From: Brian Woods <brian.woods@amd.com>
To: xen-devel@lists.xen.org
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Brian Woods <brian.woods@amd.com>,
Jan Beulich <jbeulich@suse.com>,
Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Subject: [PATCH v3 2/3] x86/svm: add EFER SVME support for VGIF/VLOAD
Date: Thu, 8 Feb 2018 11:01:47 -0600 [thread overview]
Message-ID: <20180208170147.89927-1-brian.woods@amd.com> (raw)
In-Reply-To: <20180207210624.119059-1-brian.woods@amd.com>
Only enable virtual VMLOAD/SAVE and VGIF if the guest EFER.SVME is set.
Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Brian Woods <brian.woods@amd.com>
---
xen/arch/x86/hvm/svm/nestedsvm.c | 66 +++++++++++++++++++++++++++++++++
xen/arch/x86/hvm/svm/svm.c | 6 +++
xen/arch/x86/hvm/svm/vmcb.c | 17 ---------
xen/include/asm-x86/hvm/svm/nestedsvm.h | 1 +
4 files changed, 73 insertions(+), 17 deletions(-)
diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c
index 1f7b0d3e88..9295e583d7 100644
--- a/xen/arch/x86/hvm/svm/nestedsvm.c
+++ b/xen/arch/x86/hvm/svm/nestedsvm.c
@@ -1659,3 +1659,69 @@ void svm_vmexit_do_clgi(struct cpu_user_regs *regs, struct vcpu *v)
__update_guest_eip(regs, inst_len);
}
+
+/*
+ * This runs on EFER change to see if nested features need to either be
+ * turned off or on.
+ */
+void svm_nested_features_on_efer_update(struct vcpu *v)
+{
+ struct vmcb_struct *vmcb = v->arch.hvm_svm.vmcb;
+ struct nestedsvm *svm = &vcpu_nestedsvm(v);
+ u32 general2_intercepts;
+ vintr_t vintr;
+
+ /*
+ * Need state for transfering the nested gif status so only write on
+ * the hvm_vcpu EFER.SVME changing.
+ */
+ if ( v->arch.hvm_vcpu.guest_efer & EFER_SVME )
+ {
+ if ( !vmcb->virt_ext.fields.vloadsave_enable &&
+ paging_mode_hap(v->domain) &&
+ cpu_has_svm_vloadsave )
+ {
+ vmcb->virt_ext.fields.vloadsave_enable = 1;
+ general2_intercepts = vmcb_get_general2_intercepts(vmcb);
+ general2_intercepts &= ~(GENERAL2_INTERCEPT_VMLOAD |
+ GENERAL2_INTERCEPT_VMSAVE);
+ vmcb_set_general2_intercepts(vmcb, general2_intercepts);
+ }
+
+ if ( !vmcb->_vintr.fields.vgif_enable &&
+ cpu_has_svm_vgif )
+ {
+ vintr = vmcb_get_vintr(vmcb);
+ vintr.fields.vgif = svm->ns_gif;
+ vintr.fields.vgif_enable = 1;
+ vmcb_set_vintr(vmcb, vintr);
+ general2_intercepts = vmcb_get_general2_intercepts(vmcb);
+ general2_intercepts &= ~(GENERAL2_INTERCEPT_STGI |
+ GENERAL2_INTERCEPT_CLGI);
+ vmcb_set_general2_intercepts(vmcb, general2_intercepts);
+ }
+ }
+ else
+ {
+ if ( vmcb->virt_ext.fields.vloadsave_enable )
+ {
+ vmcb->virt_ext.fields.vloadsave_enable = 0;
+ general2_intercepts = vmcb_get_general2_intercepts(vmcb);
+ general2_intercepts |= (GENERAL2_INTERCEPT_VMLOAD |
+ GENERAL2_INTERCEPT_VMSAVE);
+ vmcb_set_general2_intercepts(vmcb, general2_intercepts);
+ }
+
+ if ( vmcb->_vintr.fields.vgif_enable )
+ {
+ vintr = vmcb_get_vintr(vmcb);
+ svm->ns_gif = vintr.fields.vgif;
+ vintr.fields.vgif_enable = 0;
+ vmcb_set_vintr(vmcb, vintr);
+ general2_intercepts = vmcb_get_general2_intercepts(vmcb);
+ general2_intercepts |= (GENERAL2_INTERCEPT_STGI |
+ GENERAL2_INTERCEPT_CLGI);
+ vmcb_set_general2_intercepts(vmcb, general2_intercepts);
+ }
+ }
+}
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index c48fdfaa5d..be08a5aa5e 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -611,6 +611,12 @@ static void svm_update_guest_efer(struct vcpu *v)
if ( lma )
new_efer |= EFER_LME;
vmcb_set_efer(vmcb, new_efer);
+
+ if ( !nestedhvm_enabled(v->domain) )
+ ASSERT(!(v->arch.hvm_vcpu.guest_efer & EFER_SVME));
+
+ if ( nestedhvm_enabled(v->domain) )
+ svm_nested_features_on_efer_update(v);
}
static void svm_cpuid_policy_changed(struct vcpu *v)
diff --git a/xen/arch/x86/hvm/svm/vmcb.c b/xen/arch/x86/hvm/svm/vmcb.c
index 0e6cba5b7b..997e7597e0 100644
--- a/xen/arch/x86/hvm/svm/vmcb.c
+++ b/xen/arch/x86/hvm/svm/vmcb.c
@@ -200,29 +200,12 @@ static int construct_vmcb(struct vcpu *v)
/* PAT is under complete control of SVM when using nested paging. */
svm_disable_intercept_for_msr(v, MSR_IA32_CR_PAT);
-
- /* Use virtual VMLOAD/VMSAVE if available. */
- if ( cpu_has_svm_vloadsave )
- {
- vmcb->virt_ext.fields.vloadsave_enable = 1;
- vmcb->_general2_intercepts &= ~GENERAL2_INTERCEPT_VMLOAD;
- vmcb->_general2_intercepts &= ~GENERAL2_INTERCEPT_VMSAVE;
- }
}
else
{
vmcb->_exception_intercepts |= (1U << TRAP_page_fault);
}
- /* if available, enable and configure virtual gif */
- if ( cpu_has_svm_vgif )
- {
- vmcb->_vintr.fields.vgif = 1;
- vmcb->_vintr.fields.vgif_enable = 1;
- vmcb->_general2_intercepts &= ~GENERAL2_INTERCEPT_STGI;
- vmcb->_general2_intercepts &= ~GENERAL2_INTERCEPT_CLGI;
- }
-
if ( cpu_has_pause_filter )
{
vmcb->_pause_filter_count = SVM_PAUSEFILTER_INIT;
diff --git a/xen/include/asm-x86/hvm/svm/nestedsvm.h b/xen/include/asm-x86/hvm/svm/nestedsvm.h
index a619b6131b..abcf2e7c9c 100644
--- a/xen/include/asm-x86/hvm/svm/nestedsvm.h
+++ b/xen/include/asm-x86/hvm/svm/nestedsvm.h
@@ -104,6 +104,7 @@ nestedsvm_vmexit_n2n1(struct vcpu *v, struct cpu_user_regs *regs);
enum nestedhvm_vmexits
nestedsvm_check_intercepts(struct vcpu *v, struct cpu_user_regs *regs,
uint64_t exitcode);
+void svm_nested_features_on_efer_update(struct vcpu *v);
/* Interface methods */
void nsvm_vcpu_destroy(struct vcpu *v);
--
2.11.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2018-02-08 17:01 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-31 20:35 [PATCH 0/3] Various SVM Cleanups Brian Woods
2018-01-31 20:35 ` [PATCH 1/3] x86/svm: update VGIF support Brian Woods
2018-02-03 16:51 ` Boris Ostrovsky
2018-01-31 20:35 ` [PATCH 2/3] x86/svm: add EFER SVME support for VGIF/VLOAD Brian Woods
2018-02-03 16:55 ` Boris Ostrovsky
2018-02-05 9:09 ` Jan Beulich
2018-02-05 16:47 ` Brian Woods
2018-02-05 17:02 ` Jan Beulich
2018-02-05 15:37 ` Andrew Cooper
2018-02-05 16:39 ` Brian Woods
2018-02-07 21:06 ` [PATCH v2 " Brian Woods
2018-02-07 21:15 ` Brian Woods
[not found] ` <5A7B6A7C0200003403432E6E@prv-mh.provo.novell.com>
2018-02-08 9:45 ` Jan Beulich
2018-02-08 16:23 ` Brian Woods
[not found] ` <5A7C82880200003F043E54B7@prv-mh.provo.novell.com>
2018-02-13 9:31 ` [PATCH v3 " Jan Beulich
2018-02-13 18:37 ` Woods, Brian
2018-02-14 8:01 ` Jan Beulich
2018-02-08 17:01 ` Brian Woods [this message]
2018-02-20 22:27 ` [PATCH v4 " Brian Woods
2018-02-20 22:52 ` Boris Ostrovsky
2018-02-20 22:00 ` [PATCH v2 " Brian Woods
2018-02-20 22:09 ` Boris Ostrovsky
2018-02-20 22:14 ` Brian Woods
2018-01-31 20:35 ` [PATCH 3/3] x86/svm: correct EFER.SVME intercept checks Brian Woods
2018-02-03 17:03 ` Boris Ostrovsky
2018-02-03 17:10 ` Andrew Cooper
2018-02-03 17:15 ` Boris Ostrovsky
2018-02-05 9:18 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180208170147.89927-1-brian.woods@amd.com \
--to=brian.woods@amd.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=jbeulich@suse.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).