[PATCH V9 5/5] x86/hvm: pkeys, add pkeys support for cpuid handling

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

From: Huaitong Han <huaitong.han@intel.com>
To: jbeulich@suse.com, andrew.cooper3@citrix.com,
	george.dunlap@eu.citrix.com, tim@xen.org, keir@xen.org,
	ian.jackson@eu.citrix.com, stefano.stabellini@eu.citrix.com,
	ian.campbell@citrix.com
Cc: Huaitong Han <huaitong.han@intel.com>, xen-devel@lists.xen.org
Subject: [PATCH V9 5/5] x86/hvm: pkeys, add pkeys support for cpuid handling
Date: Wed,  3 Feb 2016 22:12:05 +0800	[thread overview]
Message-ID: <1454508725-22786-6-git-send-email-huaitong.han@intel.com> (raw)
In-Reply-To: <1454508725-22786-1-git-send-email-huaitong.han@intel.com>

This patch adds pkeys support for cpuid handing.

Pkeys hardware support is CPUID.7.0.ECX[3]:PKU. software support is
CPUID.7.0.ECX[4]:OSPKE and it reflects the support setting of CR4.PKE.

X86_FEATURE_OSXSAVE depends on guest X86_FEATURE_XSAVE, but cpu_has_xsave
function reflects hypervisor X86_FEATURE_XSAVE, it is fixed too.

Signed-off-by: Huaitong Han <huaitong.han@intel.com>
---
Changes in v9:
*Clear X86_FEATURE_OSPKE and X86_FEATURE_OSXSAVE when the condition is not satisfied.

Changes in v7:
*Rebase in the latest tree.
*Add a comment for cpu_has_xsave adjustment.
*Adjust indentation.

 tools/libxc/xc_cpufeature.h |  3 +++
 tools/libxc/xc_cpuid_x86.c  |  6 ++++--
 xen/arch/x86/hvm/hvm.c      | 26 +++++++++++++++++++-------
 3 files changed, 26 insertions(+), 9 deletions(-)

diff --git a/tools/libxc/xc_cpufeature.h b/tools/libxc/xc_cpufeature.h
index ee53679..866cf0b 100644
--- a/tools/libxc/xc_cpufeature.h
+++ b/tools/libxc/xc_cpufeature.h
@@ -144,4 +144,7 @@
 #define X86_FEATURE_CLFLUSHOPT  23 /* CLFLUSHOPT instruction */
 #define X86_FEATURE_CLWB        24 /* CLWB instruction */
 
+/* Intel-defined CPU features, CPUID level 0x00000007:0 (ecx) */
+#define X86_FEATURE_PKU     3
+
 #endif /* __LIBXC_CPUFEATURE_H */
diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c
index c142595..5408dd0 100644
--- a/tools/libxc/xc_cpuid_x86.c
+++ b/tools/libxc/xc_cpuid_x86.c
@@ -430,9 +430,11 @@ static void xc_cpuid_hvm_policy(xc_interface *xch,
                         bitmaskof(X86_FEATURE_PCOMMIT) |
                         bitmaskof(X86_FEATURE_CLWB) |
                         bitmaskof(X86_FEATURE_CLFLUSHOPT));
+            regs[2] &= bitmaskof(X86_FEATURE_PKU);
         } else
-            regs[1] = 0;
-        regs[0] = regs[2] = regs[3] = 0;
+            regs[1] = regs[2] = 0;
+
+        regs[0] = regs[3] = 0;
         break;
 
     case 0x0000000d:
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 5ec2ae1..73fb54c 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4572,9 +4572,11 @@ void hvm_cpuid(unsigned int input, unsigned int *eax, unsigned int *ebx,
             __clear_bit(X86_FEATURE_APIC & 31, edx);
 
         /* Fix up OSXSAVE. */
-        if ( cpu_has_xsave )
-            *ecx |= (v->arch.hvm_vcpu.guest_cr[4] & X86_CR4_OSXSAVE) ?
-                     cpufeat_mask(X86_FEATURE_OSXSAVE) : 0;
+        if ( *ecx & cpufeat_mask(X86_FEATURE_XSAVE) &&
+             (v->arch.hvm_vcpu.guest_cr[4] & X86_CR4_OSXSAVE) )
+            *ecx |= cpufeat_mask(X86_FEATURE_OSXSAVE);
+        else
+            *ecx &= ~cpufeat_mask(X86_FEATURE_OSXSAVE);
 
         /* Don't expose PCID to non-hap hvm. */
         if ( !hap_enabled(d) )
@@ -4593,16 +4595,26 @@ void hvm_cpuid(unsigned int input, unsigned int *eax, unsigned int *ebx,
             if ( !cpu_has_smap )
                 *ebx &= ~cpufeat_mask(X86_FEATURE_SMAP);
 
-            /* Don't expose MPX to hvm when VMX support is not available */
+            /* Don't expose MPX to hvm when VMX support is not available. */
             if ( !(vmx_vmexit_control & VM_EXIT_CLEAR_BNDCFGS) ||
                  !(vmx_vmentry_control & VM_ENTRY_LOAD_BNDCFGS) )
                 *ebx &= ~cpufeat_mask(X86_FEATURE_MPX);
 
-            /* Don't expose INVPCID to non-hap hvm. */
             if ( !hap_enabled(d) )
-                *ebx &= ~cpufeat_mask(X86_FEATURE_INVPCID);
+            {
+                 /* Don't expose INVPCID to non-hap hvm. */
+                 *ebx &= ~cpufeat_mask(X86_FEATURE_INVPCID);
+                 /* X86_FEATURE_PKU is not yet implemented for shadow paging. */
+                 *ecx &= ~cpufeat_mask(X86_FEATURE_PKU);
+            }
+
+            if ( (*ecx & cpufeat_mask(X86_FEATURE_PKU)) &&
+                 (v->arch.hvm_vcpu.guest_cr[4] & X86_CR4_PKE) )
+                *ecx |= cpufeat_mask(X86_FEATURE_OSPKE);
+            else
+                *ecx &= ~cpufeat_mask(X86_FEATURE_OSPKE);
 
-            /* Don't expose PCOMMIT to hvm when VMX support is not available */
+            /* Don't expose PCOMMIT to hvm when VMX support is not available. */
             if ( !cpu_has_vmx_pcommit )
                 *ebx &= ~cpufeat_mask(X86_FEATURE_PCOMMIT);
         }
-- 
2.4.3

next prev parent reply	other threads:[~2016-02-03 14:12 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-02-03 14:12 [PATCH V9 0/5] x86/hvm: pkeys, add memory protection-key support Huaitong Han
2016-02-03 14:12 ` [PATCH V9 1/5] x86/hvm: pkeys, disable pkeys for guests in non-paging mode Huaitong Han
2016-02-03 15:19   ` Jan Beulich
2016-02-03 15:54     ` Han, Huaitong
2016-02-03 16:01       ` Jan Beulich
2016-02-04  4:57   ` Tian, Kevin
2016-02-03 14:12 ` [PATCH V9 2/5] x86/hvm: pkeys, add pkeys support for guest_walk_tables Huaitong Han
2016-02-04  5:46   ` Tian, Kevin
2016-02-03 14:12 ` [PATCH V9 3/5] x86/hvm: pkeys, add xstate support for pkeys Huaitong Han
2016-02-04  5:47   ` Tian, Kevin
2016-02-03 14:12 ` [PATCH V9 4/5] xen/mm: Clean up pfec handling in gva_to_gfn Huaitong Han
2016-02-03 15:57   ` Tim Deegan
2016-02-03 14:12 ` Huaitong Han [this message]
2016-02-03 15:02   ` [PATCH V9 5/5] x86/hvm: pkeys, add pkeys support for cpuid handling Wei Liu
2016-02-03 15:06     ` Wei Liu
2016-02-03 15:18   ` Jan Beulich
2016-02-04  4:56 ` [PATCH V9 0/5] x86/hvm: pkeys, add memory protection-key support Tian, Kevin
2016-02-04  5:20   ` Han, Huaitong
2016-02-04  5:25     ` Han, Huaitong
2016-02-04  5:35       ` Tian, Kevin
2016-02-04  8:28       ` Tian, Kevin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:ee53679 dfblob:866cf0b dfblob:c142595 dfblob:5408dd0
dfblob:5ec2ae1 dfblob:73fb54c )
 OR (
bs:"[PATCH V9 5/5] x86/hvm: pkeys, add pkeys support for cpuid handling" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1454508725-22786-6-git-send-email-huaitong.han@intel.com \
    --to=huaitong.han@intel.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=george.dunlap@eu.citrix.com \
    --cc=ian.campbell@citrix.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=jbeulich@suse.com \
    --cc=keir@xen.org \
    --cc=stefano.stabellini@eu.citrix.com \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).