From: Zhang Yi <yi.z.zhang@linux.intel.com>
To: xen-devel@lists.xenproject.org
Cc: kevin.tian@intel.com, tamas@tklengyel.com, wei.liu2@citrix.com,
jun.nakajima@intel.com, rcojocaru@bitdefender.com,
george.dunlap@eu.citrix.com, andrew.cooper3@citrix.com,
ian.jackson@eu.citrix.com,
Zhang Yi Z <yi.z.zhang@linux.intel.com>,
jbeulich@suse.com
Subject: [PATCH RFC 03/14] xen: vmx: Introduce the SPPTP and SPP page table.
Date: Thu, 19 Oct 2017 16:09:47 +0800 [thread overview]
Message-ID: <71a163bc98dec2f1e06f98e25def364087a3f4b2.1508397860.git.yi.z.zhang@linux.intel.com> (raw)
In-Reply-To: <cover.1508397860.git.yi.z.zhang@linux.intel.com>
From: Zhang Yi Z <yi.z.zhang@linux.intel.com>
SPPT has 4-level paging structure that is similar to EPT
except L1E.
The sub-page permission table is referenced via a 64-bit control
field called Sub-Page Permission Table Pointer (SPPTP) which
contains a 4K-aligned physical address, the index and encoding
for this VMCS field is defined 0x2030 at this time.
The format of SPPTP is shown in below figure
---------------------------------------------------------------|
| Bit | Contents |
:--------------------------------------------------------------|
| 11:0 | Reserved (0) |
| N-1:12 | Physical address of 4KB aligned SPPT L4E Table |
| 51:N | Reserved (0) |
| 63:52 | Reserved (0) |
---------------------------------------------------------------|
Note: N is the physical address width supported by the processor.
This patch introduced the Spp paging structures, which root page
will created at p2m_alloc_table. and free at p2m_teardown.
Same as EPT page table, We initialized the SPPT, and write the
SPPT point into VMCS field.
Signed-off-by: Zhang Yi Z <yi.z.zhang@linux.intel.com>
---
xen/arch/x86/hvm/vmx/vmcs.c | 6 ++++++
xen/arch/x86/mm/p2m.c | 12 +++++++++++-
xen/include/asm-x86/hvm/vmx/vmcs.h | 11 +++++++++++
xen/include/asm-x86/p2m.h | 8 +++++++-
4 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index bee5d74..e2a1f1f 100644
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -1273,6 +1273,12 @@ static int construct_vmcs(struct vcpu *v)
ept->mfn = pagetable_get_pfn(p2m_get_pagetable(p2m));
__vmwrite(EPT_POINTER, ept->eptp);
+
+ if ( cpu_has_vmx_ept_spp ) {
+ struct spp_data *spp = &p2m->spptp;
+ spp->mfn = pagetable_get_pfn(p2m_get_spp_pagetable(p2m));
+ __vmwrite(SPPT_POINT, spp->sppt_point);
+ }
}
if ( paging_mode_hap(d) )
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index e8a57d1..3d618e9 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -609,7 +609,7 @@ void p2m_free_ptp(struct p2m_domain *p2m, struct page_info *pg)
*/
int p2m_alloc_table(struct p2m_domain *p2m)
{
- struct page_info *p2m_top;
+ struct page_info *p2m_top, *p2m_spp;
struct domain *d = p2m->domain;
int rc = 0;
@@ -639,8 +639,17 @@ int p2m_alloc_table(struct p2m_domain *p2m)
return -ENOMEM;
}
+ p2m_spp = p2m_alloc_ptp(p2m, PGT_l4_page_table);
+ if ( p2m_spp == NULL )
+ {
+ p2m_unlock(p2m);
+ return -ENOMEM;
+ }
+
p2m->phys_table = pagetable_from_mfn(page_to_mfn(p2m_top));
+ p2m->spp_phys_table = pagetable_from_mfn(page_to_mfn(p2m_spp));
+
if ( hap_enabled(d) )
iommu_share_p2m_table(d);
@@ -678,6 +687,7 @@ void p2m_teardown(struct p2m_domain *p2m)
p2m_lock(p2m);
ASSERT(atomic_read(&d->shr_pages) == 0);
p2m->phys_table = pagetable_null();
+ p2m->spp_phys_table = pagetable_null();
while ( (pg = page_list_remove_head(&p2m->pages)) )
d->arch.paging.free_page(d, pg);
diff --git a/xen/include/asm-x86/hvm/vmx/vmcs.h b/xen/include/asm-x86/hvm/vmx/vmcs.h
index 139f590..4843bc4 100644
--- a/xen/include/asm-x86/hvm/vmx/vmcs.h
+++ b/xen/include/asm-x86/hvm/vmx/vmcs.h
@@ -56,6 +56,16 @@ struct ept_data {
cpumask_var_t invalidate;
};
+struct spp_data {
+ union {
+ struct {
+ u32 reserved:12;
+ u64 mfn:52;
+ };
+ u64 sppt_point;
+ };
+};
+
#define _VMX_DOMAIN_PML_ENABLED 0
#define VMX_DOMAIN_PML_ENABLED (1ul << _VMX_DOMAIN_PML_ENABLED)
struct vmx_domain {
@@ -391,6 +401,7 @@ enum vmcs_field {
VMWRITE_BITMAP = 0x00002028,
VIRT_EXCEPTION_INFO = 0x0000202a,
XSS_EXIT_BITMAP = 0x0000202c,
+ SPPT_POINT = 0x00002030,
TSC_MULTIPLIER = 0x00002032,
GUEST_PHYSICAL_ADDRESS = 0x00002400,
VMCS_LINK_POINTER = 0x00002800,
diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h
index 6395e8f..0561643 100644
--- a/xen/include/asm-x86/p2m.h
+++ b/xen/include/asm-x86/p2m.h
@@ -193,6 +193,8 @@ struct p2m_domain {
/* Shadow translated domain: p2m mapping */
pagetable_t phys_table;
+ pagetable_t spp_phys_table;
+
/* Same as domain_dirty_cpumask but limited to
* this p2m and those physical cpus whose vcpu's are in
* guestmode.
@@ -339,6 +341,9 @@ struct p2m_domain {
struct ept_data ept;
/* NPT-equivalent structure could be added here. */
};
+ union {
+ struct spp_data spptp;
+ };
struct {
spinlock_t lock;
@@ -385,7 +390,8 @@ static inline bool_t p2m_is_altp2m(const struct p2m_domain *p2m)
return p2m->p2m_class == p2m_alternate;
}
-#define p2m_get_pagetable(p2m) ((p2m)->phys_table)
+#define p2m_get_pagetable(p2m) ((p2m)->phys_table)
+#define p2m_get_spp_pagetable(p2m) ((p2m)->spp_phys_table)
/*
* Ensure any deferred p2m TLB flush has been completed on all VCPUs.
--
2.7.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-10-19 8:09 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-19 8:04 [PATCH RFC 00/14] Intel EPT-Based Sub-page Write Protection Support Zhang Yi
2017-10-19 8:08 ` [PATCH RFC 01/14] xen: vmx: Added EPT based Subpage Write Protection Doc Zhang Yi
2017-10-19 8:08 ` [PATCH RFC 02/14] xen: vmx: Added VMX SPP feature flags and VM-Execution Controls Zhang Yi
2017-10-19 8:09 ` Zhang Yi [this message]
2017-10-19 8:10 ` [PATCH RFC 04/14] xen: vmx: Introduce SPP-Induced vm exit and it's handle Zhang Yi
2017-10-19 8:11 ` [PATCH RFC 05/14] xen: vmx: Disable the 2M/1G superpage when SPP enabled Zhang Yi
2017-10-19 18:17 ` Tamas K Lengyel
2017-10-20 8:44 ` Yi Zhang
2017-10-24 17:43 ` Tamas K Lengyel
2017-10-25 15:32 ` Yi Zhang
2017-10-25 15:12 ` Tamas K Lengyel
2017-10-19 8:11 ` [PATCH RFC 06/14] xen: vmx: Added SPP flags in EPT leaf entry Zhang Yi
2017-10-19 8:12 ` [PATCH RFC 07/14] xen: vmx: Update the EPT leaf entry indicated with the SPP enable bit Zhang Yi
2017-10-19 8:12 ` [PATCH RFC 08/14] xen: vmx: Added setup spp page structure Zhang Yi
2017-10-19 18:26 ` Tamas K Lengyel
2017-10-20 8:43 ` Yi Zhang
2017-10-19 8:13 ` [PATCH RFC 09/14] xen: vmx: Introduce a Hyper call to set subpage Zhang Yi
2017-10-19 18:34 ` Tamas K Lengyel
2017-10-20 8:41 ` Yi Zhang
2017-10-19 8:13 ` [PATCH RFC 10/14] xen: vmx: Implement the Hypercall p2m_set_subpage Zhang Yi
2017-10-19 8:14 ` [PATCH RFC 11/14] xen: vmx: Added handle of SPP write protection fault Zhang Yi
2017-10-19 8:15 ` [PATCH RFC 12/14] xen: vmx: Support for clear EPT SPP write Protect bit Zhang Yi
2017-10-19 8:15 ` [PATCH RFC 13/14] xen: tools: Introduce the set-subpage into xenctrl Zhang Yi
2017-10-19 8:37 ` Razvan Cojocaru
2017-10-20 8:40 ` Yi Zhang
2017-10-19 8:16 ` [PATCH RFC 14/14] xen: tools: Added xen-subpage tool Zhang Yi
2017-10-19 8:42 ` Razvan Cojocaru
2017-10-20 8:39 ` Yi Zhang
2017-10-19 9:07 ` [PATCH RFC 00/14] Intel EPT-Based Sub-page Write Protection Support Razvan Cojocaru
2017-10-20 8:37 ` Yi Zhang
2017-10-20 8:39 ` Razvan Cojocaru
2017-10-20 8:39 ` Razvan Cojocaru
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=71a163bc98dec2f1e06f98e25def364087a3f4b2.1508397860.git.yi.z.zhang@linux.intel.com \
--to=yi.z.zhang@linux.intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=rcojocaru@bitdefender.com \
--cc=tamas@tklengyel.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).