On Tue, 2017-11-21 at 08:29 -0700, Jan Beulich wrote:
> > > > On 21.11.17 at 15:07, wrote:
> >
> > On 21/11/17 13:22, Jan Beulich wrote:
> > > > > > On 09.11.17 at 15:49, wrote:
> > > >
> > > > See the code comment being added for why we need this.
> > > >
> > > > Reported-by: Igor Druzhinin
On Thu, 2017-11-09 at 07:49 -0700, Jan Beulich wrote:
> See the code comment being added for why we need this.
>
> Reported-by: Igor Druzhinin
> Signed-off-by: Jan Beulich
>
> --- a/xen/arch/x86/hvm/vmx/vmx.c
> +++ b/xen/arch/x86/hvm/vmx/vmx.c
> @@ -479,7 +479,13 @@ static void vmx_vcpu_destroy
On Thu, 2017-11-09 at 03:17 -0700, Jan Beulich wrote:
> > > > On 09.11.17 at 10:54, wrote:
> >
> > On Tue, 2017-11-07 at 14:24 +, Igor Druzhinin wrote:
> > > Perhaps I should improve my diagram:
> > >
> > > pCPU1: vCPUx of domain X -> migrate to pCPU2 -> switch to idle
> > > context
> > > ->
t: FAILURE
This happens because SDM allows vmentries with enabled VMCS shadowing
VM-execution control and VMCS link pointer value of ~0ull. But results
of a nested VMREAD are undefined in such cases.
Fix this by not copying the value of VMCS shadowing control from vmcs01
to vmcs02.
Signed-off-
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmx.c | 6 --
xen/arch/x86/hvm/vmx/vvmx.c| 178 -
xen/arch/x86/msr.c | 37
xen/include/asm-x86/hvm/vmx/vvmx.h | 2 -
4 files changed, 37 insertions(+), 186 del
olicy() which changes availability of
VMX MSRs based on domain's nested virt settings. Unavailable MSRs are
zeroed which allows checking availability bits in them directly without
preliminary checks (e.g. cpuid->basic.vmx, activate_secondary_controls,
enable_ept).
Signed-off-by: Sergey Dya
With the new cpuid infrastructure there is a domain-wide struct cpuid
policy and there is no need to pass a separate struct vcpu * into
hvm_cr4_guest_valid_bits() anymore. Make the function accept struct
domain * instead and update callers.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm
disabled if Xen decides not
to use them. For now, make Host policy equal to Raw policy.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr.c | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index baba44f43d
ed by guest_rd/wrmsr().
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr.c | 129 +
1 file changed, 129 insertions(+)
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index 7ac0fceb49..ff270befbb 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arc
Add calculate_raw_vmx_policy() which fills Raw policy with H/W values
of VMX MSRs. Host policy will contain a copy of these values.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr.c | 33 +
1 file changed, 33 insertions(+)
diff --git a/xen/arch/x86/msr.c b/xen
Every bit value is accessible by its name and bit names match existing
Xen's definitions as close as possible. There is a "raw" 64-bit field
for each MSR as well as "raw" arrays for vmx and vmx_true_ctls blocks.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr.c|
dropped
- Separate patch for hvm_cr4_guest_valid_bits() is added
v2 --> v3:
- Rebase on top of Generic MSR Policy
- Each VMX MSR now has its own availability flag
- VMX MSRs are now completely defined during domain creation
(all CPUID policy changes are taken into account)
Sergey Dyasli (7)
On Mon, 2017-10-16 at 15:01 +0100, Andrew Cooper wrote:
> On 16/10/17 08:42, Sergey Dyasli wrote:
> > +
> > +secondary_available =
> > +dp->vmx_procbased_ctls.u.allowed_1.activate_secondary_controls;
> > +
> > +switch (msr)
> &g
On Fri, 2017-10-13 at 16:38 +0100, Andrew Cooper wrote:
> On 13/10/17 13:35, Sergey Dyasli wrote:
> > diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
> > index a22e3dfaf2..2527fdd1d1 100644
> > --- a/xen/arch/x86/msr.c
> > +++ b/xen/arch/x86/msr.c
&
On Fri, 2017-10-13 at 16:25 +0100, Andrew Cooper wrote:
> On 13/10/17 13:35, Sergey Dyasli wrote:
> > diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> > index 205b4cb685..7e6b15f8d7 100644
> > --- a/xen/arch/x86/hvm/hvm.c
> > +++ b/xen/arch/x86/hvm/hvm.c
&g
On Fri, 2017-10-13 at 16:16 +0100, Andrew Cooper wrote:
> On 13/10/17 13:35, Sergey Dyasli wrote:
> > @@ -210,6 +375,255 @@ struct msr_domain_policy
> > bool available; /* This MSR is non-architectural */
> > bool cpuid_faulting;
&g
Add calculate_raw_vmx_policy() which fills Raw policy with H/W values
of VMX MSRs. Host policy will contain a copy of these values.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr.c | 77 ++
1 file changed, 77 insertions(+)
diff --git a/xen
ed by guest_rd/wrmsr().
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr.c | 140 +
1 file changed, 140 insertions(+)
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index 955aba0849..388f19e50d 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arc
ity flag
- VMX MSRs are now completely defined during domain creation
(all CPUID policy changes are taken into account)
Sergey Dyasli (6):
x86/msr: add Raw and Host domain policies
x86/msr: add VMX MSRs into struct msr_domain_policy
x86/msr: read VMX MSRs values into Raw policy
x86/msr: add
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmx.c | 6 --
xen/arch/x86/hvm/vmx/vvmx.c| 178 -
xen/arch/x86/msr.c | 34 +++
xen/include/asm-x86/hvm/vmx/vvmx.h | 2 -
4 files changed, 34 insertions(+), 186 del
disabled if Xen decides not
to use them. For now, make Host policy equal to Raw policy.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr.c | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index baba44f43d
New definitions provide a convenient way of accessing contents of
VMX MSRs: every bit value is accessible by its name and there is a
"raw" 64-bit msr value. Bit names match existing Xen's definitions
as close as possible.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/msr
olicy() which changes availability of
VMX MSRs based on domain's nested virt settings.
Introduce hvm_cr4_domain_valid_bits() which accepts struct domain *
instead of struct vcpu *.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/domctl.c | 1 +
xen/arch/x86/hvm/hvm.c| 8 +++--
On Thu, 2017-10-05 at 03:27 -0600, Jan Beulich wrote:
> > > > On 05.10.17 at 10:18, wrote:
> >
> > --- a/xen/arch/x86/hvm/vmx/entry.S
> > +++ b/xen/arch/x86/hvm/vmx/entry.S
> > @@ -80,7 +80,7 @@ UNLIKELY_END(realmode)
> > mov %rsp,%rdi
> > call vmx_vmenter_helper
> > c
On Wed, 2017-10-04 at 15:55 +0100, Andrew Cooper wrote:
> > >
> > > -void vmx_vmenter_helper(const struct cpu_user_regs *regs)
> > > +int vmx_vmenter_helper(const struct cpu_user_regs *regs)
> >
> > ...Andy, did you want a comment here explaining what the return value is
> > supposed to mean? (A
Remove some code duplication.
Suggested-by: George Dunlap
Signed-off-by: Sergey Dyasli
Reviewed-by: George Dunlap
---
xen/arch/x86/mm/p2m.c | 25 ++---
1 file changed, 10 insertions(+), 15 deletions(-)
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index
first look
for another nested p2m in the same domain with the same base pointer,
before reclaiming one from the LRU.
Signed-off-by: Sergey Dyasli
Signed-off-by: George Dunlap
---
xen/arch/x86/hvm/vmx/vvmx.c | 1 +
xen/arch/x86/mm/p2m.c | 26 ++
2 files change
sh the vcpu's nested p2m pointer (and update nv->generation) if
the generation changed
Signed-off-by: Sergey Dyasli
Signed-off-by: George Dunlap
---
v2 --> v3:
- current pointer is now calculated only once in np2m_schedule()
- Replaced "shadow p2m" with "np2m&quo
Remove np2m_base parameter as it should always match the value of
np2m_base in VMCx12.
Signed-off-by: Sergey Dyasli
Reviewed-by: George Dunlap
---
xen/arch/x86/hvm/svm/nestedsvm.c | 6 +-
xen/arch/x86/hvm/vmx/vvmx.c | 3 +--
xen/arch/x86/mm/hap/nested_hap.c | 2 +-
xen/arch/x86/mm
with HVM's one
- Patch "x86/vvmx: add stale_eptp flag" is split into
"x86/np2m: add stale_np2m flag" and
"x86/vvmx: restart nested vmentry in case of stale_np2m"
- Added "x86/np2m: refactor p2m_get_nestedp2m_locked()" patch
- I've d
efore entering the
guest and restart the vmentry if it's set.
Signed-off-by: Sergey Dyasli
Signed-off-by: George Dunlap
---
v2 --> v3:
- current pointer is now calculated only once in nvmx_eptp_update()
---
xen/arch/x86/hvm/nestedhvm.c | 2 ++
xen/arch/x86/hvm/vmx/entry.S | 6 ++
1. Add a helper function assign_np2m()
2. Remove useless volatile
3. Update function's comment in the header
4. Minor style fixes ('\n' and d)
Signed-off-by: Sergey Dyasli
Reviewed-by: George Dunlap
---
xen/arch/x86/mm/p2m.c | 31 ++-
xen/includ
Now that np2m sharing is implemented, there can be only one np2m object
with the same np2m_base. Break from loop if the required np2m was found
during np2m_flush_eptp().
Signed-off-by: Sergey Dyasli
Reviewed-by: George Dunlap
---
xen/arch/x86/mm/p2m.c | 4
xen/include/asm-x86/p2m.h
p2ms that share that base pointer.
Convert p2m_flush_table() into p2m_flush_table_locked() in order not
to release the p2m_lock after np2m_base check.
Signed-off-by: Sergey Dyasli
Signed-off-by: George Dunlap
---
v2 --> v3:
- Commit message update
---
xen/arch/x86/hvm/vmx/vvmx.c | 7 +---
still-locked p2m. This allows us to call nestedhap_fix_p2m() with the
lock held and remove the code detecting the special-case.
Signed-off-by: Sergey Dyasli
Signed-off-by: George Dunlap
---
v2 --> v3:
- Moved p2m_unlock() out of nestedhap_fix_p2m() for balanced lock/unlock
---
xen/arch/x86
On Mon, 2017-10-02 at 11:07 +0100, George Dunlap wrote:
> On 10/02/2017 10:40 AM, George Dunlap wrote:
> > On 10/02/2017 10:37 AM, Sergey Dyasli wrote:
> > > On Fri, 2017-09-29 at 16:01 +0100, George Dunlap wrote:
> > > > nvmx_handle_invept() updates current
On Fri, 2017-09-29 at 16:56 +0100, Andrew Cooper wrote:
> On 29/09/17 16:01, George Dunlap wrote:
> > @@ -4203,13 +4197,17 @@ static void lbr_fixup(void)
> > bdw_erratum_bdf14_fixup();
> > }
> >
> > -void vmx_vmenter_helper(const struct cpu_user_regs *regs)
> > +int vmx_vmenter_helper(c
p2m() and
> special-casing it.
>
> Instead, introduce p2m_get_nestedp2m_locked(), which will returned a
> still-locked p2m. This allows us to call nestedhap_fix_p2m() with the
> lock held and remove the code detecting the special-case.
>
> Signed-off-by: Sergey Dyasli
> Signed-
ase pointer.
>
> Convert p2m_flush_table() into p2m_flush_table_locked() in order not
> to release the p2m_lock after np2m_base check.
>
> Signed-off-by: Sergey Dyasli
> Signed-off-by: George Dunlap
> ---
> Changes since v1:
> - Combine patches 2 and 3 ("x86/np
On Fri, 2017-09-29 at 11:53 +0100, George Dunlap wrote:
> On 09/04/2017 09:14 AM, Sergey Dyasli wrote:
> > If an IPI flushes vCPU's np2m object just before nested vmentry, there
> > will be a stale shadow EPTP value in VMCS02. Allow vmentry to be
> > resta
On Fri, 2017-09-22 at 03:06 -0600, Jan Beulich wrote:
> Halfway recent Linux kernels probe MISC_FEATURES_ENABLES on all CPUs,
> leading to ugly recovered #GP fault messages with debug builds on older
> systems. We can do better, so introduce synthetic feature flags for
> both this and PLATFORM_INFO
cause nested vmexit.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/intr.c | 13 +
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/intr.c b/xen/arch/x86/hvm/vmx/intr.c
index e1d0190ca9..4c0f1c8f71 100644
--- a/xen/arch/x86/hvm/vmx/intr.c
+++ b/
Ping?
On Wed, 2017-08-30 at 11:34 +0100, Sergey Dyasli wrote:
> Currently there are the following issues with handling guest's RD/WRMSR
> in Xen:
>
> 1. There is no way to configure which MSRs a guest can and can't access.
>And if there is no MSR handler in Xen
Now there is no need to update shadow EPTP after handling L2 EPT
violation since all EPTP updates are handled by nvmx_eptp_update().
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmx.c | 6 --
1 file changed, 6 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm
Now that np2m sharing is implemented, there can be only one np2m object
with the same np2m_base. Break from loop if the required np2m was found
during np2m_flush_eptp().
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 4
xen/include/asm-x86/p2m.h | 2 +-
2 files changed, 5
Modify p2m_get_nestedp2m() to allow sharing a np2m between multiple
vcpus with the same np2m_base (L1 np2m_base value in VMCX12).
np2m_schedule() callbacks are added to context_switch() as well as
pseudo schedule-out is performed during vvmx's virtual_vmexit().
Signed-off-by: Sergey D
Remove some code duplication.
Suggested-by: George Dunlap
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 25 ++---
1 file changed, 10 insertions(+), 15 deletions(-)
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index d6a474fa20..f783f25fa8 100644
There is a possibility for nested_p2m to became stale between
nestedhvm_hap_nested_page_fault() and nestedhap_fix_p2m(). Simply
use p2m_get_nestedp2m_lock() to guarantee that correct np2m is used.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/hap/nested_hap.c | 29
nvmx_handle_invept() updates current's np2m just to flush it. Instead,
use the new np2m_flush_base() directly for this purpose.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c | 7 +--
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvm
r p2m_get_nestedp2m_locked()" patch
- I've done some light nested SVM testing and fixed 1 regression
(see patch #4)
Sergey Dyasli (14):
x86/np2m: refactor p2m_get_nestedp2m()
x86/np2m: add np2m_flush_base()
x86/vvmx: use np2m_flush_base() for INVEPT_SINGLE_CONTEXT
x86/np2m: remov
The new function finds all np2m objects with the specified np2m_base
and flushes them.
Convert p2m_flush_table() into p2m_flush_table_locked() in order not to
release the p2m_lock after np2m_base check.
Signed-off-by: Sergey Dyasli
---
RFC --> v1:
- p2m_unlock(p2m) is moved f
Remove np2m_base parameter as it should always match the value of
np2m_base in VMCX12.
Signed-off-by: Sergey Dyasli
---
RFC --> v1:
- Nested SVM: added early update of ns_vmcb_hostcr3
xen/arch/x86/hvm/svm/nestedsvm.c | 6 +-
xen/arch/x86/hvm/vmx/vvmx.c | 3 +--
xen/arch/x86/mm/
The new function returns still write-locked np2m.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 12 +---
xen/include/asm-x86/p2m.h | 2 ++
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index e5d2fed361
The new element will indicate if update of a shadow p2m_base is needed
prior to vmentry. Update is required if a nested vcpu gets a new np2m
or if its np2m was flushed by an IPI.
Add nvcpu_flush() helper function.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/nestedhvm.c | 2 ++
xen
Add np2m_generation element to both p2m_domain and nestedvcpu.
np2m's generation will be incremented each time the np2m is flushed.
This will allow to detect if a nested vcpu has the stale np2m.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/nestedhvm.c | 1 +
xen/arch/x86/mm/
If an IPI flushes vCPU's np2m object just before nested vmentry, there
will be a stale shadow EPTP value in VMCS02. Allow vmentry to be
restarted in such cases and add nvmx_eptp_update() to perform an update.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/entry.S | 6 ++
xen
1. Add a helper function assign_np2m()
2. Remove useless volatile
3. Update function's comment in the header
4. Minor style fixes ('\n' and d)
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 31 ++-
xen/include/asm-x86/p2m.h | 6 +++---
np2m maintenance is required for a nested vcpu during scheduling:
1. On schedule-out: clear pCPU's bit in p2m->dirty_cpumask
to prevent useless IPIs.
2. On schedule-in: check if np2m is up to date and wasn't flushed.
Signed-off-by: Sergey Dyasli
-
ng
boot up. It's always possible to emulate CPUID faulting for HVM guests
while for PV guests the H/W support is required.
Add init_domain_msr_policy() which sets initial MSR policy during
domain creation with a special case for Dom0.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/Makefile
Since each vCPU now has struct msr_vcpu_policy, use cpuid_faulting bit
from there in current logic and remove arch_vcpu::cpuid_faulting.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/cpu/intel.c | 3 ++-
xen/arch/x86/hvm/hvm.c | 4 +++-
xen/arch/x86/hvm/vmx/vmx.c | 10
priv_op_write_msr().
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/hvm.c | 7 ++-
xen/arch/x86/hvm/vmx/vmx.c | 23 --
xen/arch/x86/msr.c | 44 ++
xen/arch/x86/pv/emul-priv-op.c | 22
ot up. Availability of MSR_INTEL_MISC_FEATURES_ENABLES depends on
availability of MSR_INTEL_PLATFORM_INFO.
Add init_vcpu_msr_policy() which sets initial MSR policy for every vCPU
during domain creation with a special case for Dom0.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/domain.c
: Sergey Dyasli
---
xen/arch/x86/hvm/hvm.c | 7 ++-
xen/arch/x86/hvm/vmx/vmx.c | 10 --
xen/arch/x86/msr.c | 31 +++
xen/arch/x86/pv/emul-priv-op.c | 22 --
xen/include/asm-x86/msr.h | 8
5 files
patch set will be rebased on top of this
generic MSR infrastructure after it's merged.
Sergey Dyasli (5):
x86/msr: introduce struct msr_domain_policy
x86/msr: introduce struct msr_vcpu_policy
x86: replace arch_vcpu::cpuid_faulting with msr_vcpu_policy
x86/msr: introduce guest_rdmsr()
x8
On Mon, 2017-08-28 at 18:03 +0100, George Dunlap wrote:
> On 07/18/2017 11:34 AM, Sergey Dyasli wrote:
> > Nested p2m (shadow EPT) is an object that stores memory address
> > translations from L2 GPA directly to L0 HPA. This is achieved by
> > combining together L1 EPT tables
On Tue, 2017-08-01 at 09:55 +0200, Egger, Christoph wrote:
> On 18.07.17 12:34, Sergey Dyasli wrote:
> > The new function finds all np2m objects with the specified eptp and
> > flushes them. p2m_flush_table_locked() is added in order not to release
> > the p2m lock
s mapping of the bitmap can be updated.
>
> Signed-off-by: Andrew Cooper
Reviewed-by: Sergey Dyasli
--
Thanks,
Sergey
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
n VMX MSRs.
Signed-off-by: Sergey Dyasli
---
v1 --> v2:
- Renamed hvm_max_vmx_msr_policy to vvmx_max_msr_policy and made it
static
- calculate_hvm_max_policy() is renamed to calculate_vvmx_max_policy()
- Declaration of calculate_vvmx_max_policy() is removed from vmcs.c
and added to vvmx.h
-
.
Signed-off-by: Sergey Dyasli
Reviewed-by: Jan Beulich
---
v1 --> v2:
- nvmx_msr_read_intercept() now uses const struct vmx_msr_policy *
(starting from patch #4)
- Added Reviewed-by: Jan Beulich
xen/arch/x86/domain.c | 6 ++
xen/arch/x86/hvm/vmx/vvmx.c|
; v2:
- Rebased to the latest master
- hvm_max_vmx_msr_policy is renamed to vvmx_max_msr_policy
- Dropped the debug patch
- Other changes are available on a per-patch basis
Sergey Dyasli (5):
x86/vmx: add struct vmx_msr_policy
x86/vmx: add raw_vmx_msr_policy
x86/vmx: refactor vmx_init_vmcs_config()
x86/vvmx: add
lar H/W.
A set of helper functions is introduced to provide a simple way of
interacting with the new structure.
Signed-off-by: Sergey Dyasli
---
v1 --> v2:
- Replaced MSR indices with MSR names in struct vmx_msr_policy's comments
- Named "always zero bit" 31 of basic msr as mbz
-
1. Remove RDMSRs of VMX MSRs since all values are already available in
raw_vmx_msr_policy.
2. Replace bit operations involving VMX bitmasks with accessing VMX
features by name and using vmx_msr_available() where appropriate.
Signed-off-by: Sergey Dyasli
---
v1 --> v2:
- get_vmx_msr_
onfig().
Signed-off-by: Sergey Dyasli
---
v1 --> v2:
- calculate_raw_policy() is renamed to calculate_vmx_raw_policy()
to avoid clash with the same-name function in cpuid.c
- Declaration of calculate_vmx_raw_policy() is removed from vmx.c
and added to vmcs.h
- msr variable is now uns
Now there is no need to update shadow EPTP after handling L2 EPT
violation since all EPTP updates are handled by nvmx_eptp_update().
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmx.c | 6 --
1 file changed, 6 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm
Now that np2m sharing is implemented, there can be only one np2m object
with the same np2m_base. Break from loop if the required np2m was found
during np2m_flush_eptp().
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 3 +++
xen/include/asm-x86/p2m.h | 2 +-
2 files changed, 4
Modify p2m_get_nestedp2m() to allow sharing a np2m between multiple
vcpus with the same np2m_base (L1 EPTP value in VMCS12).
np2m_schedule_in/out() callbacks are added to context_switch() as well
as pseudo schedule-out is performed during virtual_vmexit().
Signed-off-by: Sergey Dyasli
---
xen
The new function finds all np2m objects with the specified eptp and
flushes them. p2m_flush_table_locked() is added in order not to release
the p2m lock after np2m_base check.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 34 +++---
xen/include/asm-x86
The new function returns still write-locked np2m.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 12 +---
xen/include/asm-x86/p2m.h | 2 ++
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index 4b83d4a4f1
Add np2m_generation variable to both p2m_domain and nestedvcpu.
np2m's generation will be incremented each time the np2m is flushed.
This will allow to detect if a nested vcpu has the stale np2m.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/nestedhvm.c | 1 +
xen/arch/x86/mm/
1. Add a helper function assign_np2m()
2. Remove useless volatile
3. Update function's comment in the header
4. Minor style fixes ('\n' and d)
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/p2m.c | 31 ++-
xen/include/asm-x86/p2m.h | 6 +++---
np2m maintenance is required for a nested vcpu during scheduling:
1. On schedule-out: clear pCPU's bit in p2m->dirty_cpumask
to prevent useless IPIs.
2. On schedule-in: check if np2m is up to date and wasn't flushed.
Signed-off-by: Sergey Dyasli
nvmx_handle_invept() updates current's np2m just to flush it. Instead,
use the new np2m_flush_eptp() directly for this purpose.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c | 7 +--
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvm
Remove np2m_base parameter as it should always match the value of
EPTP in VMCS12.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/svm/nestedsvm.c | 2 +-
xen/arch/x86/hvm/vmx/vvmx.c | 3 +--
xen/arch/x86/mm/hap/nested_hap.c | 2 +-
xen/arch/x86/mm/p2m.c| 8
xen
ted SVM is likely broken. Unfortunately, I don't have any
H/W currently to perform a proper testing.
Sergey Dyasli (12):
x86/np2m: refactor p2m_get_nestedp2m()
x86/np2m: add np2m_flush_eptp()
x86/vvmx: use np2m_flush_eptp() for INVEPT_SINGLE_CONTEXT
x86/np2m: remove
There is a possibility for nested_p2m to became stale between
nestedhvm_hap_nested_page_fault() and nestedhap_fix_p2m(). Simply
use p2m_get_nestedp2m_lock() to guarantee that correct np2m is used.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/mm/hap/nested_hap.c | 29
The new variable will indicate if update of a shadow EPTP is needed
prior to vmentry. Update is required if a nested vcpu gets a new np2m
or if its np2m was flushed by an IPI.
Helper function nvcpu_flush() is added.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/nestedhvm.c | 1
On Thu, 2017-07-06 at 06:28 -0600, Jan Beulich wrote:
> > > > On 06.07.17 at 12:23, wrote:
> >
> > On Tue, 2017-07-04 at 09:04 -0600, Jan Beulich wrote:
> > > > > > On 26.06.17 at 12:44, wrote:
> > > >
> > > > +{
> > > > +struct vmx_msr_policy *p = &hvm_max_vmx_msr_policy;
> > > > +uint
On Tue, 2017-07-04 at 09:04 -0600, Jan Beulich wrote:
> > > > On 26.06.17 at 12:44, wrote:
> >
> > +{
> > +struct vmx_msr_policy *p = &hvm_max_vmx_msr_policy;
> > +uint64_t data, *msr;
> > +u32 default1_bits;
> > +
> > +*p = raw_vmx_msr_policy;
> > +
> > +/* XXX: vmcs_revision
On Tue, 2017-07-04 at 08:15 -0600, Jan Beulich wrote:
> > > > On 26.06.17 at 12:44, wrote:
> >
> > @@ -611,6 +624,9 @@ int vmx_cpu_up(void)
> >
> > BUG_ON(!(read_cr4() & X86_CR4_VMXE));
> >
> > +if ( (rc = calculate_raw_policy(false)) != 0 )
> > +return rc;
> > +
> > /*
On Tue, 2017-07-04 at 07:57 -0600, Jan Beulich wrote:
> > > > On 26.06.17 at 12:44, wrote:
> >
> > --- a/xen/include/asm-x86/hvm/vmx/vmcs.h
> > +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h
> > @@ -562,6 +562,350 @@ void vmx_domain_flush_pml_buffers(struct domain *d);
> >
> > void vmx_domain_update
a bug. Make ept_sync_domain() to update hostp2m's
invalidate mask in nested p2m case and make vmx_vmenter_helper() to
invalidate EPT translations for all EPTPs if nested virt is enabled.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmx.c | 5 -
xen/arch/x86/mm/p2m-ept.c
n VMX MSRs.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmcs.c | 3 +
xen/arch/x86/hvm/vmx/vvmx.c | 297 +---
2 files changed, 147 insertions(+), 153 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index dbf6e
d-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmcs.c| 130 +
xen/arch/x86/hvm/vmx/vmx.c | 4 ++
xen/include/asm-x86/hvm/vmx/vmcs.h | 2 +
3 files changed, 79 insertions(+), 57 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arc
1. Remove RDMSRs of VMX MSRs since all values are already available in
raw_vmx_msr_policy.
2. Replace bit operations involving VMX bitmasks with accessing VMX
features by name and using vmx_msr_available() where appropriate.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmcs.c
This is a debug patch I used when developing this series.
It's not intended for merging, I post it because it might be useful
to someone.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmcs.c | 405
1 file changed, 405 insertions(+)
n doesn't use
(i.g. CPU_BASED_PAUSE_EXITING) but they are available to L1. This makes
it not worthy to introduce "Host policy" at this stage.
Sergey Dyasli (6):
vmx: add struct vmx_msr_policy
vmx: add raw_vmx_msr_policy
vmx: refactor vmx_init_vmcs_config()
vvmx: add hvm_max_vmx_msr_policy
vv
.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/domain.c | 6 ++
xen/arch/x86/hvm/vmx/vvmx.c| 14 +-
xen/include/asm-x86/domain.h | 2 ++
xen/include/asm-x86/hvm/vmx/vvmx.h | 3 +++
4 files changed, 24 insertions(+), 1 deletion(-)
diff --git a/xen/arch
cular H/W.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vmcs.c| 47 +
xen/include/asm-x86/hvm/vmx/vmcs.h | 344 +
2 files changed, 391 insertions(+)
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index 8103b
Change the third parameter to be the required struct xen_dm_op_buf *
instead of a generic void * (which blindly accepts any pointer).
Signed-off-by: Sergey Dyasli
---
v1 --> v2:
- Replaced "#include " with
forward declaration of struct xen_dm_op_buf
arch/x86/include/asm/xen/hy
On Tue, 2017-06-06 at 02:03 -0600, Jan Beulich wrote:
> > > > On 05.06.17 at 10:41, wrote:
> >
> > --- a/arch/x86/include/asm/xen/hypercall.h
> > +++ b/arch/x86/include/asm/xen/hypercall.h
> > @@ -49,6 +49,7 @@
> > #include
> > #include
> > #include
> > +#include
>
> Why?
>
> > @@ -474,7
1 - 100 of 158 matches
Mail list logo