From patchwork Sat Jul 29 01:16:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 127954 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp794242vqg; Fri, 28 Jul 2023 18:47:11 -0700 (PDT) X-Google-Smtp-Source: APBJJlHN0WCtOowMxO1FPweDA8FgNfJJktExjhVzN/Gja3gD4ymxfqdHzW+DPE+wHPE9AQjHV2aN X-Received: by 2002:a05:6a20:7493:b0:137:30db:bc35 with SMTP id p19-20020a056a20749300b0013730dbbc35mr3945181pzd.27.1690595231130; Fri, 28 Jul 2023 18:47:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690595231; cv=none; d=google.com; s=arc-20160816; b=TcxBgFYRbuyJqO07MsXhtRnXBeCUx8L2rEkF5z1Zt9cXhbZ+1KJ5GkvkEF8f65Jq5Z L3MJrtK8CAAyLWzLmnNmuzTH6UmoxPAHKZ9svj5zz+Dsu/XSRVMHOFLVjvCEVQBaY4kE SAlmYcxuQEKmPJr0RhOK2naIO1UjaHak8wh4vw5IkLvsoCygXwoaCQnPFf6sojHD7iBk jEyJjWwSuzOplIspHwToyM+/RZjbcJVLZYolfWNQO6wFx/Jan7qJEm0WevBopovzl/B6 oWgVuHK2Ozm9fY4PneRnJ6HxpAAh0sLKVgqm2AQ3T1nNe6j4H2azUhtq7z1vFbq15fxi juOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=y7cEpFM3GtEXX/RC2xjBSh+vjkWowYW5UIIx0dKpIJc=; fh=8Mc5uyvARtESo7rBGdZxKoor3rxsuqGYA/iIBYLTTUU=; b=oJlpNx3uTxKPti8DFcz3VRxx8woI1JfCATn0mg9RN/VhX16vWPAGv9c35yrhA75vxg ZUnQYt4ZgTfflGUefaFlbHcIveA4svpKUaPW32WkvcMRlLn1qRGilD3zJwCmvnxPdtiP IRT7TyGMluonD4Te0jgVn7t8HAQnnGl6CuNPPb29UPoUjjpY/IW5VO/JEqfCQDLLWO89 PzYfTmJ4a2mXw2ayRZ8p9CdroNccSmCKcPd3hdq/KypCDlyTtyhPYjipcavzDEiQ8/Nm G1xm9mi9shn0m2I/9j6REFr9mNNHiljaGIlOKx006CUDTGU6FpthoXIFwRO561hCv6w5 fC/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=N7UCx11b; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id be3-20020a656e43000000b00563efb72e22si3872103pgb.786.2023.07.28.18.46.58; Fri, 28 Jul 2023 18:47:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=N7UCx11b; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237513AbjG2BSd (ORCPT + 99 others); Fri, 28 Jul 2023 21:18:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35898 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237490AbjG2BRs (ORCPT ); Fri, 28 Jul 2023 21:17:48 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 640F74EDB for ; Fri, 28 Jul 2023 18:17:20 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id 41be03b00d2f7-5637a108d02so1773459a12.2 for ; Fri, 28 Jul 2023 18:17:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1690593410; x=1691198210; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=y7cEpFM3GtEXX/RC2xjBSh+vjkWowYW5UIIx0dKpIJc=; b=N7UCx11biKYErqs/Sg1mCGYKNalKl+tIeARjD04Bwez6xhq6l8wVRALyxSOrQ1QQmO UTH9da3+mLMaP/KNOX/DxomZdnmpDv8Ay78AL76fWZzMDViUXtO0dFAhtRyLjra1Q/bb zoFxZP72VGejWtujQoQLPQkymjrudLkYNZepOq1DNNlgVdBTdi0EqxjsqJwGM3e+lOT7 LC2YLaJp8QrH+VQ/QHgMwFqy+Zu18ZYlIiZrNedoN8UlOirdkNhxINBuTR6vcyBap8NG +ZDNYYxueYkJUbiNOLasE5Z1m92P3Cmwk58uRzZZJSoe7nuD/V/CYxdpsA01S0tb90Yy 3E8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690593410; x=1691198210; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=y7cEpFM3GtEXX/RC2xjBSh+vjkWowYW5UIIx0dKpIJc=; b=eqTj/1UkbgZPQ16jU1PjRpHpnQM7HKOSvUN6XLJkIu7QfJR6PH0F9Spy9vvAJAJ6qE ymrFTB0oFRiJDzLUmHGyzBS60t6TTLvRjCmrbh53JyrNtr8REX87nDoriOeeGXUG6ua6 KAspPrzf1hXzQ8DreO+DOzKFC8S2T+NE0C/N8R7lBBWV+7EjjimO/bWTVQfXED3MEp7Q atEL7w/siY5zd31ErGYgV3LQfx6FHupE2iTYIvcDBPCSQkfOhgqdg7O6x1Hm3q5Z5AGH /8SVIAUbQRE3MQ9OpjxtP1CIaeq3k6F1fbd/u0uuw2F5A8HM7eR9LYxoxSiZQ1DTVCud N0Jg== X-Gm-Message-State: ABy/qLbdrV3AboKECGO1A+n+CisOG6cRiREWrR+/W3O81busTtZ0+Zzs 7Ohk9D7yXK6j7E5ys1jwbHHYu/U0TDc= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:2291:b0:1b5:2b14:5f2c with SMTP id b17-20020a170903229100b001b52b145f2cmr14342plh.4.1690593409416; Fri, 28 Jul 2023 18:16:49 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 28 Jul 2023 18:16:06 -0700 In-Reply-To: <20230729011608.1065019-1-seanjc@google.com> Mime-Version: 1.0 References: <20230729011608.1065019-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230729011608.1065019-20-seanjc@google.com> Subject: [PATCH v2 19/21] KVM: nSVM: Use KVM-governed feature framework to track "vGIF enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Maxim Levitsky X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772717584690084533 X-GMAIL-MSGID: 1772717584690084533 Track "virtual GIF exposed to L1" via a governed feature flag instead of using a dedicated bit/flag in vcpu_svm. Note, checking KVM's capabilities instead of the "vgif" param means that the code isn't strictly equivalent, as vgif_enabled could have been set if nested=false where as that the governed feature cannot. But that's a glorified nop as the feature/flag is consumed only by paths that are Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/svm/nested.c | 3 ++- arch/x86/kvm/svm/svm.c | 3 +-- arch/x86/kvm/svm/svm.h | 5 +++-- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index 9afd34f30599..368696c2e96b 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -14,6 +14,7 @@ KVM_GOVERNED_X86_FEATURE(V_VMSAVE_VMLOAD) KVM_GOVERNED_X86_FEATURE(LBRV) KVM_GOVERNED_X86_FEATURE(PAUSEFILTER) KVM_GOVERNED_X86_FEATURE(PFTHRESHOLD) +KVM_GOVERNED_X86_FEATURE(VGIF) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index ac03b2bc5b2c..dd496c9e5f91 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -660,7 +660,8 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, * exit_int_info, exit_int_info_err, next_rip, insn_len, insn_bytes. */ - if (svm->vgif_enabled && (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK)) + if (guest_can_use(vcpu, X86_FEATURE_VGIF) && + (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK)) int_ctl_vmcb12_bits |= (V_GIF_MASK | V_GIF_ENABLE_MASK); else int_ctl_vmcb01_bits |= (V_GIF_MASK | V_GIF_ENABLE_MASK); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index be3a11f00f4e..6d9bb4453f2d 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4235,8 +4235,7 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PAUSEFILTER); kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PFTHRESHOLD); - - svm->vgif_enabled = vgif && guest_cpuid_has(vcpu, X86_FEATURE_VGIF); + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VGIF); svm->vnmi_enabled = vnmi && guest_cpuid_has(vcpu, X86_FEATURE_VNMI); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index fb438439b61e..6eb5877cc6c3 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -22,6 +22,7 @@ #include #include +#include "cpuid.h" #include "kvm_cache_regs.h" #define __sme_page_pa(x) __sme_set(page_to_pfn(x) << PAGE_SHIFT) @@ -259,7 +260,6 @@ struct vcpu_svm { bool soft_int_injected; /* optional nested SVM features that are enabled for this guest */ - bool vgif_enabled : 1; bool vnmi_enabled : 1; u32 ldr_reg; @@ -485,7 +485,8 @@ static inline bool svm_is_intercept(struct vcpu_svm *svm, int bit) static inline bool nested_vgif_enabled(struct vcpu_svm *svm) { - return svm->vgif_enabled && (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK); + return guest_can_use(&svm->vcpu, X86_FEATURE_VGIF) && + (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK); } static inline struct vmcb *get_vgif_vmcb(struct vcpu_svm *svm)