Add a new VM guest mode VM_MODE_PXXV48_4K_USER to set the user bit of
guest page table entries, thus allow user level code to run in guests.
Suggested-by: Sean Christopherson
Signed-off-by: Xin Li
---
.../testing/selftests/kvm/include/kvm_util_base.h | 1 +
tools/testing/selftests/kvm/lib
Add FRED related VMCS fields checkings.
As real hardware, nested VMX performs checks on various VMCS fields,
including both controls and guest/host states. With the introduction
of VMX FRED, add FRED related VMCS fields checkings.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
arch/x86/kvm
injects a nested exception, which is regarded as occurred in ring 0.
To fully test the underlying FRED VMX code, this test should be run one
more round with EPT disabled to inject page faults as nested exceptions.
Originally-by: Shan Kang
Signed-off-by: Xin Li
---
tools/testing/selftests/kvm
Run another round of debug_regs test with FRED enabled if FRED is
available.
Signed-off-by: Xin Li
---
.../selftests/kvm/include/x86_64/processor.h | 4 ++
.../testing/selftests/kvm/x86_64/debug_regs.c | 50 ++-
2 files changed, 41 insertions(+), 13 deletions(-)
diff --git a
Allow FRED/LKGS/WRMSRNS to be exposed to guests, thus a guest OS could see
these features when the guest is configured with FRED/LKGS/WRMSRNS in Qemu.
A qemu patch is required to expose FRED/LKGS/WRMSRNS to KVM guests.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
arch/x86/kvm/cpuid.c | 4
Add FRED VMCS fields to nested VMX context management.
Todo: change VMCS12_REVISION, as struct vmcs12 is changed.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Change since v1:
* Remove hyperv TLFS related changes (Jeremi Piotrowski).
* Use kvm_cpu_cap_has() instead of cpu_feature_enabled
Add a prerequisite for accessing VMCS fields referenced in macros
SHADOW_FIELD_R[OW], because a VMCS field may not exist on some CPUs.
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/nested.c | 70 ++--
arch/x86/kvm/vmx/vmcs_shadow_fields.h | 76
Enable the secondary VM exit controls to prepare for nested FRED.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Documentation/virt/kvm/x86/nested-vmx.rst | 1 +
arch/x86/kvm/vmx/capabilities.h | 1 +
arch/x86/kvm/vmx/nested.c | 15 ++-
arch/x86/kvm/vmx
Add VMX FRED controls to nested VMX controls and set the VMX
nested-exception support bit (bit 58) in the nested IA32_VMX_BASIC MSR
when FRED is enabled.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
arch/x86/kvm/vmx/nested.c | 14 ++
arch/x86/kvm/vmx/vmx.c| 1 +
2 files
livered on stack level 1 when encountered in
ring 3.
- normal #PF will be delivered on stack level 0 when encountered in
ring 3.
The VMX nested-exception support ensures the correct event stack level is
chosen when a VM entry injects a nested exception.
Signed-off-by: Xin Li
Tested-by:
Set VMX CPU capabilities before initializing nested instead of after,
as it needs to check VMX CPU capabilities to setup the VMX basic MSR
for nested.
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/vmx.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/vmx/vmx.c
Add FRED related VMCS fields to dump_vmcs() to have it dump FRED context.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Change since v1:
* Use kvm_cpu_cap_has() instead of cpu_feature_enabled() (Chao Gao).
* Dump guest FRED states only if guest has FRED enabled (Nikolay Borisov).
---
arch
-event to be
delivered, the data in the original-event data VMCS field needs to
be set into the injected-event data VMCS field for the injection of
the original event.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Change since v1:
* Document event data should be equal to CR2/DR6/IA32_XFD_ERR
Refuse to virtualize FRED if FRED consistency checks fail.
Suggested-by: Chao Gao
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/capabilities.h | 10 ++
arch/x86/kvm/vmx/vmx.c | 2 ++
2 files changed, 12 insertions(+)
diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm
Add kvm_is_fred_enabled() to get if FRED is enabled on a vCPU.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Change since v1:
* Explain why it is ok to only check CR4.FRED (Chao Gao).
---
arch/x86/kvm/kvm_cache_regs.h | 17 +
1 file changed, 17 insertions(+)
diff --git a
MSR_IA32_FRED_SSP0, i.e., MSR_IA32_PL0_SSP, is not
added yet, which is done in the KVM CET patch set.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Changes since v1:
* Use kvm_cpu_cap_has() instead of cpu_feature_enabled() (Chao Gao).
* Fail host requested FRED MSRs access if KVM cannot virtualize FRED
an be deferred to load host FRED RSP0 and SSP0
until before returning to user level.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Changes since v1:
* Use kvm_cpu_cap_has() instead of cpu_feature_enabled() to decouple
KVM's capability to virtualize a feature and host's enabling of a
.
KVM should switch to host FRED RSP0 before returning to user level,
and switch to guest FRED RSP0 before entering guest mode.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Changes since v1:
* Don't use guest_cpuid_has() in vmx_prepare_switch_to_{host,guest}(),
which are called fro
FRED MSRs to VMCS during VM exit.
3) add SECONDARY_VM_EXIT_LOAD_IA32_FRED to
KVM_OPTIONAL_VMX_SECONDARY_VM_EXIT_CONTROLS to have a FRED CPU load
host FRED MSRs from VMCS during VM exit.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Change since v1:
* Remove FRED VM entry/exit controls
to save/load FRED MSRs for
a non-FRED guest, which aren't supposed to access FRED MSRs.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Changes since v1:
* Use kvm_cpu_cap_has() instead of cpu_feature_enabled() (Chao Gao).
* Clear FRED VM entry/exit controls if FRED is not enumerated (Cha
Add FRED MSRs to the valid passthrough MSR list and set FRED MSRs intercept
based on FRED enumeration.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Change since v1:
* Enable FRED MSRs intercept if FRED is no longer enumerated in CPUID
(Chao Gao).
---
arch/x86/kvm/vmx/vmx.c | 17
Enable the secondary VM exit controls to prepare for FRED enabling.
The activation of the secondary VM exit controls is off now, and it
will be switched on when a VMX feature needing it is enabled.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
Change since v1:
* Always load the secondary VM
The CR4.FRED bit, i.e., CR4[32], is no longer a reserved bit when a guest
enumerates FRED, otherwise it is still a reserved bit.
Signed-off-by: Xin Li
Tested-by: Shan Kang
---
arch/x86/include/asm/kvm_host.h | 2 +-
arch/x86/kvm/x86.h | 2 ++
2 files changed, 3 insertions(+), 1
Define VMX misc information fields with BIT_ULL()/GENMASK_ULL(), and move
VMX misc field macros to vmx.h if used in multiple files or where they are
used only once.
Signed-off-by: Xin Li
---
arch/x86/include/asm/msr-index.h | 5 -
arch/x86/include/asm/vmx.h | 12 +--
arch/x86
needed.
VMX_EPTP_MT_{WB,UC} values 0x6 and 0x0 are generic x86 memory type
values, no need to prefix them with VMX_EPTP_.
Signed-off-by: Xin Li
Tested-by: Shan Kang
Acked-by: Kai Huang
---
Changes since v4:
* Do not split VMX_BASIC bit definitions across multiple files (Kai
Huang).
* Put some
dd a prerequisite to SHADOW_FIELD_R[OW] macros
* Remove hyperv TLFS related changes (Jeremi Piotrowski).
* Use kvm_cpu_cap_has() instead of cpu_feature_enabled() to decouple
KVM's capability to virtualize a feature and host's enabling of a
feature (Chao Gao).
Xin Li (25):
KVM: VMX: Cleanup
Add FRED VMCS fields to nested VMX context management.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
Documentation/virt/kvm/x86/nested-vmx.rst | 18 +++
arch/x86/include/asm/hyperv-tlfs.h| 18 +++
arch/x86/kvm/vmx/hyperv.c | 38 ++
arch/x86/kvm/vmx/nested.c
MSR_IA32_FRED_SSP0, i.e., MSR_IA32_PL0_SSP, is not
added yet, which needs to be aligned with KVM CET patch set.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/vmx.c | 72 ++
arch/x86/kvm/x86.c | 23 ++
2 files changed, 95 insertions
entry
injects a nested exception, which is "regarded" as occurred in ring 0.
Signed-off-by: Shan Kang
Co-developed-by: Xin Li
Signed-off-by: Xin Li
---
tools/testing/selftests/kvm/Makefile | 1 +
.../selftests/kvm/include/x86_64/processor.h | 29 ++
.../testing/selftests/
.
KVM should switch to host FRED RSP0 before returning to user level,
and switch to guest FRED RSP0 before entering guest mode.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/vmx.c | 17 +
arch/x86/kvm/vmx/vmx.h | 2 ++
2 files changed, 19 insertions(+)
diff
Run another round of debug_regs test with FRED enabled if FRED is
available.
Signed-off-by: Xin Li
---
.../selftests/kvm/include/x86_64/processor.h | 4 ++
.../testing/selftests/kvm/x86_64/debug_regs.c | 50 ++-
2 files changed, 41 insertions(+), 13 deletions(-)
diff --git a
Enable the secondary VM exit controls to prepare for nested FRED.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
Documentation/virt/kvm/x86/nested-vmx.rst | 1 +
arch/x86/include/asm/hyperv-tlfs.h| 1 +
arch/x86/kvm/vmx/capabilities.h | 1 +
arch/x86/kvm/vmx/hyperv.c
Add VMX FRED controls to nested VMX controls and set the VMX
nested-exception support bit (bit 58) in the nested IA32_VMX_BASIC MSR
when FRED is enabled.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/hyperv.c | 7 +--
arch/x86/kvm/vmx/nested.c | 14 ++
arch
Add FRED related VMCS fields checkings.
As real hardware, nested VMX performs checks on various VMCS fields,
including both controls and guest/host states. With the introduction
of VMX FRED, add FRED related VMCS fields checkings.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm
Add FRED related VMCS fields to dump_vmcs() to have it dump FRED context.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/vmx.c | 48 --
1 file changed, 41 insertions(+), 7 deletions(-)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm
an be deferred to load host FRED RSP0 and SSP0
until before returning to user level.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/include/asm/vmx.h | 16
arch/x86/kvm/vmx/vmx.c | 32
2 files changed, 48 insertions(+)
diff --git a
Allow FRED/LKGS/WRMSRNS to be exposed to guests, thus a guest OS could see
these features when the guest is configured with FRED/LKGS/WRMSRNS in Qemu.
A qemu patch is required to expose FRED/LKGS/WRMSRNS to KVM guests.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/cpuid.c | 4
Add a new VM guest mode VM_MODE_PXXV48_4K_USER to set the user bit of
guest page table entries, thus allow user level code to run in guests.
Suggested-by: Sean Christopherson
Signed-off-by: Xin Li
---
.../testing/selftests/kvm/include/kvm_util_base.h | 1 +
tools/testing/selftests/kvm/lib
Add kvm_is_fred_enabled() to get if FRED is enabled on a vCPU.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/kvm_cache_regs.h | 10 ++
1 file changed, 10 insertions(+)
diff --git a/arch/x86/kvm/kvm_cache_regs.h b/arch/x86/kvm/kvm_cache_regs.h
index 75eae9c4998a
Add FRED VMCS fields to evmcs.
Signed-off-by: Xin Li
---
.../selftests/kvm/include/x86_64/evmcs.h | 146 ++
.../selftests/kvm/include/x86_64/vmx.h| 20 +++
2 files changed, 166 insertions(+)
diff --git a/tools/testing/selftests/kvm/include/x86_64/evmcs.h
b/tools
ned-off-by: Xin Li
---
arch/x86/include/asm/kvm_host.h | 6 --
arch/x86/include/asm/vmx.h | 4 +++-
arch/x86/kvm/svm/svm.c | 4 ++--
arch/x86/kvm/vmx/vmx.c | 26 +-
arch/x86/kvm/x86.c | 22 +-
arch/x86
-event to be
delivered, the data in the original-event data VMCS field needs to
be set into the injected-event data VMCS field for the injection of
the original event.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/include/asm/vmx.h | 4 ++
arch/x86/kvm/vmx/vmx.c | 84
Kang
Signed-off-by: Xin Li
---
arch/x86/include/asm/vmx.h | 3 +++
arch/x86/kvm/vmx/vmx.c | 19 ++-
arch/x86/kvm/vmx/vmx.h | 7 +--
3 files changed, 26 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
index
The CR4.FRED bit, i.e., CR4[32], is no longer a reserved bit when a guest
enumerates FRED, otherwise it is still a reserved bit.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/include/asm/kvm_host.h | 3 ++-
arch/x86/kvm/x86.h | 2 ++
2 files changed, 4 insertions(+), 1
Define VMX misc information fields with BIT_ULL()/GENMASK_ULL(), and move
VMX misc field macros to vmx.h if used in multiple files or where they are
used only once.
Signed-off-by: Xin Li
---
arch/x86/include/asm/msr-index.h | 5 -
arch/x86/include/asm/vmx.h | 12 +--
arch/x86
Enable the secondary VM exit controls to prepare for FRED enabling.
The activation of the secondary VM exit controls is off now, and it
will be switched on when a VMX feature needing it is enabled.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/include/asm/msr-index.h | 1 +
arch
to save/load FRED MSRs for
a non-FRED guest, which aren't supposed to access FRED MSRs.
A non-FRED guest should get #GP upon accessing FRED MSRs, otherwise
it corrupts host FRED MSRs.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/vmx.c
Add FRED MSRs to the valid passthrough MSR list and disable intercepting
FRED MSRs only if FRED is enumerated after set CPUID.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
arch/x86/kvm/vmx/vmx.c | 13 +
1 file changed, 13 insertions(+)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch
rs to extract info as needed.
Tested-by: Shan Kang
Signed-off-by: Xin Li
---
Changes since v2:
* Simply save the full/raw value of MSR_IA32_VMX_BASIC in the global
vmcs_config, and then use the helpers to extract info from it as
needed (Sean Christopherson).
* Move all VMX_MISC related chang
e enabling.
Patch 20-23 adds FRED selftests.
Shan Kang (1):
KVM: selftests: Add fred exception tests
Xin Li (22):
KVM: VMX: Cleanup VMX basic information defines and usages
KVM: VMX: Cleanup VMX misc information defines and usages
KVM: VMX: Add support for the secondary VM exit controls
50 matches
Mail list logo
