From patchwork Thu Nov 17 14:32:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21685 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433550wrr; Thu, 17 Nov 2022 06:35:51 -0800 (PST) X-Google-Smtp-Source: AA0mqf7npehtXa9Pa+BiuABimX3znirOiS2pVcdkYo+wFpKfhaKShhX30X92JIg+8ho+oWAUlFfT X-Received: by 2002:a17:90b:3d05:b0:215:d625:1076 with SMTP id pt5-20020a17090b3d0500b00215d6251076mr8893992pjb.26.1668695750962; Thu, 17 Nov 2022 06:35:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695750; cv=none; d=google.com; s=arc-20160816; b=a/DfP6EvrHU5NUPVmTHaIMlpRTCDvf7LXWw1tqkouDomLbneJSCEIiaQtEcgA6UjMD G/8tKkCGH/YtDSEfuUJEbrOYxALBSUo5y06E6uKHvWrTGQa2BH510CziGnPvyKB3WQ4U nTA2JsjGgJNGWJJC/zOaf9yPw5I08IuggttBp84R3PftonQdMdzCx9XVxXD34qjIjGys +cOqadK9d0AR6EZnhQ6a+P8DBlD6y1y+CxKKpMP5p7jJHhVw4y2GRtubJOjcYHQtDdC7 lrdnYW+pXocFWvaC4b+RaxvSo8AQZQ4rbw2yMxcWaXLdgxHP0fefmuLtntPrRIii5svB o+5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8a16/QIb5ZY6hIpK40udiXgAOk2ByX1wL+XeLc7pIZ4=; b=sY4LskGkW+nXPE80YnXg0O291oyMDEuoWSvNR7M0JI/pwUZ5DMlZzD8NpWBqJXZ5Ko mLENYpTQMOyI4LQ1KzIknl/hqH0eaE6Q7xE/LtfT+hpEOLHKGBTjnmqfYXUrW0N+43Nl zT3fa5S6JeDK9jtTVa6BPOb+BDYmZHeHJNDEzM9lnENFcOMdHCD0nUWcYFOiIpAIhu06 yJfSRP6S5Eve7O5MWgi/wu2ULyhycxNvoOFz9XGkFPGotohvHQ2MKqkb4g91YXy1EDt3 16/ST58YhoBrIk838CEQGIUaCdbYZllDHrcfDHHrkAr/quyELL8chX986JXODZnB/GOh hHqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="OC1G/GMv"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x2-20020a170902820200b00186f2ef80bbsi1053249pln.308.2022.11.17.06.35.35; Thu, 17 Nov 2022 06:35:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="OC1G/GMv"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240457AbiKQOen (ORCPT + 99 others); Thu, 17 Nov 2022 09:34:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58372 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233651AbiKQOeK (ORCPT ); Thu, 17 Nov 2022 09:34:10 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84EC17C005 for ; Thu, 17 Nov 2022 06:33:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695579; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8a16/QIb5ZY6hIpK40udiXgAOk2ByX1wL+XeLc7pIZ4=; b=OC1G/GMvxvtJqEdqB6LU7Q4f7KpIkJYc5HIsSchQEuXglU3JSPNbjGKAzOzUMXaVlraPIk YS6VE1uOLONz4gaeDnZXyTvcSrzW4Pb9996MRHKPZ+lRyiOD+0LtsYebhbmTYIc3LR58ka rOJr8J1T+H0NihStLQIz61UUJayCzMs= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-176-rXWC5-RGPv-ylL7A0A_gxQ-1; Thu, 17 Nov 2022 09:32:52 -0500 X-MC-Unique: rXWC5-RGPv-ylL7A0A_gxQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 25CE0811E67; Thu, 17 Nov 2022 14:32:51 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id C52332166B29; Thu, 17 Nov 2022 14:32:47 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky Subject: [PATCH 01/13] KVM: nSVM: don't sync back tlb_ctl on nested VM exit Date: Thu, 17 Nov 2022 16:32:30 +0200 Message-Id: <20221117143242.102721-2-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754315737475897?= X-GMAIL-MSGID: =?utf-8?q?1749754315737475897?= The CPU doesn't change TLB_CTL value as stated in the PRM (15.16.2): "The VMRUN instruction reads, but does not change, the value of the TLB_CONTROL field" Therefore the KVM shoudn't do that either. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index b258d6988f5dde..43cc4a5d22e012 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -989,7 +989,6 @@ int nested_svm_vmexit(struct vcpu_svm *svm) vmcb12->control.next_rip = vmcb02->control.next_rip; vmcb12->control.int_ctl = svm->nested.ctl.int_ctl; - vmcb12->control.tlb_ctl = svm->nested.ctl.tlb_ctl; vmcb12->control.event_inj = svm->nested.ctl.event_inj; vmcb12->control.event_inj_err = svm->nested.ctl.event_inj_err; From patchwork Thu Nov 17 14:32:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21691 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433790wrr; Thu, 17 Nov 2022 06:36:21 -0800 (PST) X-Google-Smtp-Source: AA0mqf7wJEkUy0vFpQcuqai6xWrMwnc4ilYvMmY3hi0lb2R6NYxeSURautVp6kWmV06jPhSqrdCK X-Received: by 2002:a17:902:9b89:b0:186:b46d:da5e with SMTP id y9-20020a1709029b8900b00186b46dda5emr3048038plp.92.1668695780734; Thu, 17 Nov 2022 06:36:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695780; cv=none; d=google.com; s=arc-20160816; b=xq3qIxUqcm3/gCESmS3bG3C0Wl1UwRD0TtydhzKBgFi6RbpdhhmG5YBcebX+s3/kGy uJkkViug+SUFcs6iuxRxyGlzXmh5B8JD+wfAifXPbhe6rV5Ze08M7maSqZ9/Lrszj2ng V7yM9PaIVfnotIPY3XuZLSP9uqo03zNaM1CgAmQT3EKknjCa7HFt3/PPmU2ABaspqM05 V9EIA48FkJbTotwTH04esAnqwr8y0RSa6bqLRn05eVKlUdSf9H+m0YQOxP9EOpewqjLD h52mVo8X7Zob2yp1LhVu+80siSHaKErNffz/J+zMUUOt3ZNJKROmQRMBcVPsqx8Ty17e reIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lTfKFD0cFY/1sVq1cxqtG2BQAiBGe959F/rhRBmBw68=; b=d0dze1jR7K494W3Rn6ZyxbXbAMuAc+S9S12ADkHigoLQEBg6iphz+31/W6wCf54lkX D4kbiYj+5a2FFWXr1u/2K88kJGheNIHpHf1Gc2MBaLX+yy9wm/9VdW29+rZglFpU8dVq u6suKQPWWzT8FU/68H7QxVuRPpUjJuRkCZfkWf91vjWrUhS0ExlWGXU9jSKGFm+fzk63 30tiNe3eoMv9OhvuyP4X+KoTHFGLET64c3DJaiXndGbSs/coNy3AMNTEfJpW+HoAqYwR Cgwc/WZcvQtU4C7FV1+qiZ0cqCEnnuXE3kkg4X02HZ3IeKAZVWNZ84b3xTPIMOTK1aV9 8vnw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=JykR1XYl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p18-20020a170902e75200b00188e9ec511bsi1209269plf.113.2022.11.17.06.36.07; Thu, 17 Nov 2022 06:36:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=JykR1XYl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240520AbiKQOfl (ORCPT + 99 others); Thu, 17 Nov 2022 09:35:41 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59070 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240426AbiKQOea (ORCPT ); Thu, 17 Nov 2022 09:34:30 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B15791144B for ; Thu, 17 Nov 2022 06:33:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695607; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lTfKFD0cFY/1sVq1cxqtG2BQAiBGe959F/rhRBmBw68=; b=JykR1XYlSvuXzNBceI6HVo7HiJXJKlkOCyBHaqVFap4ZtO/ChDcsqUWro4YlL4Ril1sdTV uMshvV1hUJ88+ozrZuGk805o9Ox9Y0SksDeFKGurucDfqLtR/cImEQs4MYGoPRBPtcZDYJ HwFRdardFmlDfi5CiluQn8fUyx8VsNk= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-127-3XWKG39ROWm9iWhpwhjDNw-1; Thu, 17 Nov 2022 09:33:24 -0500 X-MC-Unique: 3XWKG39ROWm9iWhpwhjDNw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C51CD887402; Thu, 17 Nov 2022 14:32:54 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6F09B2166B29; Thu, 17 Nov 2022 14:32:51 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky Subject: [PATCH 02/13] KVM: nSVM: don't call nested_sync_control_from_vmcb02 on each VM exit Date: Thu, 17 Nov 2022 16:32:31 +0200 Message-Id: <20221117143242.102721-3-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754347041022995?= X-GMAIL-MSGID: =?utf-8?q?1749754347041022995?= Calling nested_sync_control_from_vmcb02 on each VM exit (nested or not), was an attempt to keep the int_ctl field in the vmcb12 cache up to date on each VM exit. However all other fields in the vmcb12 cache are not kept up to date, therefore for consistency it is better to do this on a nested VM exit only. No functional change intended. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 17 ++++++++--------- arch/x86/kvm/svm/svm.c | 2 -- arch/x86/kvm/svm/svm.h | 1 - 3 files changed, 8 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 43cc4a5d22e012..91a51e75717dca 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -407,11 +407,12 @@ void nested_copy_vmcb_save_to_cache(struct vcpu_svm *svm, * Synchronize fields that are written by the processor, so that * they can be copied back into the vmcb12. */ -void nested_sync_control_from_vmcb02(struct vcpu_svm *svm) +static void nested_sync_control_from_vmcb02(struct vcpu_svm *svm, + struct vmcb *vmcb12) { u32 mask; - svm->nested.ctl.event_inj = svm->vmcb->control.event_inj; - svm->nested.ctl.event_inj_err = svm->vmcb->control.event_inj_err; + vmcb12->control.event_inj = svm->vmcb->control.event_inj; + vmcb12->control.event_inj_err = svm->vmcb->control.event_inj_err; /* Only a few fields of int_ctl are written by the processor. */ mask = V_IRQ_MASK | V_TPR_MASK; @@ -431,8 +432,8 @@ void nested_sync_control_from_vmcb02(struct vcpu_svm *svm) if (nested_vgif_enabled(svm)) mask |= V_GIF_MASK; - svm->nested.ctl.int_ctl &= ~mask; - svm->nested.ctl.int_ctl |= svm->vmcb->control.int_ctl & mask; + vmcb12->control.int_ctl &= ~mask; + vmcb12->control.int_ctl |= svm->vmcb->control.int_ctl & mask; } /* @@ -985,13 +986,11 @@ int nested_svm_vmexit(struct vcpu_svm *svm) if (vmcb12->control.exit_code != SVM_EXIT_ERR) nested_save_pending_event_to_vmcb12(svm, vmcb12); + nested_sync_control_from_vmcb02(svm, vmcb12); + if (svm->nrips_enabled) vmcb12->control.next_rip = vmcb02->control.next_rip; - vmcb12->control.int_ctl = svm->nested.ctl.int_ctl; - vmcb12->control.event_inj = svm->nested.ctl.event_inj; - vmcb12->control.event_inj_err = svm->nested.ctl.event_inj_err; - if (!kvm_pause_in_guest(vcpu->kvm)) { vmcb01->control.pause_filter_count = vmcb02->control.pause_filter_count; vmcb_mark_dirty(vmcb01, VMCB_INTERCEPTS); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 527f18d8cc4489..03acbe8ff34edb 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4016,8 +4016,6 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu) svm->next_rip = 0; if (is_guest_mode(vcpu)) { - nested_sync_control_from_vmcb02(svm); - /* Track VMRUNs that have made past consistency checking */ if (svm->nested.nested_run_pending && svm->vmcb->control.exit_code != SVM_EXIT_ERR) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 199a2ecef1cec6..f5383104d00580 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -618,7 +618,6 @@ void nested_copy_vmcb_control_to_cache(struct vcpu_svm *svm, struct vmcb_control_area *control); void nested_copy_vmcb_save_to_cache(struct vcpu_svm *svm, struct vmcb_save_area *save); -void nested_sync_control_from_vmcb02(struct vcpu_svm *svm); void nested_vmcb02_compute_g_pat(struct vcpu_svm *svm); void svm_switch_vmcb(struct vcpu_svm *svm, struct kvm_vmcb_info *target_vmcb); From patchwork Thu Nov 17 14:32:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21683 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433244wrr; Thu, 17 Nov 2022 06:35:18 -0800 (PST) X-Google-Smtp-Source: AA0mqf57e1Ap7/r0e62JzTGR95ExV+VOac351HOygesPHYw8vvwRpvlMBhNdegNWTpqYQQTl3oFW X-Received: by 2002:a63:5946:0:b0:470:3fc0:3d8c with SMTP id j6-20020a635946000000b004703fc03d8cmr2240001pgm.446.1668695718113; Thu, 17 Nov 2022 06:35:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695718; cv=none; d=google.com; s=arc-20160816; b=KwGf4Jcrw6JHuBRc1/+TLr+W6ZQ3/9ecJ/W6y0uxV86Ra+FRc/uRYcx7Q5dRE+EBGe CKKVuuobSIC9dVpiEB9yHmfYw1kir9aXOP5D5cY9BwbuCAZg1dzOWndcJN2IxgzQurTe rcpglNcnLcunUn3+NQAXtcbkrs6iC6kbE/XH96qeJusiuGEQVcKYn/om3ZlKY/9xpyi8 3KsR5R6PghuttNZ/RNTYf9B9S/EF5ZfREPeYgNZdfswRz4mi6gBVFo0ywwUvkufrDzYa 9iz71168hSkddRo8P1Hk3A6Cf+Q8+XkkERk47T4YYakSaN7j1r6yuNisGN6yxlrny3BF 9/hg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Frw/bhnQ/fgaTcwMRmhjoEhY2NlH0mLgodVAsiEeP10=; b=QzawRF5wAQvH2Ezv31zl7sO9yB+dClr6K13Gd2ykJ/rVKhWcfmeEdZ7HfJOjo9hZZW 1F4TWvOq9lqlhsDpwpKy0NUcgDohlg/bpM7qylR9TnKCtnsEUyyUnLPsPcXHBRAWy0BI Waj7hhok6C6rUGMBCfcysgvYFysnmoYQP52sjQuRSFtQ9ocYeSCGkHWtlPtad7jiBoOR 9NL6K2GpS2xlJMJlstDb23Fujz43i9XpuzdPoF+lh0fQATybsTCwqDBXejRv8VGjGCbG LiIEjGqdGwe79CY0wtoTpJrlYr1FhfHH3AdYFC/IQbtVBlwm9gpL6F1cwJO8Yy10W+TG wDJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="M/egedW2"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f2-20020a170902ce8200b001869394a38dsi1217122plg.503.2022.11.17.06.35.02; Thu, 17 Nov 2022 06:35:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="M/egedW2"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240439AbiKQOed (ORCPT + 99 others); Thu, 17 Nov 2022 09:34:33 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58422 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240248AbiKQOeI (ORCPT ); Thu, 17 Nov 2022 09:34:08 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4ED7279E36 for ; Thu, 17 Nov 2022 06:33:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695584; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Frw/bhnQ/fgaTcwMRmhjoEhY2NlH0mLgodVAsiEeP10=; b=M/egedW2fnnIy0yipWmUtvABP2vtOkGAO6qEYiDOhmWTslB7Ugruek72D2hacJgiVbALrB Hh092ZfONnzmAYAMzLxErfO8/sg8NVJNpMTp9PLphckw3+Ocv+ny3lzxjiP6Wh6JaGuVtx b9sojq7TQnNBgE5/f7ef2LNx0S1vLLM= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-274-CYSwL3jhOAizB5te_RPptQ-1; Thu, 17 Nov 2022 09:32:59 -0500 X-MC-Unique: CYSwL3jhOAizB5te_RPptQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6F9D2185A794; Thu, 17 Nov 2022 14:32:58 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id 19A852166B29; Thu, 17 Nov 2022 14:32:54 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky Subject: [PATCH 03/13] KVM: nSVM: rename nested_sync_control_from_vmcb02 to nested_sync_int_ctl_from_vmcb02 Date: Thu, 17 Nov 2022 16:32:32 +0200 Message-Id: <20221117143242.102721-4-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754281286994309?= X-GMAIL-MSGID: =?utf-8?q?1749754281286994309?= The nested_sync_control_from_vmcb02 name is misleading as there are many fields which are modified by the CPU and need to be written back to vmcb12. This function only copies some int_ctl bits and thecevent_inj* fields. Make it copy only these int_ctl bits and rename the function. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 91a51e75717dca..54eb152e2b60b6 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -404,15 +404,13 @@ void nested_copy_vmcb_save_to_cache(struct vcpu_svm *svm, } /* - * Synchronize fields that are written by the processor, so that + * Synchronize int_ctl fields that are written by the processor, so that * they can be copied back into the vmcb12. */ -static void nested_sync_control_from_vmcb02(struct vcpu_svm *svm, +static void nested_sync_int_ctl_from_vmcb02(struct vcpu_svm *svm, struct vmcb *vmcb12) { u32 mask; - vmcb12->control.event_inj = svm->vmcb->control.event_inj; - vmcb12->control.event_inj_err = svm->vmcb->control.event_inj_err; /* Only a few fields of int_ctl are written by the processor. */ mask = V_IRQ_MASK | V_TPR_MASK; @@ -986,7 +984,10 @@ int nested_svm_vmexit(struct vcpu_svm *svm) if (vmcb12->control.exit_code != SVM_EXIT_ERR) nested_save_pending_event_to_vmcb12(svm, vmcb12); - nested_sync_control_from_vmcb02(svm, vmcb12); + nested_sync_int_ctl_from_vmcb02(svm, vmcb12); + + vmcb12->control.event_inj = svm->vmcb->control.event_inj; + vmcb12->control.event_inj_err = svm->vmcb->control.event_inj_err; if (svm->nrips_enabled) vmcb12->control.next_rip = vmcb02->control.next_rip; From patchwork Thu Nov 17 14:32:33 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21684 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433287wrr; Thu, 17 Nov 2022 06:35:22 -0800 (PST) X-Google-Smtp-Source: AA0mqf665mqL1yGj7C416d8bcFbrg8hf9TuU+QMW5trPQ/JfnjZp2rK3ir5aShlG10KtLOUQ11wW X-Received: by 2002:a17:902:ab14:b0:188:7dca:6f4a with SMTP id ik20-20020a170902ab1400b001887dca6f4amr3099020plb.60.1668695721724; Thu, 17 Nov 2022 06:35:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695721; cv=none; d=google.com; s=arc-20160816; b=s42a/IghF06YsNvzm1NaT4h+3cZBQlAVRcPPwmQusOdYCeaJULXhOKJQePnFLTjCwb 2Ir89F9r9LIMeqEwcgmDMw3FvpLYitpPLi4+IBWc3o95CjFL77IviBLUILM1d0oZCj7B KnrH5HHH+cWGcW5gh0PWqKZikHd/2nNCTxOL3Gyx3zdFyOpijEbljLJJO/zPZps/6szr OZ+ykVy5txLjkeWuPCppsOdVg6oQQilfZZhxroFNcWi9vc/L+9J6PfRiCkKoYkIMEd0x G2NSZKENOfnJu0rGWGSBpvez9k+1FhyoellrqJw85A9NeyDLy+p9yPkOCGFIM7vtN1L9 2KCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=GNEoyeGAEVTCdztuKwF4HOV2ZBQ699jUuFAvu0ZmBLc=; b=mVaGcB/eIanL7jCzgf+exuHHngfGn+w2mYZf8vbL0+U5voOhl1SAA7NvxtdNoPNEBY jTAO8tRauz89fi7fTAezGhFSMVtJi56ORAPf4QEheVepgDgsKCd+9E9TJFvExNVnaWVv 3w3MOfatYSUzFv3s8+3E7o/q22OkKVIchKka35LOW1lNv2BgUSrcTHe1a3mraW6sipb4 01bAUSy+8SkR3RzUSG2Tqktefe64bm7B/0Hj01mZwSJkEtV4kTvEo+m3Z23AmiHkjTIT aZRPMTrCCAPnUIgEuAmEzUwsSt4yDFwL9T0KXt/c/v9tu8TXE4JhONe9TdcVnqOJGe2B BWww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=YF5CFo62; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m3-20020a170902db0300b001868277386dsi1269928plx.192.2022.11.17.06.35.08; Thu, 17 Nov 2022 06:35:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=YF5CFo62; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240446AbiKQOeg (ORCPT + 99 others); Thu, 17 Nov 2022 09:34:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58742 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240384AbiKQOeK (ORCPT ); Thu, 17 Nov 2022 09:34:10 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D430376153 for ; Thu, 17 Nov 2022 06:33:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695587; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GNEoyeGAEVTCdztuKwF4HOV2ZBQ699jUuFAvu0ZmBLc=; b=YF5CFo62lG/VVU29ZcomV4gBXwBcr4mxFzmYfmfzSjkuHQo/MtPNxIU0EO39dLkoTW6cQP C49ht9u3Hs6rjjW8L1RPk9oCHUlgPN42lnvsbc1j4awk5Ejetz78drAqnJJxK4QgaClap4 OAI5mw4qy59cXblP0nTCqN/GDVMUfts= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-607-mlndjeDoN665rlDIW81BqQ-1; Thu, 17 Nov 2022 09:33:03 -0500 X-MC-Unique: mlndjeDoN665rlDIW81BqQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1A46F887403; Thu, 17 Nov 2022 14:33:02 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id B99BA2166B29; Thu, 17 Nov 2022 14:32:58 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky Subject: [PATCH 04/13] KVM: nSVM: clean up copying of int_ctl fields back to vmcb01/vmcb12 Date: Thu, 17 Nov 2022 16:32:33 +0200 Message-Id: <20221117143242.102721-5-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754284936977562?= X-GMAIL-MSGID: =?utf-8?q?1749754284936977562?= Clean up the nested_sync_int_ctl_from_vmcb02: 1. The comment about preservation of V_IRQ is wrong: when the L2 doesn't use virtual interrupt masking, then the field just doesn't exist in vmcb12 thus it should not be touched at all. Since it is unused in this case, touching it doesn't matter that much, so the bug is theoretical. 2. When the L2 doesn't use virtual interrupt masking, then in the *theory* if KVM uses the feature, it should copy the changes to V_IRQ* bits from vmcb02 to vmcb01. In practise, KVM only uses it for detection of the interrupt window, and it happens to re-open it on each nested VM exit because kvm_set_rflags happens to raise the KVM_REQ_EVENT. Do this explicitly. 3. Add comment on why we don't need to copy V_GIF from vmcb02 to vmcb01 when nested guest doesn't use nested V_GIF (and thus L1's GIF is in vmcb02 while nested), even though it can in theory affect L1's GIF. 4. Add support code to also copy some bits of int_ctl from vmcb02 to vmcb01. Currently there are none. No (visible) functional change is intended. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 47 ++++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 54eb152e2b60b6..1f2b8492c8782f 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -410,28 +410,45 @@ void nested_copy_vmcb_save_to_cache(struct vcpu_svm *svm, static void nested_sync_int_ctl_from_vmcb02(struct vcpu_svm *svm, struct vmcb *vmcb12) { - u32 mask; + struct vmcb *vmcb02 = svm->nested.vmcb02.ptr; + struct vmcb *vmcb01 = svm->vmcb01.ptr; + + /* bitmask of bits of int_ctl that we copy from vmcb02 to vmcb12*/ + u32 l2_to_l1_mask = 0; + /* bitmask of bits of int_ctl that we copy from vmcb02 to vmcb01*/ + u32 l2_to_l0_mask = 0; - /* Only a few fields of int_ctl are written by the processor. */ - mask = V_IRQ_MASK | V_TPR_MASK; - if (!(svm->nested.ctl.int_ctl & V_INTR_MASKING_MASK) && - svm_is_intercept(svm, INTERCEPT_VINTR)) { + if (svm->nested.ctl.int_ctl & V_INTR_MASKING_MASK) + l2_to_l1_mask |= V_IRQ_MASK | V_TPR_MASK; + else { /* - * In order to request an interrupt window, L0 is usurping - * svm->vmcb->control.int_ctl and possibly setting V_IRQ - * even if it was clear in L1's VMCB. Restoring it would be - * wrong. However, in this case V_IRQ will remain true until - * interrupt_window_interception calls svm_clear_vintr and - * restores int_ctl. We can just leave it aside. + * If IRQ window was opened while in L2, it must be reopened + * after the VM exit + * + * vTPR value doesn't need to be copied from vmcb02 to vmcb01 + * because it is synced from/to apic registers on each VM exit */ - mask &= ~V_IRQ_MASK; + if (vmcb02->control.int_ctl & V_IRQ_MASK) + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); } if (nested_vgif_enabled(svm)) - mask |= V_GIF_MASK; + l2_to_l1_mask |= V_GIF_MASK; + else + /* There is no need to sync V_GIF from vmcb02 to vmcb01 + * because GIF is cleared on VMexit, thus even though + * nested guest can control host's GIF, on VM exit + * its set value is lost + */ + ; + + vmcb12->control.int_ctl = + (svm->nested.ctl.int_ctl & ~l2_to_l1_mask) | + (vmcb02->control.int_ctl & l2_to_l1_mask); - vmcb12->control.int_ctl &= ~mask; - vmcb12->control.int_ctl |= svm->vmcb->control.int_ctl & mask; + vmcb01->control.int_ctl = + (vmcb01->control.int_ctl & ~l2_to_l0_mask) | + (vmcb02->control.int_ctl & l2_to_l0_mask); } /* From patchwork Thu Nov 17 14:32:34 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21687 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433638wrr; Thu, 17 Nov 2022 06:36:01 -0800 (PST) X-Google-Smtp-Source: AA0mqf4OSqlNs2hW6NGryy87kmGDWfUUn+bZUCBpdzKcKt3siw2udbOour1+/40B8FEh3JVBNE+P X-Received: by 2002:a17:902:eb86:b0:188:c395:1748 with SMTP id q6-20020a170902eb8600b00188c3951748mr2806750plg.155.1668695761635; Thu, 17 Nov 2022 06:36:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695761; cv=none; d=google.com; s=arc-20160816; b=pMH8oPI5PCutzFzqp/NiZRwncnZwoDYDl85w8VCOlA3ZtBaVyIPlshGjwabMZKsFPQ iW4oHHfTZHfuzmhr/kmi5lwQlCu0u4MlUX+PMfztEjOMYvyDRtmHDenbIIkAZVomoUHX 3qJKLMDq7/fZApbUJax7Xpwfagu8/Xcusix8kIXJoH5G6smDykD55T1ex5vx1SA3fhix qQr8BKMaW+tITjrQPBWSDuTL0odEjjtQSckf5Xui7SEL0p+5wF+FDOH5lneXksgQ32uO 5CtB1TZRqlpIfqxmm/rCReICr6XogacnfmkpCw+lcmB9wQ9l7jc5DPghsY7jU4praA8q oIzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=jSFZZCAEySlCF5KURW1fd9eOz0e4b0R1xYf15+jkIuw=; b=WV7mhsRXR8lqR3tLrfaAHgPhQ+aUslVw0U2oePOWMwrfq7UIim5OIvy0grTiuZ2rUT KMNav2R/5nFUBZZWiAljRwzKomdF/6Fly3RJ6Wb45w6e3XiK0M8bPWWglH+0WO5YQa3n c/WIjPIwljlMZilUL1MZFzbeX882cUCUt41xley83myzVPxif4pxfqjvfiXP577FIS3m FpTlziQFKdyq+xfzjuSFzWqovQRoVvGcAihCXBxQ619RUOwVmaPZfaLSNH67I1j2P4JN Fue9XyCfXNb1GNZIiKC/axI4bJniJZJglfeveQFmqaXfIlZo2H4iFCbhC66EaNu6+ql1 W7KA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RDH+B+b5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u17-20020a632351000000b00476759b878csi1177783pgm.328.2022.11.17.06.35.48; Thu, 17 Nov 2022 06:36:01 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RDH+B+b5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240489AbiKQOe6 (ORCPT + 99 others); Thu, 17 Nov 2022 09:34:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58770 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240397AbiKQOeR (ORCPT ); Thu, 17 Nov 2022 09:34:17 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3E2627722E for ; Thu, 17 Nov 2022 06:33:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695590; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jSFZZCAEySlCF5KURW1fd9eOz0e4b0R1xYf15+jkIuw=; b=RDH+B+b5DaqukZ4oFchza44n17Zyh48DoReiIRSEFnT2IUUsNdnR8CcoJxxeqWgpD7ZPCn kZs6/HnxkD43KeFT2NFcQWHE0ei25AqiHu34bM1FjpUhCuOZ7URBxRsbLnBrlpPVWARpQW 3CHVv8O0tQ0ZqJ0713NcBM5aPZhoIBw= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-353-dbc2GAnvMiOz5BpZwxvPuA-1; Thu, 17 Nov 2022 09:33:06 -0500 X-MC-Unique: dbc2GAnvMiOz5BpZwxvPuA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id BF35F101E152; Thu, 17 Nov 2022 14:33:05 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id 653D62166B29; Thu, 17 Nov 2022 14:33:02 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 05/13] x86/cpu: Add CPUID feature bit for VNMI Date: Thu, 17 Nov 2022 16:32:34 +0200 Message-Id: <20221117143242.102721-6-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754326974978827?= X-GMAIL-MSGID: =?utf-8?q?1749754326974978827?= From: Santosh Shukla VNMI feature allows the hypervisor to inject NMI into the guest w/o using Event injection mechanism, The benefit of using VNMI over the event Injection that does not require tracking the Guest's NMI state and intercepting the IRET for the NMI completion. VNMI achieves that by exposing 3 capability bits in VMCB intr_cntrl which helps with virtualizing NMI injection and NMI_Masking. The presence of this feature is indicated via the CPUID function 0x8000000A_EDX[25]. Reviewed-by: Maxim Levitsky Signed-off-by: Santosh Shukla --- arch/x86/include/asm/cpufeatures.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index b71f4f2ecdd571..23bd69848d271e 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -356,6 +356,7 @@ #define X86_FEATURE_VGIF (15*32+16) /* Virtual GIF */ #define X86_FEATURE_X2AVIC (15*32+18) /* Virtual x2apic */ #define X86_FEATURE_V_SPEC_CTRL (15*32+20) /* Virtual SPEC_CTRL */ +#define X86_FEATURE_AMD_VNMI (15*32+25) /* Virtual NMI */ #define X86_FEATURE_SVME_ADDR_CHK (15*32+28) /* "" SVME addr check */ /* Intel-defined CPU features, CPUID level 0x00000007:0 (ECX), word 16 */ From patchwork Thu Nov 17 14:32:35 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21688 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433724wrr; Thu, 17 Nov 2022 06:36:11 -0800 (PST) X-Google-Smtp-Source: AA0mqf6UvLOr3zWqqbKx1GTvdw9z2QHcrcB2WKMRqeUjvt7/l1cUyndMlQZ1D/vt6SNq46gdnW77 X-Received: by 2002:a17:902:d38c:b0:186:8c19:d436 with SMTP id e12-20020a170902d38c00b001868c19d436mr3039483pld.96.1668695771479; Thu, 17 Nov 2022 06:36:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695771; cv=none; d=google.com; s=arc-20160816; b=TBS8XqAT+cbZCG14KqBrkcBYK1H6E2DdBwSB7aCiUmApb+WaCX7ewHjXInkM4aCVjM H1mpNXybu8xcZMOTtcM5Ml8WoCkWYt2t/2+e4/+RUy5cH/Luj2Zy0MIn/pLq17dggqla zAaPjHmujwN7/ZomMGswLTUIzGTwfmTegKXCH+lrGw+qDI4mbHiW4CGw8DjjFRT+45EX oFt320cxRXvdM5RQMFIYayqmFmZas84jQQMXr7NyVt65S/Yjyo3fENU0nONMH9kWFTRA JExY21OlG/cSRg3OwyI73XyJJs49A8obIPV8RpZeSkjzafKTpaqwUyxKP2Cogaewoy19 eqhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=0NbPeRaUPQnIvE6A7O9ncqZS6q4+SDogd6fxFg3zlt8=; b=UI3ViGVU7ixJDv+c1T/AzsacRLo9LcGZkNGK3FXmLu+slvjxLGXuaI+S2fS4SYs/ue 3Z86BLqbUoRCdNHXI1faKyr7N25W0er/unWlCZXGEM5U7hKCxHiwV6eyo1v4xlCNvEDT FFgVOqoSDtPy2fRk9MC2jWUt62tVsDYpedW6R2Ag7qjs2ZEuQ5q6ZNnRuttVlOenV/hM OSY1bZniZw7Xn9T6/ywvHd6z54/BLtkzc146rKFOTM0HlbfyEKgSkUCDPRAm/eRz06fr S9iuVKMKg03TZI9yK1GL8TylY1E/MnU9oX+Ji3p6yeUbwZaWD1yHSNDTnOkB1tnQdQDZ bbrg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=A8gt8S6W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v14-20020a63d54e000000b0046fb44b3525si1096023pgi.115.2022.11.17.06.35.57; Thu, 17 Nov 2022 06:36:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=A8gt8S6W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240469AbiKQOeq (ORCPT + 99 others); Thu, 17 Nov 2022 09:34:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58812 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239779AbiKQOeO (ORCPT ); Thu, 17 Nov 2022 09:34:14 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 607D479E2F for ; Thu, 17 Nov 2022 06:33:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695596; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0NbPeRaUPQnIvE6A7O9ncqZS6q4+SDogd6fxFg3zlt8=; b=A8gt8S6WxMv22XMHo2a+tvnIHry92bt8mDd7QDA7qGj8Q16u3e2gy59EDQZ3HrEofKONkT stvReFYMoCKpHtmSSk7ktQPWPslEa6FbB4FexaRur866OV5lEg8+mEVF8+mXZB46ypG+uC FMdAQyMPtOE7AcqyU+EXoIg+MmsSbCY= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-317-ZmooXrPtPsqU5Gw-hcQlzQ-1; Thu, 17 Nov 2022 09:33:11 -0500 X-MC-Unique: ZmooXrPtPsqU5Gw-hcQlzQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 906C1381495C; Thu, 17 Nov 2022 14:33:09 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id 15BD42166B29; Thu, 17 Nov 2022 14:33:05 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 06/13] KVM: SVM: Add VNMI bit definition Date: Thu, 17 Nov 2022 16:32:35 +0200 Message-Id: <20221117143242.102721-7-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754337057969091?= X-GMAIL-MSGID: =?utf-8?q?1749754337057969091?= From: Santosh Shukla VNMI exposes 3 capability bits (V_NMI, V_NMI_MASK, and V_NMI_ENABLE) to virtualize NMI and NMI_MASK, Those capability bits are part of VMCB::intr_ctrl - V_NMI(11) - Indicates whether a virtual NMI is pending in the guest. V_NMI_MASK(12) - Indicates whether virtual NMI is masked in the guest. V_NMI_ENABLE(26) - Enables the NMI virtualization feature for the guest. When Hypervisor wants to inject NMI, it will set V_NMI bit, Processor will clear the V_NMI bit and Set the V_NMI_MASK which means the Guest is handling NMI, After the guest handled the NMI, The processor will clear the V_NMI_MASK on the successful completion of IRET instruction Or if VMEXIT occurs while delivering the virtual NMI. To enable the VNMI capability, Hypervisor need to program V_NMI_ENABLE bit 1. Reviewed-by: Maxim Levitsky Signed-off-by: Santosh Shukla --- arch/x86/include/asm/svm.h | 7 +++++++ arch/x86/kvm/svm/svm.c | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 4352b46dd20c90..d8474e4b04ac05 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -198,6 +198,13 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define X2APIC_MODE_SHIFT 30 #define X2APIC_MODE_MASK (1 << X2APIC_MODE_SHIFT) +#define V_NMI_PENDING_SHIFT 11 +#define V_NMI_PENDING (1 << V_NMI_PENDING_SHIFT) +#define V_NMI_MASK_SHIFT 12 +#define V_NMI_MASK (1 << V_NMI_MASK_SHIFT) +#define V_NMI_ENABLE_SHIFT 26 +#define V_NMI_ENABLE (1 << V_NMI_ENABLE_SHIFT) + #define LBR_CTL_ENABLE_MASK BIT_ULL(0) #define VIRTUAL_VMLOAD_VMSAVE_ENABLE_MASK BIT_ULL(1) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 03acbe8ff34edb..08a7b2a0a29f3a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -230,6 +230,8 @@ module_param(dump_invalid_vmcb, bool, 0644); bool intercept_smi = true; module_param(intercept_smi, bool, 0444); +bool vnmi = true; +module_param(vnmi, bool, 0444); static bool svm_gp_erratum_intercept = true; @@ -5029,6 +5031,10 @@ static __init int svm_hardware_setup(void) svm_x86_ops.vcpu_get_apicv_inhibit_reasons = NULL; } + vnmi = vnmi && boot_cpu_has(X86_FEATURE_AMD_VNMI); + if (vnmi) + pr_info("Virtual NMI enabled\n"); + if (vls) { if (!npt_enabled || !boot_cpu_has(X86_FEATURE_V_VMSAVE_VMLOAD) || From patchwork Thu Nov 17 14:32:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21686 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433624wrr; Thu, 17 Nov 2022 06:36:00 -0800 (PST) X-Google-Smtp-Source: AA0mqf4fxNTL5QHmS7ey8Xc9VgIcbwXcVS4OUBeTyi656kRyc1feqsH2fjqVdZ3AFF7W3RoZOIFs X-Received: by 2002:a17:90a:b38b:b0:214:1328:ac8f with SMTP id e11-20020a17090ab38b00b002141328ac8fmr3041722pjr.198.1668695759906; Thu, 17 Nov 2022 06:35:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695759; cv=none; d=google.com; s=arc-20160816; b=zqSI0pBDDA6hjN5xzDfB7ovaG8OwqPICmb78mNskmCdXopWWMw5jMNsjXEt56Mx7LM 5oUAdaKaXgUd6Iz1KxsgtDGNhByKQ5v9o57QOOToDka4FST6Zggh61eQRauebP/qqx+x sJUrp020tIqg4h0+n6GY1Nm30o5tCYudpo1eT29HCyDOvjElTLTj8ILWVp/D/z+Q2R0k 1clCu9IXg3sghaKX+Raq15z8TfFlpeHHViWMhLZ1DgCgVSF9pFc/ZcAQ/UMZhWuu4sSf FBnrSBE7APCd2t0wJo429Stdx1FPtionjgmvlOPwef+72824ANAyxfOkxxWh1UyvGcZh sI5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ps9mGB4FWMNZUhRI7eqw38JkpYxzOMfFPzgwHnz9dQU=; b=iWGKWPAS/q/uMFs+ngegIPtpZLn3RJaTdL7WI5oJrOWDXyYRx95OZWiDW5s9At+pYn aGdrI5xiUXB4f0zT6mj8Q7w0EhC54uYJf5FkF3OFq2nzMRWYTeB4mZf2Ew/GXx6xKiYf retokmBAPBiTwMUHmo2MMMKWo6kq5qQwj7gztlLsNJCndYeVOW0unKRQN4Mk1ZBhhzRo LD4NoUP2xFzlmzWe1bslVAC1R66XWR2eNgU9B0VtDmrsa4FRJ/mtymGZp0ue7Wyc2Tqo SdNP1NTI0r5YUaSDlBd0pb7k7XGH2w2DcRHP/+c8q6Zkx9Qawktdw04TeKbNK4xWjoTF K+gQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KKoU00Al; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j17-20020a63fc11000000b004630aa449c2si1133603pgi.242.2022.11.17.06.35.47; Thu, 17 Nov 2022 06:35:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=KKoU00Al; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239889AbiKQOex (ORCPT + 99 others); Thu, 17 Nov 2022 09:34:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58722 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234834AbiKQOeV (ORCPT ); Thu, 17 Nov 2022 09:34:21 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58E4179E34 for ; Thu, 17 Nov 2022 06:33:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695600; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ps9mGB4FWMNZUhRI7eqw38JkpYxzOMfFPzgwHnz9dQU=; b=KKoU00AlzaPWOQCHsMmuMBuvaIRJyoWPiTkQKnItjZhglBcboKvePoW2bpWFcbqE7cjIUG 6IXhPq2E8Y30gLMtegb6neKVqXAliSEO0C98ZHGxsDpDrenh7cGTPwhVJG6vslJ+lTKpqM BCLk2Iva9JfW+eMymhbV1G+rF20ECkQ= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-389-Jy4x4LlPPDyb9i2N1ngPYQ-1; Thu, 17 Nov 2022 09:33:14 -0500 X-MC-Unique: Jy4x4LlPPDyb9i2N1ngPYQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 62DAC1C08978; Thu, 17 Nov 2022 14:33:13 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id DAF482166B29; Thu, 17 Nov 2022 14:33:09 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 07/13] KVM: SVM: Add VNMI support in get/set_nmi_mask Date: Thu, 17 Nov 2022 16:32:36 +0200 Message-Id: <20221117143242.102721-8-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754325425543187?= X-GMAIL-MSGID: =?utf-8?q?1749754325425543187?= From: Santosh Shukla VMCB intr_ctrl bit12 (V_NMI_MASK) is set by the processor when handling NMI in guest and is cleared after the NMI is handled. Treat V_NMI_MASK as read-only in the hypervisor except for the SMM case where hypervisor before entring and after leaving SMM mode requires to set and unset V_NMI_MASK. Adding API(get_vnmi_vmcb) in order to return the correct vmcb for L1 or L2. Maxim: - made set_vnmi_mask/clear_vnmi_mask/is_vnmi_mask warn if called without vNMI enabled - clear IRET intercept in svm_set_nmi_mask even with vNMI Signed-off-by: Santosh Shukla Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 18 ++++++++++++++- arch/x86/kvm/svm/svm.h | 52 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 08a7b2a0a29f3a..c16f68f6c4f7d7 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3618,13 +3618,29 @@ static int svm_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection) static bool svm_get_nmi_mask(struct kvm_vcpu *vcpu) { - return !!(vcpu->arch.hflags & HF_NMI_MASK); + struct vcpu_svm *svm = to_svm(vcpu); + + if (is_vnmi_enabled(svm)) + return is_vnmi_mask_set(svm); + else + return !!(vcpu->arch.hflags & HF_NMI_MASK); } static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) { struct vcpu_svm *svm = to_svm(vcpu); + if (is_vnmi_enabled(svm)) { + if (masked) + set_vnmi_mask(svm); + else { + clear_vnmi_mask(svm); + if (!sev_es_guest(vcpu->kvm)) + svm_clr_intercept(svm, INTERCEPT_IRET); + } + return; + } + if (masked) { vcpu->arch.hflags |= HF_NMI_MASK; if (!sev_es_guest(vcpu->kvm)) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index f5383104d00580..bf7f4851dee204 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -35,6 +35,7 @@ extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly; extern bool npt_enabled; extern int vgif; extern bool intercept_smi; +extern bool vnmi; enum avic_modes { AVIC_MODE_NONE = 0, @@ -531,6 +532,57 @@ static inline bool is_x2apic_msrpm_offset(u32 offset) (msr < (APIC_BASE_MSR + 0x100)); } +static inline struct vmcb *get_vnmi_vmcb(struct vcpu_svm *svm) +{ + if (!vnmi) + return NULL; + + if (is_guest_mode(&svm->vcpu)) + return svm->nested.vmcb02.ptr; + else + return svm->vmcb01.ptr; +} + +static inline bool is_vnmi_enabled(struct vcpu_svm *svm) +{ + struct vmcb *vmcb = get_vnmi_vmcb(svm); + + if (vmcb) + return !!(vmcb->control.int_ctl & V_NMI_ENABLE); + else + return false; +} + +static inline bool is_vnmi_mask_set(struct vcpu_svm *svm) +{ + struct vmcb *vmcb = get_vnmi_vmcb(svm); + + if (!WARN_ON_ONCE(!vmcb)) + return false; + + return !!(vmcb->control.int_ctl & V_NMI_MASK); +} + +static inline void set_vnmi_mask(struct vcpu_svm *svm) +{ + struct vmcb *vmcb = get_vnmi_vmcb(svm); + + if (!WARN_ON_ONCE(!vmcb)) + return; + + vmcb->control.int_ctl |= V_NMI_MASK; +} + +static inline void clear_vnmi_mask(struct vcpu_svm *svm) +{ + struct vmcb *vmcb = get_vnmi_vmcb(svm); + + if (!WARN_ON_ONCE(!vmcb)) + return; + + vmcb->control.int_ctl &= ~V_NMI_MASK; +} + /* svm.c */ #define MSR_INVALID 0xffffffffU From patchwork Thu Nov 17 14:32:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21690 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433779wrr; Thu, 17 Nov 2022 06:36:19 -0800 (PST) X-Google-Smtp-Source: AA0mqf6eKwXpozzTDlQAHNzoiP52RtticxlcvxOoaeMY04XzhzBaTXD4Z7s9m8PvgWs9jyY60BCA X-Received: by 2002:a17:903:4094:b0:186:7fce:5ec9 with SMTP id z20-20020a170903409400b001867fce5ec9mr2965224plc.48.1668695779494; Thu, 17 Nov 2022 06:36:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695779; cv=none; d=google.com; s=arc-20160816; b=nMxn70FRrPtpjBj2k/A1+tUp2Wil6tkiu5dyND4Ndnc+zGniTju/WkShJ7gTgAYiu6 k6H9F9TL+MJibkkrfxIagmPhxKTUPnPRIeqsCIXYpiMbyFKGzqb8JTaC1SMOrRjBAQfE ezEm1OPoXxhJi4TR0EGiUmYpVbUb/lbovjrjNPdmNdMnQL3SSjfdxuhMkYbJa+YpsVIq fs6CgoTLHkEFOKyGYwwU+xc2X+sBZESa0FsXj75V2HZqT1QqvqnJKH1u5Rb1xiZ+vMhv zadVyRbIbDwEtmwNKd6UsztnaKwCCmKSgb3oIrKxL70srApDSrYdJJPLQRJFZG1Bv7Rj tuGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BudyXha3IcL4zFH4dWy8hg4aRuVxU+goAgJkX7rkDuY=; b=umO0zMemmWED4Ns52Nblr8mBCgW4f9xsxZUlGARFv7bY1e0XJXgOdOXBwSE50PpJ+H 3mEC8lozMFv8hR8yCuCpJkdfjK9CYoFvBG9epWIz+yTe5NuXzokKPObBTLbLEWx4oy5i wSTVMmIP3GLZMT2BtWPK1EWEWLNf+5mk4XiGMk/QMe5bMyPZUlPQtQCPNOzP+eqDFF6Y k2lv21YFIcJFZgA0ZKY0fNZu2+MuQc3YsocBvZcwmQlrhcuUdjpd9HB7wXnNow0+a+Lk PmnzDupoIZyTU19ZP7ZA+sj1qbjTm0lN5De+Bs5YRIRFjCChzmuKgDjY5OZ5vaDyUrn/ YrPA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=YFAX9kRh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m21-20020a635815000000b00476c2178227si1090084pgb.246.2022.11.17.06.36.06; Thu, 17 Nov 2022 06:36:19 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=YFAX9kRh; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240512AbiKQOfL (ORCPT + 99 others); Thu, 17 Nov 2022 09:35:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240409AbiKQOe0 (ORCPT ); Thu, 17 Nov 2022 09:34:26 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 747CB1B9 for ; Thu, 17 Nov 2022 06:33:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695602; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BudyXha3IcL4zFH4dWy8hg4aRuVxU+goAgJkX7rkDuY=; b=YFAX9kRhAny7g9DdrlJLZyIXDN7jXdjtHc6qayO8Yy+iPtOmyZ1jO0l2HacaKkdMYqZQYv RGPR/kf6wHVUBgD6+2KAvSYNQyWDtWaViCR5qUOyN2ZFb/vo/uiSciGBU4td8x6rfTJ1u5 yvCnrgijT8vEeuYboNGC80CtVky2Ozs= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-621-Us5Zwb9hM2abFqYnaijUSQ-1; Thu, 17 Nov 2022 09:33:18 -0500 X-MC-Unique: Us5Zwb9hM2abFqYnaijUSQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 34EF2185A78B; Thu, 17 Nov 2022 14:33:17 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id AD9872166B29; Thu, 17 Nov 2022 14:33:13 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 08/13] KVM: SVM: Report NMI not allowed when Guest busy handling VNMI Date: Thu, 17 Nov 2022 16:32:37 +0200 Message-Id: <20221117143242.102721-9-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754345767985988?= X-GMAIL-MSGID: =?utf-8?q?1749754345767985988?= From: Santosh Shukla In the VNMI case, Report NMI is not allowed when V_NMI_PENDING is set which mean virtual NMI already pended for Guest to process while the Guest is busy handling the current virtual NMI. The Guest will first finish handling the current virtual NMI and then it will take the pended event w/o vmexit. Maxim: - disable NMI window unconditionally for now. Signed-off-by: Santosh Shukla Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 6 ++++++ arch/x86/kvm/svm/svm.h | 11 +++++++++++ 2 files changed, 17 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c16f68f6c4f7d7..cfec4c98bb589b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3595,6 +3595,9 @@ bool svm_nmi_blocked(struct kvm_vcpu *vcpu) if (is_guest_mode(vcpu) && nested_exit_on_nmi(svm)) return false; + if (is_vnmi_enabled(svm) && is_vnmi_pending_set(svm)) + return true; + ret = (vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK) || (vcpu->arch.hflags & HF_NMI_MASK); @@ -3732,6 +3735,9 @@ static void svm_enable_nmi_window(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); + if (is_vnmi_enabled(svm)) + return; + if ((vcpu->arch.hflags & (HF_NMI_MASK | HF_IRET_MASK)) == HF_NMI_MASK) return; /* IRET will cause a vm exit */ diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index bf7f4851dee204..5f2ee72c6e3125 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -583,6 +583,17 @@ static inline void clear_vnmi_mask(struct vcpu_svm *svm) vmcb->control.int_ctl &= ~V_NMI_MASK; } + +static inline bool is_vnmi_pending_set(struct vcpu_svm *svm) +{ + struct vmcb *vmcb = get_vnmi_vmcb(svm); + + if (vmcb) + return !!(vmcb->control.int_ctl & V_NMI_PENDING); + else + return false; +} + /* svm.c */ #define MSR_INVALID 0xffffffffU From patchwork Thu Nov 17 14:32:38 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21689 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp433767wrr; Thu, 17 Nov 2022 06:36:17 -0800 (PST) X-Google-Smtp-Source: AA0mqf6iKJo3rVp6lBZKIAYHB2swl/3sjqiT9kefBxvQp3O/vhmTjVpYU6BTIy7UMQmeY4lZF+P7 X-Received: by 2002:a17:902:9a44:b0:188:5391:cec2 with SMTP id x4-20020a1709029a4400b001885391cec2mr3030525plv.78.1668695777689; Thu, 17 Nov 2022 06:36:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695777; cv=none; d=google.com; s=arc-20160816; b=n8MvI+HZZZ3EM13545iJPhNnCBkH4NFn7UnAmWWDiTFRiImd1JBHcfafid6sbCXIEU 0jV2nfA7g2fNYb/X/SYQd59gX5UY30NqUOD303mnE4map2ENigM57gdnEerfvLAWFIDm JFPXOgZiC2f4UHz05jryPqzCf+SizxQMEohu6kI00jHy+hqamk4bVJ9sVyu7MV5uJNKZ WO80cw4Ic2ccLplkF8qVJ59CB1jECHDiuzcgW2dRR9FtSOSJjS3rRdcylPCaS2H/Qowm Jyq8DpKA3wBGB+PqoRQm1JR3aVLYt0Xi2TF6QpzeMEcYOs/87+839qJdaPHsiF7+Uzup KIBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=nE6kIG2lOyCUTV0632EqZY8Sms9KZYxObW/NdTbq8mw=; b=RxZnkBtuFx4+FZQcM0wuvaqRNSRnvbSPq7/YVxooDyMokAwdq8l2RQF8xf2hcbqPVo YKL3volqsD+lZPVOSeKvc0Qd6U80FzEpkYRbiUj4D9fHQX1LyP4FHRekDr5V5UyVOqmS FKV2+huH5mAJyOjiCGuDvSeXOAyB14vro5+c6EGio3p/ybY9k3l7re5kXC+IBvPFp1oh Nc8MgsjdszqP9O0MbombiYsHzgtReBj3+CdOCa2Su0zDu3EYC2XP19/RlBkzn5ZvFId1 bTpETd9v7yMHDm+1xWclIJ0XXx8GWGK3XRXZUOMyCKaqKrbZG4jxMRdbgrjp5d51EB0+ vZMg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RlovOVr9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c17-20020a170903235100b001870feba7a1si1316005plh.135.2022.11.17.06.36.04; Thu, 17 Nov 2022 06:36:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=RlovOVr9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240510AbiKQOfG (ORCPT + 99 others); Thu, 17 Nov 2022 09:35:06 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59068 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240186AbiKQOeZ (ORCPT ); Thu, 17 Nov 2022 09:34:25 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1EBC9DE91 for ; Thu, 17 Nov 2022 06:33:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695606; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nE6kIG2lOyCUTV0632EqZY8Sms9KZYxObW/NdTbq8mw=; b=RlovOVr933QjMi5NCtDY6u0Cl8XSKh2G+uhn2N5DydOpCbEzFfi3EKAtVl/ekfz3U0M2OR 9dZozM1ADkIHGTBMOuPBDtj7bS62o1lZGw7VftZik0NpRDj97G+0tKGYDUdQU9Y39+Dpjg NKnvcl+jGboy1Fr6KTrNjh8gj7V1DNg= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-328-aDa9ab7dNnihyLfs71VXhQ-1; Thu, 17 Nov 2022 09:33:21 -0500 X-MC-Unique: aDa9ab7dNnihyLfs71VXhQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D69B2811E75; Thu, 17 Nov 2022 14:33:20 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7F8022166B29; Thu, 17 Nov 2022 14:33:17 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky Subject: [PATCH 09/13] KVM: SVM: allow NMI window with vNMI Date: Thu, 17 Nov 2022 16:32:38 +0200 Message-Id: <20221117143242.102721-10-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754343539263486?= X-GMAIL-MSGID: =?utf-8?q?1749754343539263486?= When the vNMI is enabled, the only case when the KVM will use an NMI window is when the vNMI injection is pending. In this case on next IRET/RSM/STGI, the injection has to be complete and a new NMI can be injected. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index cfec4c98bb589b..eaa30f8ace518d 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2477,7 +2477,10 @@ static int iret_interception(struct kvm_vcpu *vcpu) struct vcpu_svm *svm = to_svm(vcpu); ++vcpu->stat.nmi_window_exits; - vcpu->arch.hflags |= HF_IRET_MASK; + + if (!is_vnmi_enabled(svm)) + vcpu->arch.hflags |= HF_IRET_MASK; + if (!sev_es_guest(vcpu->kvm)) { svm_clr_intercept(svm, INTERCEPT_IRET); svm->nmi_iret_rip = kvm_rip_read(vcpu); @@ -3735,9 +3738,6 @@ static void svm_enable_nmi_window(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); - if (is_vnmi_enabled(svm)) - return; - if ((vcpu->arch.hflags & (HF_NMI_MASK | HF_IRET_MASK)) == HF_NMI_MASK) return; /* IRET will cause a vm exit */ @@ -3751,9 +3751,14 @@ static void svm_enable_nmi_window(struct kvm_vcpu *vcpu) * Something prevents NMI from been injected. Single step over possible * problem (IRET or exception injection or interrupt shadow) */ - svm->nmi_singlestep_guest_rflags = svm_get_rflags(vcpu); - svm->nmi_singlestep = true; - svm->vmcb->save.rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF); + + if (is_vnmi_enabled(svm)) { + svm_set_intercept(svm, INTERCEPT_IRET); + } else { + svm->nmi_singlestep_guest_rflags = svm_get_rflags(vcpu); + svm->nmi_singlestep = true; + svm->vmcb->save.rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF); + } } static void svm_flush_tlb_current(struct kvm_vcpu *vcpu) From patchwork Thu Nov 17 14:32:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21693 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp434749wrr; Thu, 17 Nov 2022 06:38:15 -0800 (PST) X-Google-Smtp-Source: AA0mqf6n/yGcaeqxMPqziq7NWFiXQXNuhSHNF0twHHuRIiC1guJwJNGrW0YSaO5DRGztIXkJOPLz X-Received: by 2002:a17:90a:88f:b0:215:d767:4863 with SMTP id v15-20020a17090a088f00b00215d7674863mr3012993pjc.233.1668695895602; Thu, 17 Nov 2022 06:38:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695895; cv=none; d=google.com; s=arc-20160816; b=K23oa7eZxWF0TeL3wbzZ6ZOzGsLLrdV136eD8M/g77p0iKaqcEWI/A1rzUymxunr5Y ZreP6gw1ZdyWwkFoWwna9IBZz1GHqemkLuDJ9hht/C04X6WZEIFFsvRDQY1/uuvFS9tG pPw2oZpzBgQeak+mrasB/78dpYnbNB/6FMttwdiBdmk2st9A2A9Nty3Gea2ATaUcuTkx 1aJux1YHVcHPCRA9bBdBiN0gMFKOGRrejfxDV+0r/cZxtoLrBwf1XzypR4uQC/6K37Ty 78i4SBV8r8wNA3cXTdoHOcLwsfQCbPsl4HgfSsGbAq8rGWV+stsmRF0J0hj6By3VQhng Pi0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=TaydI4I4+Qlz5zavVfjLBmIIDcUhBXwzZ2N6s+mdb+g=; b=cQtgN4XrfDrIYMcXH+JJuwfFOIRGeRdrnLE20goxkAcawz+tfB8oGBDvsEUbMMTqqh U+yV9H7iQLj4WqFYX/qDkiKxDyJcu/p3bVTJGoMX+BfiZl2O8z1KL1Rz0AyYtS28nMzV uLOVsfEpmYFa4mKwbWwSIKO3Y5oT3eSYvHESRo2xpTdCAeiCywA6Lqj2uv5gG7+wtpWA LZZqNfKflMBBiNbl+xsTiN9asVmuaQu7RIG3M0K+It/cNXQSbPDnC5YFknNuCsR8MPFx r8usQ/Oi+fCpd0q2GuPo1+Rr5bm+Q3lyYtmVANSBBN4x1LSJoYe99sjej98qbD68Kc1B f0Kg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=c08Ss+gB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w8-20020aa79548000000b0057189df52d4si952585pfq.3.2022.11.17.06.38.02; Thu, 17 Nov 2022 06:38:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=c08Ss+gB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240462AbiKQOfu (ORCPT + 99 others); Thu, 17 Nov 2022 09:35:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59234 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240449AbiKQOeh (ORCPT ); Thu, 17 Nov 2022 09:34:37 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C17F17E35 for ; Thu, 17 Nov 2022 06:33:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695613; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TaydI4I4+Qlz5zavVfjLBmIIDcUhBXwzZ2N6s+mdb+g=; b=c08Ss+gBfkz5KXqxrzPgMow9O1mAuQFhMioGNBV4b8Tt/3A0ZW+zMyuLghElDpuJKvM2PT 8J6txAL2fMD0/8R2o72dKksuACCfFcRpNZYWi5An0jZx+Z86XcHR4Rr+SIkBiXpr2PzK9G EzmjQ1IY+H5/TUu9yJatvO/pPrj1Mvs= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-539-BQIktnTiOPaOrejF1IjLKA-1; Thu, 17 Nov 2022 09:33:25 -0500 X-MC-Unique: BQIktnTiOPaOrejF1IjLKA-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A86A994AB03; Thu, 17 Nov 2022 14:33:24 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2CD852166B29; Thu, 17 Nov 2022 14:33:21 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 10/13] KVM: SVM: Add VNMI support in inject_nmi Date: Thu, 17 Nov 2022 16:32:39 +0200 Message-Id: <20221117143242.102721-11-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754467566691781?= X-GMAIL-MSGID: =?utf-8?q?1749754467566691781?= From: Santosh Shukla Inject the NMI by setting V_NMI in the VMCB interrupt control. processor will clear V_NMI to acknowledge processing has started and will keep the V_NMI_MASK set until the processor is done with processing the NMI event. Also, handle the nmi_l1_to_l2 case such that when it is true then NMI to be injected originally comes from L1's VMCB12 EVENTINJ field. So adding a check for that case. Signed-off-by: Santosh Shukla Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index eaa30f8ace518d..9ebfbd0d4b467e 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3479,7 +3479,14 @@ static void pre_svm_run(struct kvm_vcpu *vcpu) static void svm_inject_nmi(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); + struct vmcb *vmcb = NULL; + if (is_vnmi_enabled(svm) && !svm->nmi_l1_to_l2) { + vmcb = get_vnmi_vmcb(svm); + vmcb->control.int_ctl |= V_NMI_PENDING; + ++vcpu->stat.nmi_injections; + return; + } svm->vmcb->control.event_inj = SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI; if (svm->nmi_l1_to_l2) From patchwork Thu Nov 17 14:32:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21692 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp434626wrr; Thu, 17 Nov 2022 06:38:02 -0800 (PST) X-Google-Smtp-Source: AA0mqf4uweZovzeD58AfhEQhqVZJka0BkfvkhUkjV1mSsdWOCibbancmhFsbWFYgjOol4BZxZNy3 X-Received: by 2002:aa7:9435:0:b0:56b:801b:5618 with SMTP id y21-20020aa79435000000b0056b801b5618mr3226796pfo.62.1668695882021; Thu, 17 Nov 2022 06:38:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668695882; cv=none; d=google.com; s=arc-20160816; b=BaPQFuMo3zPBwAYM04jVgW7/tyF75fifz6zWFcePcxEOgJKA+C08QZ4R0Izw3is7gH t8JTU3MuBHUyRNHc8gCTouKo4daTndhbFy8wtDoiDLvKPeOuOe+euUyX+Dw1HlE/PcFw NvQNPyG481ZsT3Bedp3F6JbsgNWW8f/iS6byMxruhGtgcVRYgdTnNmTqEtIYHUl52ja0 ym9gjKjLLS2Qq4Sw/lMM1ZSxqj4IBHxv4q1iTDfQI4LTq4BXRcjj+EyslcTK9hQL7GDB eA2QwkXmXxChBTt0dvPtLc1qTZWcwznlDkeE/RH7zDn80RjsI6moQpSus7gv4wRsxCQM ybLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BRiRehiIas3vv9np5G0BO4HtZHrN+zn3ozCBnxST56A=; b=WU1K1UxIrmIFvMNhZ1wtbf0gPuwIIj7vA6sOpd+JoWeBk5nFynuN88753YDgtdSBMY CghmOHsqeYZ98TkNbs4j5Q5BtXDYceicsotiAvXRdd6nTDpSMTIFU7aFL5FvvJdBija8 +USvnAUmncI9ka7T6gKvKmoPavj1ttwJ63FSCgXX0Flq907vLuSDbAU9iqG1aqRAiSh5 YwN5zmEcmoN5rMPBY+zFJWFrX+dkDwCYJit/9W2pfEpheenomjDsVsXeLfrR4my+dvsR rf3lfclv6tt70YoqjAgolNNd6jNfQ6CdYmpk5/5tGD14XQrshnMPyK9KzheXFMlZ7BxB iytw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=F4e39YVR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id mw18-20020a17090b4d1200b00218611c0e9fsi4024392pjb.53.2022.11.17.06.37.48; Thu, 17 Nov 2022 06:38:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=F4e39YVR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240531AbiKQOfq (ORCPT + 99 others); Thu, 17 Nov 2022 09:35:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59230 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240450AbiKQOei (ORCPT ); Thu, 17 Nov 2022 09:34:38 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0ACC51F2D9 for ; Thu, 17 Nov 2022 06:33:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695612; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BRiRehiIas3vv9np5G0BO4HtZHrN+zn3ozCBnxST56A=; b=F4e39YVRpvZ2yUTQcto+UuF+hTYOOHipwL5d1r5VA9DLgM6vuYXM96mAaoEDZCRx9xmnT6 F1HQ3sMjK+KFvDSleneE+6xyBFOOd0peyainxVftLJnBTTmqBrmwhrGo3sYFS8WwCdbpKS B+4fYyps3WbbJCnuzrrRwUGCDv1PsnI= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-614-RDKMU4pKPg6Zok40QL3vbw-1; Thu, 17 Nov 2022 09:33:29 -0500 X-MC-Unique: RDKMU4pKPg6Zok40QL3vbw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7C2A5381494E; Thu, 17 Nov 2022 14:33:28 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id F2EF42166B29; Thu, 17 Nov 2022 14:33:24 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 11/13] KVM: nSVM: implement nested VNMI Date: Thu, 17 Nov 2022 16:32:40 +0200 Message-Id: <20221117143242.102721-12-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749754452921549290?= X-GMAIL-MSGID: =?utf-8?q?1749754452921549290?= From: Santosh Shukla In order to support nested VNMI requires saving and restoring the VNMI bits during nested entry and exit. In case of L1 and L2 both using VNMI- Copy VNMI bits from vmcb12 to vmcb02 during entry and vice-versa during exit. And in case of L1 uses VNMI and L2 doesn't- Copy VNMI bits from vmcb01 to vmcb02 during entry and vice-versa during exit. Tested with the KVM-unit-test and Nested Guest scenario. Maxim: - moved the vNMI bits copying to nested_sync_int_ctl_from_vmcb02 Signed-off-by: Santosh Shukla Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 13 +++++++++++++ arch/x86/kvm/svm/svm.c | 5 +++++ arch/x86/kvm/svm/svm.h | 6 ++++++ 3 files changed, 24 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 1f2b8492c8782f..c9fcdd691bb5a1 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -442,6 +442,14 @@ static void nested_sync_int_ctl_from_vmcb02(struct vcpu_svm *svm, */ ; + if (vnmi) { + /* copy back the vNMI fields which can be modified by the CPU */ + if (nested_vnmi_enabled(svm)) + l2_to_l1_mask |= V_NMI_MASK | V_NMI_PENDING; + else + l2_to_l0_mask |= V_NMI_MASK | V_NMI_PENDING; + } + vmcb12->control.int_ctl = (svm->nested.ctl.int_ctl & ~l2_to_l1_mask) | (vmcb02->control.int_ctl & l2_to_l1_mask); @@ -657,6 +665,11 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, else int_ctl_vmcb01_bits |= (V_GIF_MASK | V_GIF_ENABLE_MASK); + if (nested_vnmi_enabled(svm)) + int_ctl_vmcb12_bits |= (V_NMI_PENDING | V_NMI_ENABLE | V_NMI_MASK); + else + int_ctl_vmcb01_bits |= (V_NMI_PENDING | V_NMI_ENABLE | V_NMI_MASK); + /* Copied from vmcb01. msrpm_base can be overwritten later. */ vmcb02->control.nested_ctl = vmcb01->control.nested_ctl; vmcb02->control.iopm_base_pa = vmcb01->control.iopm_base_pa; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 9ebfbd0d4b467e..c9190a8ee03273 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4188,6 +4188,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) svm->vgif_enabled = vgif && guest_cpuid_has(vcpu, X86_FEATURE_VGIF); + svm->vnmi_enabled = vnmi && guest_cpuid_has(vcpu, X86_FEATURE_AMD_VNMI); + svm_recalc_instruction_intercepts(vcpu, svm); /* For sev guests, the memory encryption bit is not reserved in CR3. */ @@ -4939,6 +4941,9 @@ static __init void svm_set_cpu_caps(void) if (vgif) kvm_cpu_cap_set(X86_FEATURE_VGIF); + if (vnmi) + kvm_cpu_cap_set(X86_FEATURE_AMD_VNMI); + /* Nested VM can receive #VMEXIT instead of triggering #GP */ kvm_cpu_cap_set(X86_FEATURE_SVME_ADDR_CHK); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 5f2ee72c6e3125..d39e937a2c8391 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -252,6 +252,7 @@ struct vcpu_svm { bool pause_filter_enabled : 1; bool pause_threshold_enabled : 1; bool vgif_enabled : 1; + bool vnmi_enabled : 1; u32 ldr_reg; u32 dfr_reg; @@ -532,6 +533,11 @@ static inline bool is_x2apic_msrpm_offset(u32 offset) (msr < (APIC_BASE_MSR + 0x100)); } +static inline bool nested_vnmi_enabled(struct vcpu_svm *svm) +{ + return svm->vnmi_enabled && (svm->nested.ctl.int_ctl & V_NMI_ENABLE); +} + static inline struct vmcb *get_vnmi_vmcb(struct vcpu_svm *svm) { if (!vnmi) From patchwork Thu Nov 17 14:32:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21698 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp444712wrr; Thu, 17 Nov 2022 07:00:16 -0800 (PST) X-Google-Smtp-Source: AA0mqf5IeCF4xCVsNOfEcSBQJphO6nHACH1Itk9Gnc83QYQwaFl4bGHIKUlP5ytCzm2Wov4fEF3K X-Received: by 2002:a17:906:114b:b0:7ab:1b4c:ac6e with SMTP id i11-20020a170906114b00b007ab1b4cac6emr2484409eja.669.1668697216144; Thu, 17 Nov 2022 07:00:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668697216; cv=none; d=google.com; s=arc-20160816; b=CqKw43L8zgw19ypROVStkfFZQRnMnZWeItuO8HagUo7AowoAAMHg94+g9dQFstnaN8 tNJRejwaeBTl2gup1uHN3cboKSqk05z0wDp9MGR0hNgdmL9rw/Y0+GhDclVZOJGpPrdW 6FsVjKHtnpguMzgZUIJYeX2ssCN81Q26Lv/BL+2qRd3NSqB3B5mCtXU7VxzU9IrwtQ5u s/04eEuYJfaXFVihxP4NR2UsMYrqXMIMTWO+rtfepF584C+xAmNMSgjRJLdsVkVVhmEg 8esrkPAAI4y0ZXNBZO1Hf32J1qOBh19JIq2JKK9h53ZVDIrIJ8NAQHrc4D5vPNapU2Qa hyRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1k8xZrOm8P1dLuASAaP3xDdrnCi2/FFVUPRDCzjye6I=; b=AbNSKlbuZ4BTUP7NdnOxjLdIQ2kRPECDXjUJHVn+Ejg5EFsJpmOvSPAbQJR7sa+2gn SJg/CUPL7692JzmXnxcL5CBCAzcZv4NrsL8h5BFVGsXws4Dnb6HzkvfE+Z6Hc8wrxqer 8FXDnmliRikj7kpmuW+ACQBcFgMDCg1hhZYqIiusBh76mlgNNwHLVgu7uxHQ24VkWX7e lQSmlNjoTuksNaP7sYhS/Aluvls7Tv0Q4+ZURNsKy/1gzvE/u+RwOx5gOAcez+P8R8Wq ASDRh0Fg1cLBK6drMOTDjOl7VRsImSDhLwga5CHDbjp3W3v5Bvnl/cV5qe9CYfQ/gNR8 uVGQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DuPtPvlm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id qq18-20020a17090720d200b0078db89b526asi629348ejb.108.2022.11.17.06.59.52; Thu, 17 Nov 2022 07:00:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DuPtPvlm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240392AbiKQOfy (ORCPT + 99 others); Thu, 17 Nov 2022 09:35:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240421AbiKQOej (ORCPT ); Thu, 17 Nov 2022 09:34:39 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5CE0C17A9D for ; Thu, 17 Nov 2022 06:33:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695616; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1k8xZrOm8P1dLuASAaP3xDdrnCi2/FFVUPRDCzjye6I=; b=DuPtPvlm8GQgbPtLvCglrR6JCUhUYoSnDBujXcyXFeOdchapttoorx8QVanjrs9QfXcFBP zknI+Do19kJ7ICNW2wB8AtTExCrP2Tasy2O5Noym6GYagcmDqrDz3O3Vg0EIlq4U1JHRmx BYKkJTn0AdpIF/SoEaBA2MQRMEGq2qw= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-42-qx5GWSDkPoGBYLKq62dSJQ-1; Thu, 17 Nov 2022 09:33:33 -0500 X-MC-Unique: qx5GWSDkPoGBYLKq62dSJQ-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4E32788F452; Thu, 17 Nov 2022 14:33:32 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id C6B0D2166B29; Thu, 17 Nov 2022 14:33:28 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 12/13] KVM: nSVM: emulate VMEXIT_INVALID case for nested VNMI Date: Thu, 17 Nov 2022 16:32:41 +0200 Message-Id: <20221117143242.102721-13-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749755852373618889?= X-GMAIL-MSGID: =?utf-8?q?1749755852373618889?= From: Santosh Shukla If NMI virtualization enabled and NMI_INTERCEPT is unset then next vm entry will exit with #INVALID exit reason. In order to emulate above (VMEXIT(#INVALID)) scenario for nested environment, extending check for V_NMI_ENABLE, NMI_INTERCEPT bit in func __nested_vmcb_check_controls. Signed-off-by: Santosh Shukla Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index c9fcdd691bb5a1..3ef7e1971a4709 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -275,6 +275,11 @@ static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, if (CC(!nested_svm_check_tlb_ctl(vcpu, control->tlb_ctl))) return false; + if (CC((control->int_ctl & V_NMI_ENABLE) && + !vmcb12_is_intercept(control, INTERCEPT_NMI))) { + return false; + } + return true; } From patchwork Thu Nov 17 14:32:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maxim Levitsky X-Patchwork-Id: 21696 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp444046wrr; Thu, 17 Nov 2022 06:58:47 -0800 (PST) X-Google-Smtp-Source: AA0mqf5mVFwn+Ha0VHj1+ynuUhmdKO05nFfaG02Roxx3wXBkuFk/iFG2UF0nWMguWepU5GpPt+A9 X-Received: by 2002:a05:6402:22f7:b0:462:5f37:5a22 with SMTP id dn23-20020a05640222f700b004625f375a22mr2484676edb.226.1668697127144; Thu, 17 Nov 2022 06:58:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668697127; cv=none; d=google.com; s=arc-20160816; b=bSRQewkEOCisS/Grw5Mzdp8+uF+XH7VlxA6spptfu6/Z7NJF5koZgLXLhfoz/55AIi 7BVfNsmEKtLJ/iYraLw6sdP8iHtsOIkV31Br3/vLr+3U2wsulOkE42eZ7x4Yg3ku2wpa yv5JF9cjOZP8c2dzhfC/IC1aILomWjM5t85MTQijVO8BT5zc9L84TguPV9/y2WXW9VHs ddlY4keQWN4JTQ2LcWsA3VTnWlopeXSXqCrvOUAoW+szTV3iIesx3GjuOmkspbJaL3xe 5hcG6Y93Up+ik7QV2hMV+QBcq69n9pFmTPwIQgdJZftjDIuC/MZWjAEOlSz3+6k5lDNI braQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=l5d3UROtrmIXOlx4UW5lVsYBe3iueIG6WmdS7Aa6h3c=; b=xS9WWWjM4uc8OkBeYQCHZUe5+4MYiGAMKYKIYHsIY6EhFcSv2TioEuS8XJVWDxj4lo 7QBjXvhqCKSYbteAnXtYMjcLFcirgS0FAjEEq6WVDBHtyJ0OKCrDx//s6th1CT8zDB2j E8k19tEvS7qENp6hoTUALeWbjycz7bLVmlutn+46F9S4mI1muDWuh8Kq4fiTfewkw7Ku R3u0GkhXj3PZxGxVB/xJlDwHundEnVHs9qT9HJKzSMP/f4OuyIHHgSkjFI/jqr5uysPl V1CU2taU97rOGCGpOWPwDaxxAdWkVdBD9DuRzkD6dZyghAuDPSykjCUoIgkRdJvR0xuu Q+qQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Ws1tFKIg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y6-20020a056402440600b0045d8bff7afesi1156427eda.376.2022.11.17.06.58.23; Thu, 17 Nov 2022 06:58:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Ws1tFKIg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240496AbiKQOgE (ORCPT + 99 others); Thu, 17 Nov 2022 09:36:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59514 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240481AbiKQOeu (ORCPT ); Thu, 17 Nov 2022 09:34:50 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 503975D6AC for ; Thu, 17 Nov 2022 06:33:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1668695620; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=l5d3UROtrmIXOlx4UW5lVsYBe3iueIG6WmdS7Aa6h3c=; b=Ws1tFKIg5C0Blqx4Q00dQaZfX4chtqS5097Z1F3WC9dGr2Gob6fzyInDXvq5dttrFttFWk V1G2fZPMfcYA2qcfBN+a3iiC6AsjF8yHlC78jsIW9hIt6arBavFgthz4zZHijdLa9L0hoQ 7il2LFn3+e77C87h8qwMzbJQUDyV8Jk= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-501-Ol7uoAMDP2C3N8X_GQ_pGg-1; Thu, 17 Nov 2022 09:33:37 -0500 X-MC-Unique: Ol7uoAMDP2C3N8X_GQ_pGg-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 26FC01C08975; Thu, 17 Nov 2022 14:33:36 +0000 (UTC) Received: from amdlaptop.tlv.redhat.com (dhcp-4-238.tlv.redhat.com [10.35.4.238]) by smtp.corp.redhat.com (Postfix) with ESMTP id 98BC32166B29; Thu, 17 Nov 2022 14:33:32 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Paolo Bonzini , Ingo Molnar , "H. Peter Anvin" , Dave Hansen , linux-kernel@vger.kernel.org, Peter Zijlstra , Thomas Gleixner , Sandipan Das , Daniel Sneddon , Jing Liu , Josh Poimboeuf , Wyes Karny , Borislav Petkov , Babu Moger , Pawan Gupta , Sean Christopherson , Jim Mattson , x86@kernel.org, Maxim Levitsky , Santosh Shukla Subject: [PATCH 13/13] KVM: SVM: Enable VNMI feature Date: Thu, 17 Nov 2022 16:32:42 +0200 Message-Id: <20221117143242.102721-14-mlevitsk@redhat.com> In-Reply-To: <20221117143242.102721-1-mlevitsk@redhat.com> References: <20221117143242.102721-1-mlevitsk@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749755758826639729?= X-GMAIL-MSGID: =?utf-8?q?1749755758826639729?= From: Santosh Shukla Enable the NMI virtualization (V_NMI_ENABLE) in the VMCB interrupt control when the vnmi module parameter is set. Signed-off-by: Santosh Shukla Reviewed-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c9190a8ee03273..5b61d89c644da6 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1307,6 +1307,9 @@ static void init_vmcb(struct kvm_vcpu *vcpu) if (kvm_vcpu_apicv_active(vcpu)) avic_init_vmcb(svm, vmcb); + if (vnmi) + svm->vmcb->control.int_ctl |= V_NMI_ENABLE; + if (vgif) { svm_clr_intercept(svm, INTERCEPT_STGI); svm_clr_intercept(svm, INTERCEPT_CLGI);