From: Xiantao Zhang <xiantao.zhang@intel.com>
To: xen-devel@lists.xen.org
Cc: keir@xen.org, jun.nakajima@intel.com, tim@xen.org,
eddie.dong@intel.com, JBeulich@suse.com,
Zhang Xiantao <xiantao.zhang@intel.com>
Subject: [PATCH v5 10/10] nEPT: Expose EPT & VPID capablities to L1 VMM
Date: Wed, 9 Jan 2013 12:16:24 +0800 [thread overview]
Message-ID: <1357704984-11614-11-git-send-email-xiantao.zhang@intel.com> (raw)
In-Reply-To: <1357704984-11614-1-git-send-email-xiantao.zhang@intel.com>
From: Zhang Xiantao <xiantao.zhang@intel.com>
Expose EPT's and VPID 's basic features to L1 VMM.
For EPT, no EPT A/D bit feature supported.
For VPID, exposes all features to L1 VMM
Signed-off-by: Zhang Xiantao <xiantao.zhang@intel.com>
---
xen/arch/x86/hvm/vmx/vvmx.c | 17 +++++++++++++++--
xen/arch/x86/mm/hap/nested_ept.c | 24 +++++++++++++++++-------
xen/include/asm-x86/hvm/vmx/vvmx.h | 2 ++
3 files changed, 34 insertions(+), 9 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index 2427fd4..427c8fc 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -1510,6 +1510,8 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
break;
case MSR_IA32_VMX_PROCBASED_CTLS:
case MSR_IA32_VMX_TRUE_PROCBASED_CTLS:
+ {
+ u32 default1_bits = VMX_PROCBASED_CTLS_DEFAULT1;
/* 1-seetings */
data = CPU_BASED_HLT_EXITING |
CPU_BASED_VIRTUAL_INTR_PENDING |
@@ -1532,12 +1534,20 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
CPU_BASED_RDPMC_EXITING |
CPU_BASED_TPR_SHADOW |
CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
- data = gen_vmx_msr(data, VMX_PROCBASED_CTLS_DEFAULT1, host_data);
+
+ if ( msr == MSR_IA32_VMX_TRUE_PROCBASED_CTLS )
+ default1_bits &= ~(CPU_BASED_CR3_LOAD_EXITING |
+ CPU_BASED_CR3_STORE_EXITING | CPU_BASED_INVLPG_EXITING);
+
+ data = gen_vmx_msr(data, default1_bits, host_data);
break;
+ }
case MSR_IA32_VMX_PROCBASED_CTLS2:
/* 1-seetings */
data = SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING |
- SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
+ SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
+ SECONDARY_EXEC_ENABLE_VPID |
+ SECONDARY_EXEC_ENABLE_EPT;
data = gen_vmx_msr(data, 0, host_data);
break;
case MSR_IA32_VMX_EXIT_CTLS:
@@ -1590,6 +1600,9 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
case MSR_IA32_VMX_MISC:
gdprintk(XENLOG_WARNING, "VMX MSR %x not fully supported yet.\n", msr);
break;
+ case MSR_IA32_VMX_EPT_VPID_CAP:
+ data = nept_get_ept_vpid_cap();
+ break;
default:
r = 0;
break;
diff --git a/xen/arch/x86/mm/hap/nested_ept.c b/xen/arch/x86/mm/hap/nested_ept.c
index 4393065..83431e1 100644
--- a/xen/arch/x86/mm/hap/nested_ept.c
+++ b/xen/arch/x86/mm/hap/nested_ept.c
@@ -43,12 +43,17 @@
#define EPT_MUST_RSV_BITS (((1ull << PADDR_BITS) -1) & \
~((1ull << paddr_bits) - 1))
-/*
- *TODO: Just leave it as 0 here for compile pass, will
- * define real capabilities in the subsequent patches.
- */
-#define NEPT_VPID_CAP_BITS 0
-
+#define NEPT_CAP_BITS \
+ (VMX_EPT_INVEPT_ALL_CONTEXT | VMX_EPT_INVEPT_SINGLE_CONTEXT | \
+ VMX_EPT_INVEPT_INSTRUCTION | VMX_EPT_SUPERPAGE_1GB | \
+ VMX_EPT_SUPERPAGE_2MB | VMX_EPT_MEMORY_TYPE_WB | \
+ VMX_EPT_MEMORY_TYPE_UC | VMX_EPT_WALK_LENGTH_4_SUPPORTED | \
+ VMX_EPT_EXEC_ONLY_SUPPORTED)
+
+#define NVPID_CAP_BITS \
+ (VMX_VPID_INVVPID_INSTRUCTION | VMX_VPID_INVVPID_INDIVIDUAL_ADDR |\
+ VMX_VPID_INVVPID_SINGLE_CONTEXT | VMX_VPID_INVVPID_ALL_CONTEXT |\
+ VMX_VPID_INVVPID_SINGLE_CONTEXT_RETAINING_GLOBAL)
#define NEPT_1G_ENTRY_FLAG (1 << 11)
#define NEPT_2M_ENTRY_FLAG (1 << 10)
@@ -111,10 +116,15 @@ static bool_t nept_non_present_check(ept_entry_t e)
uint64_t nept_get_ept_vpid_cap(void)
{
- uint64_t caps = NEPT_VPID_CAP_BITS;
+ uint64_t caps = 0;
+ if ( cpu_has_vmx_ept )
+ caps |= NEPT_CAP_BITS;
if ( !cpu_has_vmx_ept_exec_only_supported )
caps &= ~VMX_EPT_EXEC_ONLY_SUPPORTED;
+ if ( cpu_has_vmx_vpid )
+ caps |= NVPID_CAP_BITS;
+
return caps;
}
diff --git a/xen/include/asm-x86/hvm/vmx/vvmx.h b/xen/include/asm-x86/hvm/vmx/vvmx.h
index f5fcad0..424fedd 100644
--- a/xen/include/asm-x86/hvm/vmx/vvmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vvmx.h
@@ -209,6 +209,8 @@ u64 nvmx_get_tsc_offset(struct vcpu *v);
int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs,
unsigned int exit_reason);
+uint64_t nept_get_ept_vpid_cap(void);
+
int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga,
unsigned int *page_order, uint32_t rwx_acc,
unsigned long *l1gfn, uint8_t *p2m_acc,
--
1.7.1
next prev parent reply other threads:[~2013-01-09 4:16 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-09 4:16 [PATCH v5 00/10] Nested VMX: Add virtual EPT & VPID support to L1 VMM Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 01/10] nestedhap: Change hostcr3 and p2m->cr3 to meaningful words Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 02/10] nestedhap: Change nested p2m's walker to vendor-specific Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 03/10] nested_ept: Implement guest ept's walker Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 04/10] EPT: Make ept data structure or operations neutral Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 05/10] nEPT: Try to enable EPT paging for L2 guest Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 06/10] nEPT: Sync PDPTR fields if L2 guest in PAE paging mode Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 07/10] nEPT: Use minimal permission for nested p2m Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 08/10] nEPT: handle invept instruction from L1 VMM Xiantao Zhang
2013-01-09 4:16 ` [PATCH v5 09/10] nVMX: virutalize VPID capability to nested VMM Xiantao Zhang
2013-01-09 4:16 ` Xiantao Zhang [this message]
2013-01-09 11:38 ` [PATCH v5 00/10] Nested VMX: Add virtual EPT & VPID support to L1 VMM Jan Beulich
2013-01-10 12:46 ` Tim Deegan
2013-01-10 13:55 ` Nakajima, Jun
2013-01-11 0:55 ` Dong, Eddie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1357704984-11614-11-git-send-email-xiantao.zhang@intel.com \
--to=xiantao.zhang@intel.com \
--cc=JBeulich@suse.com \
--cc=eddie.dong@intel.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=tim@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).