13) | 0x100 | (0x7 << 4) | 0x2);
@@ -1497,8 +1518,6 @@ int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs,
case EXIT_REASON_TRIPLE_FAULT:
case EXIT_REASON_TASK_SWITCH:
case EXIT_REASON_CPUID:
- case EXIT_REASON_MSR_READ:
- case EXIT_REASON_MSR_WRITE:
case EXIT_REASON_VMCALL:
case EXIT_REASON_VMCLEAR:
case EXIT_REASON_VMLAUNCH:
@@ -1514,6 +1533,22 @@ int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs,
/* inject to L1 */
nvcpu->nv_vmexit_pending = 1;
break;
+ case EXIT_REASON_MSR_READ:
+ case EXIT_REASON_MSR_WRITE:
+ {
+ int status;
+ ctrl = __n2_exec_control(v);
+ if ( ctrl & CPU_BASED_ACTIVATE_MSR_BITMAP )
+ {
+ status = vmx_check_msr_bitmap(nvmx->msrbitmap, regs->ecx,
+ !!(exit_reason == EXIT_REASON_MSR_WRITE));
+ if ( status )
+ nvcpu->nv_vmexit_pending = 1;
+ }
+ else
+ nvcpu->nv_vmexit_pending = 1;
+ break;
+ }
case EXIT_REASON_IO_INSTRUCTION:
ctrl = __n2_exec_control(v);
if ( ctrl & CPU_BASED_ACTIVATE_IO_BITMAP )
diff --git a/xen/include/asm-x86/hvm/vmx/vmcs.h b/xen/include/asm-x86/hvm/vmx/vmcs.h
index cc92f69..14ac773 100644
--- a/xen/include/asm-x86/hvm/vmx/vmcs.h
+++ b/xen/include/asm-x86/hvm/vmx/vmcs.h
@@ -427,6 +427,7 @@ int vmx_add_host_load_msr(u32 msr);
void vmx_vmcs_switch(struct vmcs_struct *from, struct vmcs_struct *to);
void vmx_set_eoi_exit_bitmap(struct vcpu *v, u8 vector);
void vmx_clear_eoi_exit_bitmap(struct vcpu *v, u8 vector);
+int vmx_check_msr_bitmap(unsigned long *msr_bitmap, u32 msr, int access_type);
#endif /* ASM_X86_HVM_VMX_VMCS_H__ */
diff --git a/xen/include/asm-x86/hvm/vmx/vvmx.h b/xen/include/asm-x86/hvm/vmx/vvmx.h
index b9137b8..067fbe4 100644
--- a/xen/include/asm-x86/hvm/vmx/vvmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vvmx.h
@@ -26,6 +26,7 @@
struct nestedvmx {
paddr_t vmxon_region_pa;
void *iobitmap[2]; /* map (va) of L1 guest I/O bitmap */
+ void *msrbitmap; /* map (va) of L1 guest MSR bitmap */
/* deferred nested interrupt */
struct {
unsigned long intr_info;
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 02/10] nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
2012-12-04 5:53 ` [PATCH 01/10] nested vmx: emulate MSR bitmaps Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 9:59 ` Jan Beulich
2012-12-04 5:53 ` [PATCH 03/10] nested vmx: fix rflags status in virtual vmexit Dongxiao Xu
` (8 subsequent siblings)
10 siblings, 1 reply; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 37 +++++++++++++++++++++++++------------
1 files changed, 25 insertions(+), 12 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index 719bfce..cf91c7c 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1299,7 +1299,7 @@ int nvmx_handle_vmwrite(struct cpu_user_regs *regs)
*/
int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
{
- u64 data = 0, tmp;
+ u64 data = 0, tmp = 0;
int r = 1;
if ( !nestedhvm_enabled(current->domain) )
@@ -1311,18 +1311,20 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
switch (msr) {
case MSR_IA32_VMX_BASIC:
data = VVMCS_REVISION | ((u64)PAGE_SIZE) << 32 |
- ((u64)MTRR_TYPE_WRBACK) << 50;
+ ((u64)MTRR_TYPE_WRBACK) << 50 | (1ULL << 55);
break;
case MSR_IA32_VMX_PINBASED_CTLS:
+ case MSR_IA32_VMX_TRUE_PINBASED_CTLS:
/* 1-seetings */
data = PIN_BASED_EXT_INTR_MASK |
PIN_BASED_NMI_EXITING |
PIN_BASED_PREEMPT_TIMER;
- data <<= 32;
- /* 0-settings */
- data |= 0;
+ /* Consult SDM for default1 setting */
+ tmp = ( (1<<1) | (1<<2) | (1<<4) );
+ data = ((data | tmp) << 32) | (tmp);
break;
case MSR_IA32_VMX_PROCBASED_CTLS:
+ case MSR_IA32_VMX_TRUE_PROCBASED_CTLS:
/* 1-seetings */
data = CPU_BASED_HLT_EXITING |
CPU_BASED_VIRTUAL_INTR_PENDING |
@@ -1342,10 +1344,14 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
CPU_BASED_VIRTUAL_NMI_PENDING |
CPU_BASED_ACTIVATE_MSR_BITMAP |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
- /* bit 1, 4-6,8,13-16,26 must be 1 (refer G4 of SDM) */
- tmp = ( (1<<26) | (0xf << 13) | 0x100 | (0x7 << 4) | 0x2);
+ /* Consult SDM for default1 setting */
+ if ( msr == MSR_IA32_VMX_PROCBASED_CTLS )
+ tmp = 0x401e172;
+ else if ( msr == MSR_IA32_VMX_TRUE_PROCBASED_CTLS )
+ tmp = 0x4006172;
/* 0-settings */
data = ((data | tmp) << 32) | (tmp);
+
break;
case MSR_IA32_VMX_PROCBASED_CTLS2:
/* 1-seetings */
@@ -1355,9 +1361,12 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
data = (data << 32) | tmp;
break;
case MSR_IA32_VMX_EXIT_CTLS:
- /* 1-seetings */
- /* bit 0-8, 10,11,13,14,16,17 must be 1 (refer G4 of SDM) */
- tmp = 0x36dff;
+ case MSR_IA32_VMX_TRUE_EXIT_CTLS:
+ /* Consult SDM for default1 setting */
+ if ( msr == MSR_IA32_VMX_EXIT_CTLS )
+ tmp = 0x36dff;
+ else if ( msr == MSR_IA32_VMX_TRUE_EXIT_CTLS )
+ tmp = 0x36dfb;
data = VM_EXIT_ACK_INTR_ON_EXIT |
VM_EXIT_IA32E_MODE |
VM_EXIT_SAVE_PREEMPT_TIMER |
@@ -1370,8 +1379,12 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
data = ((data | tmp) << 32) | tmp;
break;
case MSR_IA32_VMX_ENTRY_CTLS:
- /* bit 0-8, and 12 must be 1 (refer G5 of SDM) */
- tmp = 0x11ff;
+ case MSR_IA32_VMX_TRUE_ENTRY_CTLS:
+ /* Consult SDM for default1 setting */
+ if ( msr == MSR_IA32_VMX_ENTRY_CTLS )
+ tmp = 0x11ff;
+ else if ( msr == MSR_IA32_VMX_TRUE_ENTRY_CTLS )
+ tmp = 0x11fb;
data = VM_ENTRY_LOAD_GUEST_PAT |
VM_ENTRY_LOAD_GUEST_EFER |
VM_ENTRY_LOAD_PERF_GLOBAL_CTRL;
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 03/10] nested vmx: fix rflags status in virtual vmexit
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
2012-12-04 5:53 ` [PATCH 01/10] nested vmx: emulate MSR bitmaps Dongxiao Xu
2012-12-04 5:53 ` [PATCH 02/10] nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 5:53 ` [PATCH 04/10] nested vmx: fix handling of RDTSC Dongxiao Xu
` (7 subsequent siblings)
10 siblings, 0 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
As stated in SDM, all bits (except for those 1-reserved) in rflags would
be set to 0 in VM exit. Therefore we need to follow this logic in
virtual_vmexit.
Signed-off-by: Xiantao Zhang <xiantao.zhang@intel.com>
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index cf91c7c..6a8caaa 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -991,7 +991,8 @@ static void virtual_vmexit(struct cpu_user_regs *regs)
regs->eip = __get_vvmcs(nvcpu->nv_vvmcx, HOST_RIP);
regs->esp = __get_vvmcs(nvcpu->nv_vvmcx, HOST_RSP);
- regs->eflags = __vmread(GUEST_RFLAGS);
+ /*VMexit clears all bits except bit 1!*/
+ regs->eflags = 2;
/* updating host cr0 to sync TS bit */
__vmwrite(HOST_CR0, v->arch.hvm_vmx.host_cr0);
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 04/10] nested vmx: fix handling of RDTSC
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (2 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 03/10] nested vmx: fix rflags status in virtual vmexit Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 5:53 ` [PATCH 05/10] nested vmx: fix DR access VM exit Dongxiao Xu
` (6 subsequent siblings)
10 siblings, 0 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
If L0 is to handle the TSC access, then we need to update guest EIP by
calling update_guest_eip().
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vmx.c | 2 +-
xen/arch/x86/hvm/vmx/vvmx.c | 1 +
xen/include/asm-x86/hvm/vmx/vmx.h | 2 ++
3 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index 3bb0d99..9fb9562 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -1555,7 +1555,7 @@ static int get_instruction_length(void)
return len;
}
-static void update_guest_eip(void)
+void update_guest_eip(void)
{
struct cpu_user_regs *regs = guest_cpu_user_regs();
unsigned long x;
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index 6a8caaa..cf3797c 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1626,6 +1626,7 @@ int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs,
tsc += __get_vvmcs(nvcpu->nv_vvmcx, TSC_OFFSET);
regs->eax = (uint32_t)tsc;
regs->edx = (uint32_t)(tsc >> 32);
+ update_guest_eip();
return 1;
}
diff --git a/xen/include/asm-x86/hvm/vmx/vmx.h b/xen/include/asm-x86/hvm/vmx/vmx.h
index c4c2fe8..aa5b080 100644
--- a/xen/include/asm-x86/hvm/vmx/vmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vmx.h
@@ -399,6 +399,8 @@ void ept_p2m_init(struct p2m_domain *p2m);
void ept_walk_table(struct domain *d, unsigned long gfn);
void setup_ept_dump(void);
+void update_guest_eip(void);
+
/* EPT violation qualifications definitions */
#define _EPT_READ_VIOLATION 0
#define EPT_READ_VIOLATION (1UL<<_EPT_READ_VIOLATION)
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 05/10] nested vmx: fix DR access VM exit
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (3 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 04/10] nested vmx: fix handling of RDTSC Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 10:02 ` Jan Beulich
2012-12-04 5:53 ` [PATCH 06/10] nested vmx: enable IA32E mode while do VM entry Dongxiao Xu
` (5 subsequent siblings)
10 siblings, 1 reply; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
For DR register, we use lazy restore mechanism when access it. Therefore
when receiving such VM exit, L0 should be responsible to switch to the
right DR values, then inject to L1 hypervisor.
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index cf3797c..0ac78af 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1654,7 +1654,8 @@ int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs,
case EXIT_REASON_DR_ACCESS:
ctrl = __n2_exec_control(v);
if ( ctrl & CPU_BASED_MOV_DR_EXITING )
- nvcpu->nv_vmexit_pending = 1;
+ if ( v->arch.hvm_vcpu.flag_dr_dirty )
+ nvcpu->nv_vmexit_pending = 1;
break;
case EXIT_REASON_INVLPG:
ctrl = __n2_exec_control(v);
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 06/10] nested vmx: enable IA32E mode while do VM entry
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (4 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 05/10] nested vmx: fix DR access VM exit Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 10:03 ` Jan Beulich
2012-12-04 5:53 ` [PATCH 07/10] nested vmx: enable "Virtualize APIC accesses" feature for L1 VMM Dongxiao Xu
` (4 subsequent siblings)
10 siblings, 1 reply; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index 0ac78af..1304636 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1388,7 +1388,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
tmp = 0x11fb;
data = VM_ENTRY_LOAD_GUEST_PAT |
VM_ENTRY_LOAD_GUEST_EFER |
- VM_ENTRY_LOAD_PERF_GLOBAL_CTRL;
+ VM_ENTRY_LOAD_PERF_GLOBAL_CTRL |
+ VM_ENTRY_IA32E_MODE;
data = ((data | tmp) << 32) | tmp;
break;
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 07/10] nested vmx: enable "Virtualize APIC accesses" feature for L1 VMM
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (5 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 06/10] nested vmx: enable IA32E mode while do VM entry Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 5:53 ` [PATCH 08/10] nested vmx: enable PAUSE and RDPMC exiting " Dongxiao Xu
` (3 subsequent siblings)
10 siblings, 0 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
If the "Virtualize APIC accesses" feature is enabled, we need to sync
the APIC-access address from virtual vvmcs into shadow vmcs when doing
virtual_vmentry.
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 27 ++++++++++++++++++++++++++-
1 files changed, 26 insertions(+), 1 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index 1304636..bc9d39c 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -554,6 +554,24 @@ void nvmx_update_exception_bitmap(struct vcpu *v, unsigned long value)
set_shadow_control(v, EXCEPTION_BITMAP, value);
}
+static void nvmx_update_apic_access_address(struct vcpu *v)
+{
+ struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
+ u64 apic_gpfn, apic_mfn;
+ u32 ctrl;
+ void *apic_va;
+
+ ctrl = __n2_secondary_exec_control(v);
+ if ( ctrl & SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES )
+ {
+ apic_gpfn = __get_vvmcs(nvcpu->nv_vvmcx, APIC_ACCESS_ADDR) >> PAGE_SHIFT;
+ apic_va = hvm_map_guest_frame_ro(apic_gpfn);
+ apic_mfn = virt_to_mfn(apic_va);
+ __vmwrite(APIC_ACCESS_ADDR, (apic_mfn << PAGE_SHIFT));
+ hvm_unmap_guest_frame(apic_va);
+ }
+}
+
static void __clear_current_vvmcs(struct vcpu *v)
{
struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
@@ -761,6 +779,7 @@ static void load_shadow_control(struct vcpu *v)
nvmx_update_exit_control(v, vmx_vmexit_control);
nvmx_update_entry_control(v);
vmx_update_exception_bitmap(v);
+ nvmx_update_apic_access_address(v);
}
static void load_shadow_guest_state(struct vcpu *v)
@@ -1356,7 +1375,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
break;
case MSR_IA32_VMX_PROCBASED_CTLS2:
/* 1-seetings */
- data = SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING;
+ data = SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING |
+ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
/* 0-settings */
tmp = 0;
data = (data << 32) | tmp;
@@ -1692,6 +1712,11 @@ int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs,
break;
}
+ case EXIT_REASON_APIC_ACCESS:
+ ctrl = __n2_secondary_exec_control(v);
+ if ( ctrl & SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES )
+ nvcpu->nv_vmexit_pending = 1;
+ break;
default:
gdprintk(XENLOG_WARNING, "Unknown nested vmexit reason %x.\n",
exit_reason);
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 08/10] nested vmx: enable PAUSE and RDPMC exiting for L1 VMM
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (6 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 07/10] nested vmx: enable "Virtualize APIC accesses" feature for L1 VMM Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 5:53 ` [PATCH 09/10] nested vmx: fix interrupt delivery to L2 guest Dongxiao Xu
` (2 subsequent siblings)
10 siblings, 0 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index bc9d39c..bbf5266 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1363,6 +1363,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
CPU_BASED_MONITOR_TRAP_FLAG |
CPU_BASED_VIRTUAL_NMI_PENDING |
CPU_BASED_ACTIVATE_MSR_BITMAP |
+ CPU_BASED_PAUSE_EXITING |
+ CPU_BASED_RDPMC_EXITING |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
/* Consult SDM for default1 setting */
if ( msr == MSR_IA32_VMX_PROCBASED_CTLS )
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 09/10] nested vmx: fix interrupt delivery to L2 guest
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (7 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 08/10] nested vmx: enable PAUSE and RDPMC exiting " Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 5:53 ` [PATCH 10/10] nested vmx: check host ability when intercept MSR read Dongxiao Xu
2012-12-04 10:05 ` [PATCH 00/10] nested vmx: bug fixes and feature enabling Jan Beulich
10 siblings, 0 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
While delivering interrupt into L2 guest, L0 hypervisor need to check
whether L1 hypervisor wants to own the interrupt, if not, directly inject
the interrupt into L2 guest.
Signed-off-by: Xiantao Zhang <xiantao.zhang@intel.com>
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/intr.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/intr.c b/xen/arch/x86/hvm/vmx/intr.c
index 3961bc7..ef8b925 100644
--- a/xen/arch/x86/hvm/vmx/intr.c
+++ b/xen/arch/x86/hvm/vmx/intr.c
@@ -163,7 +163,7 @@ enum hvm_intblk nvmx_intr_blocked(struct vcpu *v)
static int nvmx_intr_intercept(struct vcpu *v, struct hvm_intack intack)
{
- u32 exit_ctrl;
+ u32 ctrl;
if ( nvmx_intr_blocked(v) != hvm_intblk_none )
{
@@ -176,11 +176,14 @@ static int nvmx_intr_intercept(struct vcpu *v, struct hvm_intack intack)
if ( intack.source == hvm_intsrc_pic ||
intack.source == hvm_intsrc_lapic )
{
+ ctrl = __get_vvmcs(vcpu_nestedhvm(v).nv_vvmcx, PIN_BASED_VM_EXEC_CONTROL);
+ if ( !(ctrl & PIN_BASED_EXT_INTR_MASK) )
+ return 0;
+
vmx_inject_extint(intack.vector);
- exit_ctrl = __get_vvmcs(vcpu_nestedhvm(v).nv_vvmcx,
- VM_EXIT_CONTROLS);
- if ( exit_ctrl & VM_EXIT_ACK_INTR_ON_EXIT )
+ ctrl = __get_vvmcs(vcpu_nestedhvm(v).nv_vvmcx, VM_EXIT_CONTROLS);
+ if ( ctrl & VM_EXIT_ACK_INTR_ON_EXIT )
{
/* for now, duplicate the ack path in vmx_intr_assist */
hvm_vcpu_ack_pending_irq(v, intack);
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [PATCH 10/10] nested vmx: check host ability when intercept MSR read
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (8 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 09/10] nested vmx: fix interrupt delivery to L2 guest Dongxiao Xu
@ 2012-12-04 5:53 ` Dongxiao Xu
2012-12-04 10:05 ` [PATCH 00/10] nested vmx: bug fixes and feature enabling Jan Beulich
10 siblings, 0 replies; 19+ messages in thread
From: Dongxiao Xu @ 2012-12-04 5:53 UTC (permalink / raw)
To: xen-devel
When guest hypervisor tries to read MSR value, we intercept this behavior
and return certain emulated values. Besides that, we also need to ensure
that those emulated values must compatible with host ability.
Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 19 ++++++++++++++-----
1 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index bbf5266..f2bba1b 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1319,19 +1319,20 @@ int nvmx_handle_vmwrite(struct cpu_user_regs *regs)
*/
int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
{
- u64 data = 0, tmp = 0;
+ u64 data = 0, host_data = 0, tmp = 0;
int r = 1;
if ( !nestedhvm_enabled(current->domain) )
return 0;
+ rdmsrl(msr, host_data);
+
/*
* Remove unsupport features from n1 guest capability MSR
*/
switch (msr) {
case MSR_IA32_VMX_BASIC:
- data = VVMCS_REVISION | ((u64)PAGE_SIZE) << 32 |
- ((u64)MTRR_TYPE_WRBACK) << 50 | (1ULL << 55);
+ data = (host_data & (~0ul << 32)) | VVMCS_REVISION;
break;
case MSR_IA32_VMX_PINBASED_CTLS:
case MSR_IA32_VMX_TRUE_PINBASED_CTLS:
@@ -1342,6 +1343,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
/* Consult SDM for default1 setting */
tmp = ( (1<<1) | (1<<2) | (1<<4) );
data = ((data | tmp) << 32) | (tmp);
+ data = ((data & host_data) & (~0ul << 32)) |
+ ((data | host_data) & (~0u));
break;
case MSR_IA32_VMX_PROCBASED_CTLS:
case MSR_IA32_VMX_TRUE_PROCBASED_CTLS:
@@ -1373,7 +1376,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
tmp = 0x4006172;
/* 0-settings */
data = ((data | tmp) << 32) | (tmp);
-
+ data = ((data & host_data) & (~0ul << 32)) |
+ ((data | host_data) & (~0u));
break;
case MSR_IA32_VMX_PROCBASED_CTLS2:
/* 1-seetings */
@@ -1382,6 +1386,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
/* 0-settings */
tmp = 0;
data = (data << 32) | tmp;
+ data = ((data & host_data) & (~0ul << 32)) |
+ ((data | host_data) & (~0u));
break;
case MSR_IA32_VMX_EXIT_CTLS:
case MSR_IA32_VMX_TRUE_EXIT_CTLS:
@@ -1400,6 +1406,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
VM_EXIT_LOAD_PERF_GLOBAL_CTRL;
/* 0-settings */
data = ((data | tmp) << 32) | tmp;
+ data = ((data & host_data) & (~0ul << 32)) |
+ ((data | host_data) & (~0u));
break;
case MSR_IA32_VMX_ENTRY_CTLS:
case MSR_IA32_VMX_TRUE_ENTRY_CTLS:
@@ -1413,8 +1421,9 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
VM_ENTRY_LOAD_PERF_GLOBAL_CTRL |
VM_ENTRY_IA32E_MODE;
data = ((data | tmp) << 32) | tmp;
+ data = ((data & host_data) & (~0ul << 32)) |
+ ((data | host_data) & (~0u));
break;
-
case IA32_FEATURE_CONTROL_MSR:
data = IA32_FEATURE_CONTROL_MSR_LOCK |
IA32_FEATURE_CONTROL_MSR_ENABLE_VMXON_OUTSIDE_SMX;
--
1.7.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* Re: [PATCH 02/10] nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM
2012-12-04 5:53 ` [PATCH 02/10] nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM Dongxiao Xu
@ 2012-12-04 9:59 ` Jan Beulich
2012-12-05 1:35 ` Xu, Dongxiao
0 siblings, 1 reply; 19+ messages in thread
From: Jan Beulich @ 2012-12-04 9:59 UTC (permalink / raw)
To: Dongxiao Xu; +Cc: Eddie Dong, Jun Nakajima, xen-devel
>>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
I'm sorry, but exposing something that doesn't even have a name
sound very awkward to me. Please adjust existing code using the
literal number in a prerequisite patch, and then use the added
constant here too.
Jan
> Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
> ---
> xen/arch/x86/hvm/vmx/vvmx.c | 37 +++++++++++++++++++++++++------------
> 1 files changed, 25 insertions(+), 12 deletions(-)
>
> diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
> index 719bfce..cf91c7c 100644
> --- a/xen/arch/x86/hvm/vmx/vvmx.c
> +++ b/xen/arch/x86/hvm/vmx/vvmx.c
> @@ -1299,7 +1299,7 @@ int nvmx_handle_vmwrite(struct cpu_user_regs *regs)
> */
> int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
> {
> - u64 data = 0, tmp;
> + u64 data = 0, tmp = 0;
> int r = 1;
>
> if ( !nestedhvm_enabled(current->domain) )
> @@ -1311,18 +1311,20 @@ int nvmx_msr_read_intercept(unsigned int msr, u64
> *msr_content)
> switch (msr) {
> case MSR_IA32_VMX_BASIC:
> data = VVMCS_REVISION | ((u64)PAGE_SIZE) << 32 |
> - ((u64)MTRR_TYPE_WRBACK) << 50;
> + ((u64)MTRR_TYPE_WRBACK) << 50 | (1ULL << 55);
> break;
> case MSR_IA32_VMX_PINBASED_CTLS:
> + case MSR_IA32_VMX_TRUE_PINBASED_CTLS:
> /* 1-seetings */
> data = PIN_BASED_EXT_INTR_MASK |
> PIN_BASED_NMI_EXITING |
> PIN_BASED_PREEMPT_TIMER;
> - data <<= 32;
> - /* 0-settings */
> - data |= 0;
> + /* Consult SDM for default1 setting */
> + tmp = ( (1<<1) | (1<<2) | (1<<4) );
> + data = ((data | tmp) << 32) | (tmp);
> break;
> case MSR_IA32_VMX_PROCBASED_CTLS:
> + case MSR_IA32_VMX_TRUE_PROCBASED_CTLS:
> /* 1-seetings */
> data = CPU_BASED_HLT_EXITING |
> CPU_BASED_VIRTUAL_INTR_PENDING |
> @@ -1342,10 +1344,14 @@ int nvmx_msr_read_intercept(unsigned int msr, u64
> *msr_content)
> CPU_BASED_VIRTUAL_NMI_PENDING |
> CPU_BASED_ACTIVATE_MSR_BITMAP |
> CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
> - /* bit 1, 4-6,8,13-16,26 must be 1 (refer G4 of SDM) */
> - tmp = ( (1<<26) | (0xf << 13) | 0x100 | (0x7 << 4) | 0x2);
> + /* Consult SDM for default1 setting */
> + if ( msr == MSR_IA32_VMX_PROCBASED_CTLS )
> + tmp = 0x401e172;
> + else if ( msr == MSR_IA32_VMX_TRUE_PROCBASED_CTLS )
> + tmp = 0x4006172;
> /* 0-settings */
> data = ((data | tmp) << 32) | (tmp);
> +
> break;
> case MSR_IA32_VMX_PROCBASED_CTLS2:
> /* 1-seetings */
> @@ -1355,9 +1361,12 @@ int nvmx_msr_read_intercept(unsigned int msr, u64
> *msr_content)
> data = (data << 32) | tmp;
> break;
> case MSR_IA32_VMX_EXIT_CTLS:
> - /* 1-seetings */
> - /* bit 0-8, 10,11,13,14,16,17 must be 1 (refer G4 of SDM) */
> - tmp = 0x36dff;
> + case MSR_IA32_VMX_TRUE_EXIT_CTLS:
> + /* Consult SDM for default1 setting */
> + if ( msr == MSR_IA32_VMX_EXIT_CTLS )
> + tmp = 0x36dff;
> + else if ( msr == MSR_IA32_VMX_TRUE_EXIT_CTLS )
> + tmp = 0x36dfb;
> data = VM_EXIT_ACK_INTR_ON_EXIT |
> VM_EXIT_IA32E_MODE |
> VM_EXIT_SAVE_PREEMPT_TIMER |
> @@ -1370,8 +1379,12 @@ int nvmx_msr_read_intercept(unsigned int msr, u64
> *msr_content)
> data = ((data | tmp) << 32) | tmp;
> break;
> case MSR_IA32_VMX_ENTRY_CTLS:
> - /* bit 0-8, and 12 must be 1 (refer G5 of SDM) */
> - tmp = 0x11ff;
> + case MSR_IA32_VMX_TRUE_ENTRY_CTLS:
> + /* Consult SDM for default1 setting */
> + if ( msr == MSR_IA32_VMX_ENTRY_CTLS )
> + tmp = 0x11ff;
> + else if ( msr == MSR_IA32_VMX_TRUE_ENTRY_CTLS )
> + tmp = 0x11fb;
> data = VM_ENTRY_LOAD_GUEST_PAT |
> VM_ENTRY_LOAD_GUEST_EFER |
> VM_ENTRY_LOAD_PERF_GLOBAL_CTRL;
> --
> 1.7.1
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH 05/10] nested vmx: fix DR access VM exit
2012-12-04 5:53 ` [PATCH 05/10] nested vmx: fix DR access VM exit Dongxiao Xu
@ 2012-12-04 10:02 ` Jan Beulich
2012-12-05 1:27 ` Xu, Dongxiao
0 siblings, 1 reply; 19+ messages in thread
From: Jan Beulich @ 2012-12-04 10:02 UTC (permalink / raw)
To: Dongxiao Xu; +Cc: xen-devel
>>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
> For DR register, we use lazy restore mechanism when access it. Therefore
> when receiving such VM exit, L0 should be responsible to switch to the
> right DR values, then inject to L1 hypervisor.
>
> Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
> ---
> xen/arch/x86/hvm/vmx/vvmx.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
> index cf3797c..0ac78af 100644
> --- a/xen/arch/x86/hvm/vmx/vvmx.c
> +++ b/xen/arch/x86/hvm/vmx/vvmx.c
> @@ -1654,7 +1654,8 @@ int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs,
> case EXIT_REASON_DR_ACCESS:
> ctrl = __n2_exec_control(v);
> if ( ctrl & CPU_BASED_MOV_DR_EXITING )
> - nvcpu->nv_vmexit_pending = 1;
> + if ( v->arch.hvm_vcpu.flag_dr_dirty )
> + nvcpu->nv_vmexit_pending = 1;
Personally I'd prefer if you combined the two if-s.
Jan
> break;
> case EXIT_REASON_INVLPG:
> ctrl = __n2_exec_control(v);
> --
> 1.7.1
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH 06/10] nested vmx: enable IA32E mode while do VM entry
2012-12-04 5:53 ` [PATCH 06/10] nested vmx: enable IA32E mode while do VM entry Dongxiao Xu
@ 2012-12-04 10:03 ` Jan Beulich
2012-12-05 1:26 ` Xu, Dongxiao
0 siblings, 1 reply; 19+ messages in thread
From: Jan Beulich @ 2012-12-04 10:03 UTC (permalink / raw)
To: Dongxiao Xu; +Cc: xen-devel
>>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
How did things work without this, or if it worked, what does this fix?
Jan
> Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
> ---
> xen/arch/x86/hvm/vmx/vvmx.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
> index 0ac78af..1304636 100644
> --- a/xen/arch/x86/hvm/vmx/vvmx.c
> +++ b/xen/arch/x86/hvm/vmx/vvmx.c
> @@ -1388,7 +1388,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64
> *msr_content)
> tmp = 0x11fb;
> data = VM_ENTRY_LOAD_GUEST_PAT |
> VM_ENTRY_LOAD_GUEST_EFER |
> - VM_ENTRY_LOAD_PERF_GLOBAL_CTRL;
> + VM_ENTRY_LOAD_PERF_GLOBAL_CTRL |
> + VM_ENTRY_IA32E_MODE;
> data = ((data | tmp) << 32) | tmp;
> break;
>
> --
> 1.7.1
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH 00/10] nested vmx: bug fixes and feature enabling
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
` (9 preceding siblings ...)
2012-12-04 5:53 ` [PATCH 10/10] nested vmx: check host ability when intercept MSR read Dongxiao Xu
@ 2012-12-04 10:05 ` Jan Beulich
2012-12-05 1:37 ` Xu, Dongxiao
10 siblings, 1 reply; 19+ messages in thread
From: Jan Beulich @ 2012-12-04 10:05 UTC (permalink / raw)
To: Dongxiao Xu; +Cc: Eddie Dong, Jun Nakajima, xen-devel
>>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
> This series of patches contain some bug fixes and feature enabling for nested
> vmx, please help to review and pull.
As with the previous series, we would want this series to be ack-ed
by one of the formally listed maintainers.
Beyond that I'd appreciate if you could indicate which of the bug
fixes you sent would be candidates for 4.2.x.
Jan
> Dongxiao Xu (10):
> nested vmx: emulate MSR bitmaps
> nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM
> nested vmx: fix rflags status in virtual vmexit
> nested vmx: fix handling of RDTSC
> nested vmx: fix DR access VM exit
> nested vmx: enable IA32E mode while do VM entry
> nested vmx: enable "Virtualize APIC accesses" feature for L1 VMM
> nested vmx: enable PAUSE and RDPMC exiting for L1 VMM
> nested vmx: fix interrupt delivery to L2 guest
> nested vmx: check host ability when intercept MSR read
>
> xen/arch/x86/hvm/vmx/intr.c | 11 ++-
> xen/arch/x86/hvm/vmx/vmcs.c | 28 ++++++++
> xen/arch/x86/hvm/vmx/vmx.c | 2 +-
> xen/arch/x86/hvm/vmx/vvmx.c | 128 ++++++++++++++++++++++++++++++------
> xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
> xen/include/asm-x86/hvm/vmx/vmx.h | 2 +
> xen/include/asm-x86/hvm/vmx/vvmx.h | 1 +
> 7 files changed, 148 insertions(+), 25 deletions(-)
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH 06/10] nested vmx: enable IA32E mode while do VM entry
2012-12-04 10:03 ` Jan Beulich
@ 2012-12-05 1:26 ` Xu, Dongxiao
0 siblings, 0 replies; 19+ messages in thread
From: Xu, Dongxiao @ 2012-12-05 1:26 UTC (permalink / raw)
To: Jan Beulich; +Cc: xen-devel@lists.xen.org
> -----Original Message-----
> From: Jan Beulich [mailto:JBeulich@suse.com]
> Sent: Tuesday, December 04, 2012 6:03 PM
> To: Xu, Dongxiao
> Cc: xen-devel@lists.xen.org
> Subject: Re: [Xen-devel] [PATCH 06/10] nested vmx: enable IA32E mode while
> do VM entry
>
> >>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
>
> How did things work without this, or if it worked, what does this fix?
>
> Jan
For current Xen, it doesn't check the VM_ENTRY_IA32E_MODE bit in related MSR but directly enable this bit in VMCS if guest supports long mode.
Therefore Xen on Xen doesn't have problem.
However other VMMs may detect this bit in MSR and then set value to related VMCS fields.
Thanks,
Dongxiao
>
> > Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
> > ---
> > xen/arch/x86/hvm/vmx/vvmx.c | 3 ++-
> > 1 files changed, 2 insertions(+), 1 deletions(-)
> >
> > diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
> > index 0ac78af..1304636 100644
> > --- a/xen/arch/x86/hvm/vmx/vvmx.c
> > +++ b/xen/arch/x86/hvm/vmx/vvmx.c
> > @@ -1388,7 +1388,8 @@ int nvmx_msr_read_intercept(unsigned int msr,
> > u64
> > *msr_content)
> > tmp = 0x11fb;
> > data = VM_ENTRY_LOAD_GUEST_PAT |
> > VM_ENTRY_LOAD_GUEST_EFER |
> > - VM_ENTRY_LOAD_PERF_GLOBAL_CTRL;
> > + VM_ENTRY_LOAD_PERF_GLOBAL_CTRL |
> > + VM_ENTRY_IA32E_MODE;
> > data = ((data | tmp) << 32) | tmp;
> > break;
> >
> > --
> > 1.7.1
> >
> >
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xen.org
> > http://lists.xen.org/xen-devel
>
>
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH 05/10] nested vmx: fix DR access VM exit
2012-12-04 10:02 ` Jan Beulich
@ 2012-12-05 1:27 ` Xu, Dongxiao
0 siblings, 0 replies; 19+ messages in thread
From: Xu, Dongxiao @ 2012-12-05 1:27 UTC (permalink / raw)
To: Jan Beulich; +Cc: xen-devel@lists.xen.org
> -----Original Message-----
> From: Jan Beulich [mailto:JBeulich@suse.com]
> Sent: Tuesday, December 04, 2012 6:02 PM
> To: Xu, Dongxiao
> Cc: xen-devel@lists.xen.org
> Subject: Re: [Xen-devel] [PATCH 05/10] nested vmx: fix DR access VM exit
>
> >>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
> > For DR register, we use lazy restore mechanism when access it.
> > Therefore when receiving such VM exit, L0 should be responsible to
> > switch to the right DR values, then inject to L1 hypervisor.
> >
> > Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
> > ---
> > xen/arch/x86/hvm/vmx/vvmx.c | 3 ++-
> > 1 files changed, 2 insertions(+), 1 deletions(-)
> >
> > diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
> > index cf3797c..0ac78af 100644
> > --- a/xen/arch/x86/hvm/vmx/vvmx.c
> > +++ b/xen/arch/x86/hvm/vmx/vvmx.c
> > @@ -1654,7 +1654,8 @@ int nvmx_n2_vmexit_handler(struct
> cpu_user_regs *regs,
> > case EXIT_REASON_DR_ACCESS:
> > ctrl = __n2_exec_control(v);
> > if ( ctrl & CPU_BASED_MOV_DR_EXITING )
> > - nvcpu->nv_vmexit_pending = 1;
> > + if ( v->arch.hvm_vcpu.flag_dr_dirty )
> > + nvcpu->nv_vmexit_pending = 1;
>
> Personally I'd prefer if you combined the two if-s.
Will merge it in updated pull request.
Thanks,
Dongxiao
>
> Jan
>
> > break;
> > case EXIT_REASON_INVLPG:
> > ctrl = __n2_exec_control(v);
> > --
> > 1.7.1
> >
> >
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xen.org
> > http://lists.xen.org/xen-devel
>
>
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH 02/10] nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM
2012-12-04 9:59 ` Jan Beulich
@ 2012-12-05 1:35 ` Xu, Dongxiao
0 siblings, 0 replies; 19+ messages in thread
From: Xu, Dongxiao @ 2012-12-05 1:35 UTC (permalink / raw)
To: Jan Beulich; +Cc: Dong, Eddie, Nakajima, Jun, xen-devel@lists.xen.org
> -----Original Message-----
> From: Jan Beulich [mailto:JBeulich@suse.com]
> Sent: Tuesday, December 04, 2012 6:00 PM
> To: Xu, Dongxiao
> Cc: Dong, Eddie; Nakajima, Jun; xen-devel@lists.xen.org
> Subject: Re: [Xen-devel] [PATCH 02/10] nested vmx: expose bit 55 of
> IA32_VMX_BASIC_MSR to guest VMM
>
> >>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
>
> I'm sorry, but exposing something that doesn't even have a name sound very
> awkward to me. Please adjust existing code using the literal number in a
> prerequisite patch, and then use the added constant here too.
>
Thanks for the comments.
I will refine this patch in next pull request.
Thanks,
Dongxiao
> Jan
>
> > Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
> > ---
> > xen/arch/x86/hvm/vmx/vvmx.c | 37
> +++++++++++++++++++++++++------------
> > 1 files changed, 25 insertions(+), 12 deletions(-)
> >
> > diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
> > index 719bfce..cf91c7c 100644
> > --- a/xen/arch/x86/hvm/vmx/vvmx.c
> > +++ b/xen/arch/x86/hvm/vmx/vvmx.c
> > @@ -1299,7 +1299,7 @@ int nvmx_handle_vmwrite(struct cpu_user_regs
> *regs)
> > */
> > int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content) {
> > - u64 data = 0, tmp;
> > + u64 data = 0, tmp = 0;
> > int r = 1;
> >
> > if ( !nestedhvm_enabled(current->domain) ) @@ -1311,18 +1311,20
> > @@ int nvmx_msr_read_intercept(unsigned int msr, u64
> > *msr_content)
> > switch (msr) {
> > case MSR_IA32_VMX_BASIC:
> > data = VVMCS_REVISION | ((u64)PAGE_SIZE) << 32 |
> > - ((u64)MTRR_TYPE_WRBACK) << 50;
> > + ((u64)MTRR_TYPE_WRBACK) << 50 | (1ULL << 55);
> > break;
> > case MSR_IA32_VMX_PINBASED_CTLS:
> > + case MSR_IA32_VMX_TRUE_PINBASED_CTLS:
> > /* 1-seetings */
> > data = PIN_BASED_EXT_INTR_MASK |
> > PIN_BASED_NMI_EXITING |
> > PIN_BASED_PREEMPT_TIMER;
> > - data <<= 32;
> > - /* 0-settings */
> > - data |= 0;
> > + /* Consult SDM for default1 setting */
> > + tmp = ( (1<<1) | (1<<2) | (1<<4) );
> > + data = ((data | tmp) << 32) | (tmp);
> > break;
> > case MSR_IA32_VMX_PROCBASED_CTLS:
> > + case MSR_IA32_VMX_TRUE_PROCBASED_CTLS:
> > /* 1-seetings */
> > data = CPU_BASED_HLT_EXITING |
> > CPU_BASED_VIRTUAL_INTR_PENDING | @@ -1342,10
> +1344,14
> > @@ int nvmx_msr_read_intercept(unsigned int msr, u64
> > *msr_content)
> > CPU_BASED_VIRTUAL_NMI_PENDING |
> > CPU_BASED_ACTIVATE_MSR_BITMAP |
> > CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
> > - /* bit 1, 4-6,8,13-16,26 must be 1 (refer G4 of SDM) */
> > - tmp = ( (1<<26) | (0xf << 13) | 0x100 | (0x7 << 4) | 0x2);
> > + /* Consult SDM for default1 setting */
> > + if ( msr == MSR_IA32_VMX_PROCBASED_CTLS )
> > + tmp = 0x401e172;
> > + else if ( msr == MSR_IA32_VMX_TRUE_PROCBASED_CTLS )
> > + tmp = 0x4006172;
> > /* 0-settings */
> > data = ((data | tmp) << 32) | (tmp);
> > +
> > break;
> > case MSR_IA32_VMX_PROCBASED_CTLS2:
> > /* 1-seetings */
> > @@ -1355,9 +1361,12 @@ int nvmx_msr_read_intercept(unsigned int msr,
> > u64
> > *msr_content)
> > data = (data << 32) | tmp;
> > break;
> > case MSR_IA32_VMX_EXIT_CTLS:
> > - /* 1-seetings */
> > - /* bit 0-8, 10,11,13,14,16,17 must be 1 (refer G4 of SDM) */
> > - tmp = 0x36dff;
> > + case MSR_IA32_VMX_TRUE_EXIT_CTLS:
> > + /* Consult SDM for default1 setting */
> > + if ( msr == MSR_IA32_VMX_EXIT_CTLS )
> > + tmp = 0x36dff;
> > + else if ( msr == MSR_IA32_VMX_TRUE_EXIT_CTLS )
> > + tmp = 0x36dfb;
> > data = VM_EXIT_ACK_INTR_ON_EXIT |
> > VM_EXIT_IA32E_MODE |
> > VM_EXIT_SAVE_PREEMPT_TIMER | @@ -1370,8
> +1379,12 @@
> > int nvmx_msr_read_intercept(unsigned int msr, u64
> > *msr_content)
> > data = ((data | tmp) << 32) | tmp;
> > break;
> > case MSR_IA32_VMX_ENTRY_CTLS:
> > - /* bit 0-8, and 12 must be 1 (refer G5 of SDM) */
> > - tmp = 0x11ff;
> > + case MSR_IA32_VMX_TRUE_ENTRY_CTLS:
> > + /* Consult SDM for default1 setting */
> > + if ( msr == MSR_IA32_VMX_ENTRY_CTLS )
> > + tmp = 0x11ff;
> > + else if ( msr == MSR_IA32_VMX_TRUE_ENTRY_CTLS )
> > + tmp = 0x11fb;
> > data = VM_ENTRY_LOAD_GUEST_PAT |
> > VM_ENTRY_LOAD_GUEST_EFER |
> > VM_ENTRY_LOAD_PERF_GLOBAL_CTRL;
> > --
> > 1.7.1
> >
> >
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xen.org
> > http://lists.xen.org/xen-devel
>
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH 00/10] nested vmx: bug fixes and feature enabling
2012-12-04 10:05 ` [PATCH 00/10] nested vmx: bug fixes and feature enabling Jan Beulich
@ 2012-12-05 1:37 ` Xu, Dongxiao
0 siblings, 0 replies; 19+ messages in thread
From: Xu, Dongxiao @ 2012-12-05 1:37 UTC (permalink / raw)
To: Jan Beulich; +Cc: Dong, Eddie, Nakajima, Jun, xen-devel@lists.xen.org
> -----Original Message-----
> From: Jan Beulich [mailto:JBeulich@suse.com]
> Sent: Tuesday, December 04, 2012 6:06 PM
> To: Xu, Dongxiao
> Cc: Dong, Eddie; Nakajima, Jun; xen-devel@lists.xen.org
> Subject: Re: [Xen-devel] [PATCH 00/10] nested vmx: bug fixes and feature
> enabling
>
> >>> On 04.12.12 at 06:53, Dongxiao Xu <dongxiao.xu@intel.com> wrote:
> > This series of patches contain some bug fixes and feature enabling for
> > nested vmx, please help to review and pull.
>
> As with the previous series, we would want this series to be ack-ed by one of
> the formally listed maintainers.
>
> Beyond that I'd appreciate if you could indicate which of the bug fixes you sent
> would be candidates for 4.2.x.
Sure. I will describe the bugs/issues in the commit message in next pull request.
Thanks,
Dongxiao
>
> Jan
>
> > Dongxiao Xu (10):
> > nested vmx: emulate MSR bitmaps
> > nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM
> > nested vmx: fix rflags status in virtual vmexit
> > nested vmx: fix handling of RDTSC
> > nested vmx: fix DR access VM exit
> > nested vmx: enable IA32E mode while do VM entry
> > nested vmx: enable "Virtualize APIC accesses" feature for L1 VMM
> > nested vmx: enable PAUSE and RDPMC exiting for L1 VMM
> > nested vmx: fix interrupt delivery to L2 guest
> > nested vmx: check host ability when intercept MSR read
> >
> > xen/arch/x86/hvm/vmx/intr.c | 11 ++-
> > xen/arch/x86/hvm/vmx/vmcs.c | 28 ++++++++
> > xen/arch/x86/hvm/vmx/vmx.c | 2 +-
> > xen/arch/x86/hvm/vmx/vvmx.c | 128
> ++++++++++++++++++++++++++++++------
> > xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
> > xen/include/asm-x86/hvm/vmx/vmx.h | 2 +
> > xen/include/asm-x86/hvm/vmx/vvmx.h | 1 +
> > 7 files changed, 148 insertions(+), 25 deletions(-)
> >
> >
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xen.org
> > http://lists.xen.org/xen-devel
>
>
^ permalink raw reply [flat|nested] 19+ messages in thread
end of thread, other threads:[~2012-12-05 1:37 UTC | newest]
Thread overview: 19+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-12-04 5:53 [PATCH 00/10] nested vmx: bug fixes and feature enabling Dongxiao Xu
2012-12-04 5:53 ` [PATCH 01/10] nested vmx: emulate MSR bitmaps Dongxiao Xu
2012-12-04 5:53 ` [PATCH 02/10] nested vmx: expose bit 55 of IA32_VMX_BASIC_MSR to guest VMM Dongxiao Xu
2012-12-04 9:59 ` Jan Beulich
2012-12-05 1:35 ` Xu, Dongxiao
2012-12-04 5:53 ` [PATCH 03/10] nested vmx: fix rflags status in virtual vmexit Dongxiao Xu
2012-12-04 5:53 ` [PATCH 04/10] nested vmx: fix handling of RDTSC Dongxiao Xu
2012-12-04 5:53 ` [PATCH 05/10] nested vmx: fix DR access VM exit Dongxiao Xu
2012-12-04 10:02 ` Jan Beulich
2012-12-05 1:27 ` Xu, Dongxiao
2012-12-04 5:53 ` [PATCH 06/10] nested vmx: enable IA32E mode while do VM entry Dongxiao Xu
2012-12-04 10:03 ` Jan Beulich
2012-12-05 1:26 ` Xu, Dongxiao
2012-12-04 5:53 ` [PATCH 07/10] nested vmx: enable "Virtualize APIC accesses" feature for L1 VMM Dongxiao Xu
2012-12-04 5:53 ` [PATCH 08/10] nested vmx: enable PAUSE and RDPMC exiting " Dongxiao Xu
2012-12-04 5:53 ` [PATCH 09/10] nested vmx: fix interrupt delivery to L2 guest Dongxiao Xu
2012-12-04 5:53 ` [PATCH 10/10] nested vmx: check host ability when intercept MSR read Dongxiao Xu
2012-12-04 10:05 ` [PATCH 00/10] nested vmx: bug fixes and feature enabling Jan Beulich
2012-12-05 1:37 ` Xu, Dongxiao
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).