Re: Nested AVIC design (was:Re: [RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally)

On Thu, 2022-09-29 at 22:38 +, Sean Christopherson wrote: > On Mon, Aug 08, 2022, Maxim Levitsky wrote: > > Hi Sean, Paolo, and everyone else who wants to review my nested AVIC work. > > Before we dive deep into design details, I think we should first decide > whether >

Nested AVIC design (was:Re: [RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally)

On Mon, 2022-08-01 at 17:20 +, Sean Christopherson wrote: > On Thu, Jul 28, 2022, Maxim Levitsky wrote: > > On Mon, 2022-07-25 at 16:08 +, Sean Christopherson wrote: > > > On Wed, Jul 20, 2022, Maxim Levitsky wrote: > > > And on that topic, do you have performan

Re: [RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally

On Thu, 2022-07-28 at 10:46 +0300, Maxim Levitsky wrote: > On Mon, 2022-07-25 at 16:08 +, Sean Christopherson wrote: > > On Wed, Jul 20, 2022, Maxim Levitsky wrote: > > > On Sun, 2022-05-22 at 13:22 +0300, Maxim Levitsky wrote: > > > > On Thu, 2022-05-19 at 16

Re: [RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally

On Mon, 2022-07-25 at 16:08 +, Sean Christopherson wrote: > On Wed, Jul 20, 2022, Maxim Levitsky wrote: > > On Sun, 2022-05-22 at 13:22 +0300, Maxim Levitsky wrote: > > > On Thu, 2022-05-19 at 16:37 +, Sean Christopherson wrote: > > > > On Wed, Apr

Re: [RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally

On Sun, 2022-05-22 at 13:22 +0300, Maxim Levitsky wrote: > On Thu, 2022-05-19 at 16:37 +, Sean Christopherson wrote: > > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > > @@ -5753,6 +5752,10 @@ int kvm_mmu_init_vm(struct kvm *kvm) > > > node->t

Re: [RFC PATCH v3 02/19] KVM: x86: inhibit APICv/AVIC when the guest and/or host changes apic id/base from the defaults.

On Thu, 2022-05-19 at 16:06 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > Neither of these settings should be changed by the guest and it is > > a burden to support it in the acceleration code, so just inhibit > > it instead. > &

Re: [RFC PATCH v3 02/19] KVM: x86: inhibit APICv/AVIC when the guest and/or host changes apic id/base from the defaults.

On Sun, 2022-05-22 at 07:47 -0700, Jim Mattson wrote: > On Sun, May 22, 2022 at 2:03 AM Maxim Levitsky wrote: > > On Thu, 2022-05-19 at 16:06 +, Sean Christopherson wrote: > > > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > > > Neither of these settings should

Re: [RFC PATCH v3 06/19] KVM: x86: mmu: add gfn_in_memslot helper

On Thu, 2022-05-19 at 16:43 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > This is a tiny refactoring, and can be useful to check > > if a GPA/GFN is within a memslot a bit more cleanly. > > This doesn't explain the actual motivatio

Re: [RFC PATCH v3 14/19] KVM: x86: rename .set_apic_access_page_addr to reload_apic_access_page

On Thu, 2022-05-19 at 16:55 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > This will be used on SVM to reload shadow page of the AVIC physid table > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > > index d2f73ce87a1e3..ad744ab99

Re: [RFC PATCH v3 06/19] KVM: x86: mmu: add gfn_in_memslot helper

On Thu, 2022-05-19 at 16:43 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > This is a tiny refactoring, and can be useful to check > > if a GPA/GFN is within a memslot a bit more cleanly. > > This doesn't explain the actual motivatio

Re: [RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally

On Thu, 2022-05-19 at 16:37 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > @@ -5753,6 +5752,10 @@ int kvm_mmu_init_vm(struct kvm *kvm) > > node->track_write = kvm_mmu_pte_write; > > node->track_flush_slot = kvm_mmu_inva

Re: [RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally

On Thu, 2022-05-19 at 16:27 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > This will be used to enable write tracking from nested AVIC code > > and can also be used to enable write tracking in GVT-g module > > when it actually uses it

Re: [RFC PATCH v3 02/19] KVM: x86: inhibit APICv/AVIC when the guest and/or host changes apic id/base from the defaults.

On Thu, 2022-05-19 at 16:06 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > Neither of these settings should be changed by the guest and it is > > a burden to support it in the acceleration code, so just inhibit > > it instead. > &

Re: [RFC PATCH v3 03/19] KVM: x86: SVM: remove avic's broken code that updated APIC ID

On Thu, 2022-05-19 at 16:10 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > AVIC is now inhibited if the guest changes apic id, thus remove > > that broken code. > > Can you explicitly call out what's broken? Just something short on

Re: [RFC PATCH v3 02/19] KVM: x86: inhibit APICv/AVIC when the guest and/or host changes apic id/base from the defaults.

On Wed, 2022-05-18 at 15:39 +, Sean Christopherson wrote: > On Wed, May 18, 2022, Maxim Levitsky wrote: > > On Wed, 2022-05-18 at 16:28 +0800, Chao Gao wrote: > > > > struct kvm_arch { > > > > @@ -1258,6 +1260,7 @@ struct kvm_arch { &g

Re: [RFC PATCH v3 01/19] KVM: x86: document AVIC/APICv inhibit reasons

On Wed, 2022-05-18 at 15:56 +, Sean Christopherson wrote: > On Wed, Apr 27, 2022, Maxim Levitsky wrote: > > These days there are too many AVIC/APICv inhibit > > reasons, and it doesn't hurt to have some documentation > > for them. > > Please wrap at ~75 ch

Re: [RFC PATCH v3 02/19] KVM: x86: inhibit APICv/AVIC when the guest and/or host changes apic id/base from the defaults.

On Wed, 2022-05-18 at 19:51 +0800, Chao Gao wrote: > On Wed, May 18, 2022 at 12:50:27PM +0300, Maxim Levitsky wrote: > > > > struct kvm_arch { > > > > @@ -1258,6 +1260,7 @@ struct kvm_arch { > > > > hpa_t hv_root_tdp; > > > >

Re: [RFC PATCH v3 02/19] KVM: x86: inhibit APICv/AVIC when the guest and/or host changes apic id/base from the defaults.

On Wed, 2022-05-18 at 16:28 +0800, Chao Gao wrote: > On Wed, Apr 27, 2022 at 11:02:57PM +0300, Maxim Levitsky wrote: > > Neither of these settings should be changed by the guest and it is > > a burden to support it in the acceleration code, so just inhibit > > it instead

[RFC PATCH v3 19/19] KVM: x86: nSVM: expose the nested AVIC to the guest

This patch enables and exposes to the nested guest the support for the nested AVIC. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 099329711ad13..431281ccc40ef 100644 --- a

[RFC PATCH v3 18/19] KVM: x86: SVM/nSVM: add optional non strict AVIC doorbell mode

U mapping, this mode can be useful to avoid VM exits when a vCPU has a userspace VM exit and such. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 16 +--- arch/x86/kvm/svm/svm.c | 25 + 2 files changed, 30 insertions(+), 11 deletions(-) diff --git

[RFC PATCH v3 17/19] KVM: x86: nSVM: implement nested AVIC doorbell emulation

This patch implements the doorbell msr emulation for nested AVIC. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 49 + arch/x86/kvm/svm/svm.c | 2 ++ arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 52 insertions(+) diff --git a/arch/x86

[RFC PATCH v3 16/19] KVM: x86: nSVM: implement support for nested AVIC vmexits

he guest, and some had it set to false due to scheduled out L1 vCPUs. To support this case, all relevant entries of guest's physical and logical id tables are checked, and both host related actions (e.g wakeup) and guest vm exit reflection are done. Signed-off-by: Maxim Levitsky ---

[RFC PATCH v3 15/19] KVM: x86: nSVM: add code to reload AVIC physid table when it is invalidated

the above causes a KVM_REQ_APIC_PAGE_RELOAD request to be raised on all vCPUS, which kicks them out of the guest mode, and then first vCPU to reach the handler will re-create the entries of the physid page, and others will notice this and do nothing. Signed-off-by: Maxim Levitsky --- arch/x86/kvm

[RFC PATCH v3 14/19] KVM: x86: rename .set_apic_access_page_addr to reload_apic_access_page

This will be used on SVM to reload shadow page of the AVIC physid table No functional change intended Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm-x86-ops.h | 2 +- arch/x86/include/asm/kvm_host.h| 3 +-- arch/x86/kvm/vmx/vmx.c | 8 arch/x86/kvm/x86.c

[RFC PATCH v3 13/19] KVM: x86: nSVM: wire nested AVIC to nested guest entry/exit

c backing pages are pinned as long as the shadow table is not invalidated/ freed. * Cache guest AVIC settings. * Add SDM mandated changes to emulated VM enter/exit. Note that nested AVIC still can't be enabled, thus this code has no effect yet. Signed-off-by: Maxim Levitsk

[RFC PATCH v3 12/19] KVM: x86: nSVM: make nested AVIC physid write tracking be aware of the host scheduling

, use a spinlock. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 113 +--- arch/x86/kvm/svm/svm.c | 7 +++ arch/x86/kvm/svm/svm.h | 10 3 files changed, 122 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm

[RFC PATCH v3 11/19] KVM: x86: nSVM: implement shadowing of AVIC's physical id table

Implement the shadow physical id table and its write tracking code which will be soon used for the nested AVIC. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 461 +++- arch/x86/kvm/svm/svm.h | 71 +++ 2 files changed, 524 insertions(+), 8

[RFC PATCH v3 10/19] KVM: x86: nSVM: implement AVIC's physid/logid table access helpers

This implements a few helpers that help manipulate the AVIC's physical and logical id table entries. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.h | 45 ++ 1 file changed, 45 insertions(+) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kv

[RFC PATCH v3 09/19] KVM: x86: nSVM: add nested AVIC tracepoints

This patch adds few tracepoints that will be used to debug/profile the nested AVIC. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/trace.h | 157 ++- arch/x86/kvm/x86.c | 13 2 files changed, 169 insertions(+), 1 deletion(-) diff --git a/arch/x86

[RFC PATCH v3 08/19] KVM: x86: SVM: move avic state to separate struct

This will make the code a bit easier to read when nested AVIC support is added. No functional change intended. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 51 +++-- arch/x86/kvm/svm/svm.h | 14 ++- 2 files changed, 37 insertions

[RFC PATCH v3 07/19] KVM: x86: mmu: tweak fast path for emulation of access to nested NPT pages

callback be called, because there is no mmu page at this address. Fix this by only invoking the fast path if we succeeded in zapping the mmu page. Fixes: 147277540bbc5 ("kvm: svm: Add support for additional SVM NPF error codes") Signed-off-by: Maxim Levitsky --- arch/x86/kvm/mmu/mmu.c |

[RFC PATCH v3 06/19] KVM: x86: mmu: add gfn_in_memslot helper

This is a tiny refactoring, and can be useful to check if a GPA/GFN is within a memslot a bit more cleanly. Signed-off-by: Maxim Levitsky --- include/linux/kvm_host.h | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/include/linux/kvm_host.h b/include/linux

[RFC PATCH v3 04/19] KVM: x86: mmu: allow to enable write tracking externally

This will be used to enable write tracking from nested AVIC code and can also be used to enable write tracking in GVT-g module when it actually uses it as opposed to always enabling it, when the module is compiled in the kernel. No functional change intended. Signed-off-by: Maxim Levitsky

[RFC PATCH v3 05/19] x86: KVMGT: use kvm_page_track_write_tracking_enable

This allows to enable the write tracking only when KVMGT is actually used and doesn't carry any penalty otherwise. Tested by booting a VM with a kvmgt mdev device. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/Kconfig | 3 --- arch/x86/kvm/mmu/mmu.c | 2 +- driver

[RFC PATCH v3 03/19] KVM: x86: SVM: remove avic's broken code that updated APIC ID

AVIC is now inhibited if the guest changes apic id, thus remove that broken code. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 35 --- 1 file changed, 35 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index

[RFC PATCH v3 02/19] KVM: x86: inhibit APICv/AVIC when the guest and/or host changes apic id/base from the defaults.

Neither of these settings should be changed by the guest and it is a burden to support it in the acceleration code, so just inhibit it instead. Also add a boolean 'apic_id_changed' to indicate if apic id ever changed. Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm_h

[RFC PATCH v3 01/19] KVM: x86: document AVIC/APICv inhibit reasons

These days there are too many AVIC/APICv inhibit reasons, and it doesn't hurt to have some documentation for them. Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm_host.h | 15 +++ 1 file changed, 15 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arc

[RFC PATCH v3 00/19] RFC: nested AVIC

This is V3 of my nested AVIC patches. I fixed few more bugs, and I also split the cod insto smaller patches. Review is welcome! Best regards, Maxim Levitsky Maxim Levitsky (19): KVM: x86: document AVIC/APICv inhibit reasons KVM: x86: inhibit APICv/AVIC when the guest and/or host

Re: [RFC PATCH v2 04/10] KVM: x86: mmu: tweak fast path for emulation of access to nested NPT pages

On Thu, 2022-04-21 at 08:12 +0300, Maxim Levitsky wrote: > --- > arch/x86/kvm/mmu/mmu.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > index 23f895d439cf5..b63398dfdac3b 100644 > --- a/arch/x86/

[RFC PATCH v2 10/10] KVM: SVM: allow to avoid not needed updates to is_running

. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 19 --- arch/x86/kvm/svm/svm.c | 19 ++- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 27 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 9176c35662ada

[RFC PATCH v2 09/10] KVM: nSVM: implement support for nested AVIC

This implements initial support of using the AVIC in a nested guest Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 850 +- arch/x86/kvm/svm/nested.c | 131 +- arch/x86/kvm/svm/svm.c| 18 + arch/x86/kvm/svm/svm.h| 150 +++ arch

[RFC PATCH v2 08/10] KVM: x86: rename .set_apic_access_page_addr to reload_apic_access_page

This will be used on SVM to reload shadow page of the AVIC physid table No functional change intended Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm-x86-ops.h | 2 +- arch/x86/include/asm/kvm_host.h| 3 +-- arch/x86/kvm/vmx/vmx.c | 8 arch/x86/kvm/x86.c

[RFC PATCH v2 07/10] KVM: x86: SVM: move avic state to separate struct

This will make the code a bit easier to read when nested AVIC support is added. No functional change intended. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 49 +++-- arch/x86/kvm/svm/svm.h | 14 +++- 2 files changed, 36 insertions

[RFC PATCH v2 06/10] KVM: x86: SVM: remove avic's broken code that updated APIC ID

Now that KVM doesn't allow to change APIC ID in case AVIC is enabled, remove buggy AVIC code that tried to do so. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 35 --- 1 file changed, 35 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arc

[RFC PATCH v2 05/10] KVM: x86: lapic: don't allow to change APIC ID when apic acceleration is enabled

No normal guest has any reason to change physical APIC IDs, and allowing this introduces bugs into APIC acceleration code. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/lapic.c | 28 +++- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm

[RFC PATCH v2 04/10] KVM: x86: mmu: tweak fast path for emulation of access to nested NPT pages

--- arch/x86/kvm/mmu/mmu.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 23f895d439cf5..b63398dfdac3b 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5315,8 +5315,8 @@ int kvm_mmu_page_fault(struct

[RFC PATCH v2 03/10] KVM: x86: mmu: add gfn_in_memslot helper

This is a tiny refactoring, and can be useful to check if a GPA/GFN is within a memslot a bit more cleanly. Signed-off-by: Maxim Levitsky --- include/linux/kvm_host.h | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/include/linux/kvm_host.h b/include/linux

[RFC PATCH v2 02/10] x86: KVMGT: use kvm_page_track_write_tracking_enable

This allows to enable the write tracking only when KVMGT is actually used and doesn't carry any penalty otherwise. Tested by booting a VM with a kvmgt mdev device. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/Kconfig | 3 --- arch/x86/kvm/mmu/mmu.c | 2 +- driver

[RFC PATCH v2 01/10] KVM: x86: mmu: allow to enable write tracking externally

This will be used to enable write tracking from nested AVIC code and can also be used to enable write tracking in GVT-g module when it actually uses it as opposed to always enabling it, when the module is compiled in the kernel. No functional change intended. Signed-off-by: Maxim Levitsky

[RFC PATCH v2 00/10] RFCv2: nested AVIC

Best regards, Maxim Levitsky Maxim Levitsky (10): KVM: x86: mmu: allow to enable write tracking externally x86: KVMGT: use kvm_page_track_write_tracking_enable KVM: x86: mmu: add gfn_in_memslot helper KVM: x86: mmu: tweak fast path for emulation of access to nested NPT pages

[PATCH v3 11/11] KVM: SVM: allow to avoid not needed updates to is_running

running. This in theory can be considered less secure, thus this option is not enabled by default. The option is avic_doorbell_strict and is true by default, setting it to false allows this relaxed non strict mode. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 39

[PATCH v3 10/11] KVM: nSVM: implement support for nested AVIC

This implements initial support of using the AVIC in a nested guest Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/svm.h | 8 +- arch/x86/kvm/svm/avic.c| 640 - arch/x86/kvm/svm/nested.c | 127 +++- arch/x86/kvm/svm/svm.c | 25 ++ arch

[PATCH v3 09/11] KVM: x86: rename .set_apic_access_page_addr to reload_apic_access_page

This will be used on SVM to reload shadow page of the AVIC physid table No functional change intended Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm-x86-ops.h | 2 +- arch/x86/include/asm/kvm_host.h| 3 +-- arch/x86/kvm/vmx/vmx.c | 8 arch/x86/kvm/x86.c

[PATCH v3 08/11] KVM: x86: SVM: move avic state to separate struct

This will make the code a bit easier to read when nested AVIC support is added. No functional change intended. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 49 +++-- arch/x86/kvm/svm/svm.h | 14 +++- 2 files changed, 36 insertions

[PATCH v3 07/11] KVM: x86: SVM: remove avic's broken code that updated APIC ID

Now that KVM doesn't allow to change APIC ID in case AVIC is enabled, remove buggy AVIC code that tried to do so. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 35 --- 1 file changed, 35 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arc

[PATCH v3 06/11] KVM: x86: lapic: don't allow to change APIC ID when apic acceleration is enabled

No normal guest has any reason to change physical APIC IDs, and allowing this introduces bugs into APIC acceleration code. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/lapic.c | 28 +++- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm

[PATCH v3 05/11] KVM: x86: mmu: add gfn_in_memslot helper

This is a tiny refactoring, and can be useful to check if a GPA/GFN is within a memslot a bit more cleanly. Signed-off-by: Maxim Levitsky --- include/linux/kvm_host.h | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/include/linux/kvm_host.h b/include/linux

[PATCH v3 04/11] x86: KVMGT: use kvm_page_track_write_tracking_enable

This allows to enable the write tracking only when KVMGT is actually used and doesn't carry any penalty otherwise. Tested by booting a VM with a kvmgt mdev device. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/Kconfig | 3 --- arch/x86/kvm/mmu/mmu.c | 2 +- driver

[PATCH v3 03/11] KVM: x86: mmu: allow to enable write tracking externally

This will be used to enable write tracking from nested AVIC code and can also be used to enable write tracking in GVT-g module when it actually uses it as opposed to always enabling it, when the module is compiled in the kernel. No functional change intended. Signed-off-by: Maxim Levitsky

[PATCH v3 02/11] KVM: x86: SVM: allow AVIC to co-exist with a nested guest running

;t bother doing so for now. Plus when nested AVIC is implemented, the nested guest will likely use it, which will not allow this optimization to be used (can't use real AVIC to support both L1 and L2 at the same time) Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm-x86-ops.h | 1

[PATCH v3 01/11] KVM: x86: SVM: move nested_npt_enabled to svm.h

It will be used in other places Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 5 - arch/x86/kvm/svm/svm.h| 9 + 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 96bab464967f2..62cda8ae71bbc

[PATCH v3 00/11] RFC: nested AVIC

AVIC enabled), I also did a light test with VFIO passthrough. Suggestions, comments are welcome. Best regards, Maxim Levitsky Maxim Levitsky (11): KVM: x86: SVM: move nested_npt_enabled to svm.h KVM: x86: SVM: allow AVIC to co-exist with a nested guest running KVM: x86: mmu: all

[PATCH 30/30] KVM: x86: get rid of KVM_REQ_GET_NESTED_STATE_PAGES

and there is a good chance that no userspace relies on this, thus just try to remove this code. Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm_host.h | 5 +- arch/x86/kvm/hyperv.c | 4 ++ arch/x86/kvm/svm/nested.c | 50 - arch/x86/kvm/svm/svm.c

[PATCH 29/30] KVM: VMX: implement force_intercept_exceptions_mask

All exceptions are supported. Some bugs might remain in regard to KVM own interception of #PF but since this is strictly debug feature this should be OK. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/vmx/nested.c | 8 +++ arch/x86/kvm/vmx/vmcs.h | 6 + arch/x86/kvm/vmx/vmx.c

[PATCH 28/30] KVM: SVM: implement force_intercept_exceptions_mask

Currently #TS interception is only done once. Also exception interception is not enabled for SEV guests. Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm_host.h | 2 + arch/x86/include/uapi/asm/kvm.h | 1 + arch/x86/kvm/svm/svm.c | 92 - arch

[PATCH 27/30] KVM: x86: add force_intercept_exceptions_mask

-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm_host.h | 7 +++ arch/x86/kvm/x86.c | 9 + arch/x86/kvm/x86.h | 5 + 3 files changed, 21 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 428ab1cc7dd34

[PATCH 26/30] KVM: x86: nSVM: implement nested vGIF

ing nested vGIF. Also allow KVM to toggle L1's GIF during nested entry/exit by always using vmcb01. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 17 + arch/x86/kvm/svm/svm.c| 5 + arch/x86/kvm/svm/svm.h| 25 + 3 files ch

[PATCH 25/30] KVM: x86: nSVM: support PAUSE filter threshold and count when cpu_pm=on

Allow L1 to use these settings if L0 disables PAUSE interception (AKA cpu_pm=on) Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 6 ++ arch/x86/kvm/svm/svm.c| 17 + arch/x86/kvm/svm/svm.h| 2 ++ 3 files changed, 25 insertions(+) diff --git a/arch/x86

[PATCH 24/30] KVM: x86: nSVM: implement nested VMLOAD/VMSAVE

This was tested by booting L1,L2,L3 (all Linux) and checking that no VMLOAD/VMSAVE vmexits happened. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 35 +-- arch/x86/kvm/svm/svm.c| 7 +++ arch/x86/kvm/svm/svm.h| 8 +++- 3 files

[PATCH 22/30] KVM: x86: nSVM: correctly virtualize LBR msrs when L2 is running

When L2 is running without LBR virtualization, we should ensure that L1's LBR msrs continue to update as usual. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 11 + arch/x86/kvm/svm/svm.c| 98 +++ arch/x86/kvm/svm/svm.h| 2

[PATCH 23/30] KVM: x86: nSVM: implement nested LBR virtualization

This was tested with kvm-unit-test that was developed for this purpose. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 21 +++-- arch/x86/kvm/svm/svm.c| 8 arch/x86/kvm/svm/svm.h| 1 + 3 files changed, 28 insertions(+), 2 deletions(-) diff

[PATCH 21/30] x86: KVMGT: use kvm_page_track_write_tracking_enable

This allows to enable the write tracking only when KVMGT is actually used and doesn't carry any penalty otherwise. Tested by booting a VM with a kvmgt mdev device. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/Kconfig | 3 --- arch/x86/kvm/mmu/mmu.c | 2 +- driver

[PATCH 20/30] KVM: x86: mmu: allow to enable write tracking externally

This will be used to enable write tracking from nested AVIC code and can also be used to enable write tracking in GVT-g module when it actually uses it as opposed to always enabling it, when the module is compiled in the kernel. No functional change intended. Signed-off-by: Maxim Levitsky

[PATCH 19/30] KVM: x86: mmu: add gfn_in_memslot helper

This is a tiny refactoring, and can be useful to check if a GPA/GFN is within a memslot a bit more cleanly. Signed-off-by: Maxim Levitsky --- include/linux/kvm_host.h | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/include/linux/kvm_host.h b/include/linux

[PATCH 18/30] KVM: x86: mmu: add strict mmu mode

option together with legacy paging (npt/ept=0) allows to correctly simulate such old MMU while still getting most of the benefits of the virtualization. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/mmu/mmu.c | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/a

[PATCH 17/30] KVM: x86: mmu: trace kvm_mmu_set_spte after the new SPTE was set

It makes more sense to print new SPTE value than the old value. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/mmu/mmu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 296f8723f9ae9..43c7abdd6b70f 100644 --- a/arch/x86

[PATCH 16/30] KVM: x86: SVM: allow to force AVIC to be enabled

Apparently on some systems AVIC is disabled in CPUID but still usable. Allow the user to override the CPUID if the user is willing to take the risk. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86

[PATCH 15/30] KVM: x86: SVM: remove avic's broken code that updated APIC ID

Now that KVM doesn't allow to change APIC ID in case AVIC is enabled, remove buggy AVIC code that tried to do so. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 35 --- 1 file changed, 35 deletions(-) diff --git a/arch/x86/kvm/svm/avic.c b/arc

[PATCH 14/30] KVM: x86: lapic: don't allow to change local apic id when using older x2apic api

KVM allowed to set non boot apic id via setting apic state if using older non x2apic 32 bit apic id userspace api. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/lapic.c | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm

[PATCH 13/30] KVM: x86: lapic: don't allow to change APIC ID when apic acceleration is enabled

No normal guest has any reason to change physical APIC IDs, and allowing this introduces bugs into APIC acceleration code. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/lapic.c | 28 ++-- 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm

[PATCH 11/30] KVM: x86: SVM: use vmcb01 in avic_init_vmcb

Out of precation use vmcb01 when enabling host AVIC. No functional change intended. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/avic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c index 4c2d622b3b9f0..c6072245f7fbb

[PATCH 12/30] KVM: x86: SVM: allow AVIC to co-exist with a nested guest running

;t bother doing so for now. Plus when nested AVIC is implemented, the nested guest will likely use it, which will not allow this optimization to be used (can't use real AVIC to support both L1 and L2 at the same time) Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/kvm-x86-ops.h | 1

[PATCH 10/30] KVM: x86: SVM: fix race between interrupt delivery and AVIC inhibition

er KVM or the processor. Also incomplete IPI vmexit also has the same races as svm_deliver_avic_intr. Therefore use the avic_kick_target_vcpu there as well. Co-developed-by: Paolo Bonzini Signed-off-by: Paolo Bonzini Signed-off-by: Maxim Levitsky --- arch/x86/kvm/sv

[PATCH 09/30] KVM: x86: SVM: move avic definitions from AMD's spec to svm.h

asm/svm.h is the correct place for all values that are defined in the SVM spec, and that includes AVIC. Also add some values from the spec that were not defined before and will be soon useful. Signed-off-by: Maxim Levitsky --- arch/x86/include/asm/msr-index.h | 1 + arch/x86/include/asm/svm.h

[PATCH 08/30] KVM: x86: lapic: don't touch irr_pending in kvm_apic_update_apicv when inhibiting it

ing set to true and let the next interrupt injection to the guest clear it. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/lapic.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 0da7d0960fcb5..dd4e2888c244b 100644 --- a/ar

[PATCH 07/30] KVM: x86: nSVM: deal with L1 hypervisor that intercepts interrupts but lets L2 control them

only 'vmexit on external interrupts' execution control which either set, in which case both host and guest's EFLAGS.IF are ignored, or not set, in which case no VMexits are delivered. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 17 + 1 file changed,

[PATCH 06/30] KVM: x86: mark syntethic SMM vmexit as SVM_EXIT_SW

Use a dummy unused vmexit reason to mark the 'VM exit' that is happening when we exit to handle SMM, which is not a real VM exit. This makes it a bit easier to read the KVM trace, and avoids other potential problems. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/svm.c | 2

[PATCH 05/30] KVM: x86: nSVM: expose clean bit support to the guest

KVM already honours few clean bits thus it makes sense to let the nested guest know about it. Note that KVM also doesn't check if the hardware supports clean bits, and therefore nested KVM was already setting clean bits and L0 KVM was already honouring them. Signed-off-by: Maxim Lev

[PATCH 04/30] KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which is a result of RSM

setting. Signed-off-by: Maxim Levitsky Cc: sta...@vger.kernel.org --- arch/x86/kvm/svm/svm.c | 5 + arch/x86/kvm/vmx/vmx.c | 1 + 2 files changed, 6 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 3f1d11e652123..71bfa52121622 100644 --- a/arch/x86/kvm/svm

[PATCH 03/30] KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved state

hardware this usually doesn't happen, but when running nested, L0's KVM does check and honour few dirty bits, causing this issue to happen. This patch fixes boot of hyperv and SMM enabled windows VM running nested on KVM. Signed-off-by: Maxim Levitsky Cc: sta...@vger.kernel.org --- arch/x

[PATCH 02/30] KVM: x86: nSVM: fix potential NULL derefernce on nested migration

ialize the walk_mmu, which is main issue the patch was addressing. Fix this for real. Fixes: 232f75d3b4b5 ("KVM: nSVM: call nested_svm_load_cr3 on nested state load") Cc: sta...@vger.kernel.org Signed-off-by: Maxim Levitsky --- arch/x86/kvm/svm/nested.c | 26 ++

[PATCH 01/30] KVM: x86: SVM: don't passthrough SMAP/SMEP/PKE bits in !NPT && !gCR0.PG case

of windows 10 without NPT for good. (Without this patch, BSP boots, but APs were stuck in endless loop of page faults, causing the VM boot with 1 CPU) Signed-off-by: Maxim Levitsky Cc: sta...@vger.kernel.org --- arch/x86/kvm/svm/svm.c | 12 ++-- 1 file changed, 10 insertions(+), 2 dele

[PATCH 00/30] My patch queue

will start testing very soon. Best regards, Maxim Levitsky Maxim Levitsky (30): KVM: x86: SVM: don't passthrough SMAP/SMEP/PKE bits in !NPT && !gCR0.PG case KVM: x86: nSVM: fix potential NULL derefernce on nested migration KVM: x86: nSVM: mark vmcb01 as dirty when

Re: Couple of issues with amdgpu on my WX4100

issues/1429 https://gitlab.freedesktop.org/drm/amd/-/issues/1430 About the EDID issue, there do seem to be few open bugs about it, but what differs in my case I think is that EDID failure happens only once in a while, rather that always, and it seems to bring the whole device down. Best regar

Re: Couple of issues with amdgpu on my WX4100

ge while already in > use by the user. Thanks, As mentioned in other replies in this thread and what my first thought about this, this will indeed will break on devices which don't accurately report the maximum bar size that they actually need. Even the spec itself says that it is v

Re: Kernel issues with Radeon Pro WX4100 and DP->HDMI dongles

On Thu, 2020-06-25 at 10:14 +0300, Maxim Levitsky wrote: > Hi, > > I recently tried to connect my TV and WX4100 via two different DP->HDMI > dongles. > One of them makes my main monitor to go dark, and system to lockup (I haven't > yet debugged this futher), and t

Kernel issues with Radeon Pro WX4100 and DP->HDMI dongles

at the crash doesn't happen, but it might have beeing luck. On top of all this, I tried a 3rd dongle and it does appear to work flawlessly (no messages in dmesg). Best regards, Maxim Levitsky ___ dri-devel mailing list dri-devel@lists.fr

[bisected] nouveau: "Failed to idle channel x" after resume

Sven I confirm exactly the same thing. Here suspend takes more that 10 seconds: [ 2165.363878] nouveau [ DRM][:01:00.0] suspending fbcon... [ 2165.363885] nouveau [ DRM][:01:00.0] suspending display... [ 2165.475791] sd 0:0:0:0: [sda] Stopping disk [ 2166.396877] nouveau [ DRM][:01:00.0] unpinning framebuffer(s)... [ 2166.396926] nouveau [ DRM][:01:00.0] evicting buffers... [ 2174.809084] nouveau [ DRM][:01:00.0] suspending client object trees... [ 2177.950222] nouveau :01:00.0: power state changed by ACPI to D3 Best regards, Maxim Levitsky

Re: [bisected] nouveau: "Failed to idle channel x" after resume

Sven I confirm exactly the same thing. Here suspend takes more that 10 seconds: [ 2165.363878] nouveau [ DRM][:01:00.0] suspending fbcon... [ 2165.363885] nouveau [ DRM][:01:00.0] suspending display... [ 2165.475791] sd 0:0:0:0: [sda] Stopping disk [ 2166.396877] nouveau [ D

[bisected] nouveau: "Failed to idle channel x" after resume

On Sat, 2012-08-04 at 17:41 +0300, Maxim Levitsky wrote: > On Mon, 2012-07-23 at 18:25 +0300, Aioanei Rares wrote: > > On Thu, Jul 5, 2012 at 11:24 PM, Martin Nyhus > > wrote: > > > > > > On Mon, 11 Jun 2012 23:18:42 +0200 Martin Nyhus wrote: > > > &g

  1   2   >