From patchwork Fri Apr 26 06:43:27 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Nakajima, Jun" <jun.nakajima@intel.com>
X-Patchwork-Id: 2491091
Return-Path: <kvm-owner@vger.kernel.org>
X-Original-To: patchwork-kvm@patchwork.kernel.org
Delivered-To: patchwork-process-083081@patchwork2.kernel.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by patchwork2.kernel.org (Postfix) with ESMTP id 994D1DF230
	for <patchwork-kvm@patchwork.kernel.org>;
	Fri, 26 Apr 2013 06:43:58 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754260Ab3DZGny (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Fri, 26 Apr 2013 02:43:54 -0400
Received: from mail-pb0-f53.google.com ([209.85.160.53]:50781 "EHLO
	mail-pb0-f53.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753605Ab3DZGnx (ORCPT <rfc822; kvm@vger.kernel.org>);
	Fri, 26 Apr 2013 02:43:53 -0400
Received: by mail-pb0-f53.google.com with SMTP id un15so1046600pbc.12
	for <kvm@vger.kernel.org>; Thu, 25 Apr 2013 23:43:53 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=x-received:from:to:subject:date:message-id:x-mailer:in-reply-to
	:references:x-gm-message-state;
	bh=9COV+w7HEk5EUxKZQr50Mz6OEFulsALAhEwINiDfGZ4=;
	b=SJ6YAJ2GkcnBZuRCm7cHMShZk0dCc3Rqs0/kppPzN0Z7MZl0W/T1DVjvuXkkc/N7Kn
	9H7P0p2gzEAuAPKjZNtSc7bTgntiqtp17FHmiUkMI1mbFZa9jn0FabG3/YhXJh+IjNO6
	6KRZCAW7A7EIPWqjECfj//GGo6dTGx3S7nbr9KtoltIdZ99TbnsWpPrwm2NxSw792LQk
	B6fEyqAMeQXvEsJqwJE3dRdBd3yG34n36WlNIDD+2yUy95bqagU/C0XRJzcq1Z7mEM1Y
	FJ0QKtyIZryxlZdZ/t8sapOZp81qBbnfPaNkr56xqs6/Gz8MdNvcYow4bsyiMzTJa265
	AKiw==
X-Received: by 10.66.251.161 with SMTP id zl1mr29048210pac.54.1366958632960;
	Thu, 25 Apr 2013 23:43:52 -0700 (PDT)
Received: from localhost (c-98-207-34-191.hsd1.ca.comcast.net.
	[98.207.34.191]) by mx.google.com with ESMTPSA id
	vv6sm11458659pab.6.2013.04.25.23.43.51 for <kvm@vger.kernel.org>
	(version=TLSv1.2 cipher=RC4-SHA bits=128/128);
	Thu, 25 Apr 2013 23:43:51 -0700 (PDT)
From: Jun Nakajima <jun.nakajima@intel.com>
To: kvm@vger.kernel.org
Subject: [PATCH 07/11] nEPT: Advertise EPT to L1
Date: Thu, 25 Apr 2013 23:43:27 -0700
Message-Id: <1366958611-6935-7-git-send-email-jun.nakajima@intel.com>
X-Mailer: git-send-email 1.8.2.1.610.g562af5b
In-Reply-To: <1366958611-6935-6-git-send-email-jun.nakajima@intel.com>
References: <1366958611-6935-1-git-send-email-jun.nakajima@intel.com>
	<1366958611-6935-2-git-send-email-jun.nakajima@intel.com>
	<1366958611-6935-3-git-send-email-jun.nakajima@intel.com>
	<1366958611-6935-4-git-send-email-jun.nakajima@intel.com>
	<1366958611-6935-5-git-send-email-jun.nakajima@intel.com>
	<1366958611-6935-6-git-send-email-jun.nakajima@intel.com>
X-Gm-Message-State: 
 ALoCoQlDFziyEDL1W96PD3y/JvUYEm7DpqGF/p9Pz9v6zz03OaDkWUEWTP6dR4hPd7s5UlnqN9/o
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

Advertise the support of EPT to the L1 guest, through the appropriate MSR.

This is the last patch of the basic Nested EPT feature, so as to allow
bisection through this patch series: The guest will not see EPT support until
this last patch, and will not attempt to use the half-applied feature.

Signed-off-by: Nadav Har'El <nyh@il.ibm.com>
Signed-off-by: Jun Nakajima <jun.nakajima@intel.com>
Signed-off-by: Xinhao Xu <xinhao.xu@intel.com>
---
 arch/x86/kvm/vmx.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 66ead51..76df3a8 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2027,6 +2027,7 @@ static u32 nested_vmx_secondary_ctls_low, nested_vmx_secondary_ctls_high;
 static u32 nested_vmx_pinbased_ctls_low, nested_vmx_pinbased_ctls_high;
 static u32 nested_vmx_exit_ctls_low, nested_vmx_exit_ctls_high;
 static u32 nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high;
+static u32 nested_vmx_ept_caps;
 static __init void nested_vmx_setup_ctls_msrs(void)
 {
 	/*
@@ -2102,6 +2103,18 @@ static __init void nested_vmx_setup_ctls_msrs(void)
 	nested_vmx_secondary_ctls_low = 0;
 	nested_vmx_secondary_ctls_high &=
 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
+	if (enable_ept) {
+		/* nested EPT: emulate EPT also to L1 */
+		nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT;
+		nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT;
+		nested_vmx_ept_caps |=
+			VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT |
+			VMX_EPT_EXTENT_CONTEXT_BIT |
+			VMX_EPT_EXTENT_INDIVIDUAL_BIT;
+		nested_vmx_ept_caps &= vmx_capability.ept;
+	} else
+		nested_vmx_ept_caps = 0;
+
 }
 
 static inline bool vmx_control_verify(u32 control, u32 low, u32 high)
@@ -2201,8 +2214,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
 					nested_vmx_secondary_ctls_high);
 		break;
 	case MSR_IA32_VMX_EPT_VPID_CAP:
-		/* Currently, no nested ept or nested vpid */
-		*pdata = 0;
+		/* Currently, no nested vpid support */
+		*pdata = nested_vmx_ept_caps;
 		break;
 	default:
 		return 0;