From patchwork Thu May 9 00:53:21 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nakajima, Jun" X-Patchwork-Id: 2542451 Return-Path: X-Original-To: patchwork-kvm@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork1.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork1.kernel.org (Postfix) with ESMTP id 0CD8A3FC5A for ; Thu, 9 May 2013 00:53:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755252Ab3EIAxt (ORCPT ); Wed, 8 May 2013 20:53:49 -0400 Received: from mail-pa0-f54.google.com ([209.85.220.54]:63203 "EHLO mail-pa0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755154Ab3EIAxr (ORCPT ); Wed, 8 May 2013 20:53:47 -0400 Received: by mail-pa0-f54.google.com with SMTP id kx1so1727139pab.13 for ; Wed, 08 May 2013 17:53:47 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:from:to:subject:date:message-id:x-mailer:in-reply-to :references:x-gm-message-state; bh=OUTnBm/T0SfJ+UwH7p67ILTxULoA/3481umRY0oZnFI=; b=IOjwnBB/SvwbAvARBw5Pn8kLphsGY6Jkjh9NGXJND2JXI1tDeIkmE59OoS0wz3DDG6 jqlVqRjbT/C2cE5FkuQp6qcCWLs86EIF380ZdKT95MciI11t+JEQLpA/JilD2d5zahX1 YlqzLARJY7RMNnrA2h1bV80gjFh8kVMB/VJlrKqjkrSbdYyzLbQbyfKZJw15RFn1f3QH ZnmXXHXI26Ia3/o+3kkh8qCYVS930tOwBvrDH2wpcVxs6+8i6d/Tw0DQG6d6deEO3BjE wD2Hvaflwah6qxcBuThRt+9PcgFDaZuU7QZGMFd5KQbkrg/O1ZpFR3HbfSWVcoqW6BnS a6+w== X-Received: by 10.68.108.163 with SMTP id hl3mr9928818pbb.160.1368060827061; Wed, 08 May 2013 17:53:47 -0700 (PDT) Received: from localhost (c-98-207-34-191.hsd1.ca.comcast.net. [98.207.34.191]) by mx.google.com with ESMTPSA id ea15sm1203744pad.16.2013.05.08.17.53.45 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 08 May 2013 17:53:46 -0700 (PDT) From: Jun Nakajima To: kvm@vger.kernel.org Subject: [PATCH v3 09/13] nEPT: Advertise EPT to L1 Date: Wed, 8 May 2013 17:53:21 -0700 Message-Id: <1368060805-2790-9-git-send-email-jun.nakajima@intel.com> X-Mailer: git-send-email 1.8.2.1.610.g562af5b In-Reply-To: <1368060805-2790-8-git-send-email-jun.nakajima@intel.com> References: <1368060805-2790-1-git-send-email-jun.nakajima@intel.com> <1368060805-2790-2-git-send-email-jun.nakajima@intel.com> <1368060805-2790-3-git-send-email-jun.nakajima@intel.com> <1368060805-2790-4-git-send-email-jun.nakajima@intel.com> <1368060805-2790-5-git-send-email-jun.nakajima@intel.com> <1368060805-2790-6-git-send-email-jun.nakajima@intel.com> <1368060805-2790-7-git-send-email-jun.nakajima@intel.com> <1368060805-2790-8-git-send-email-jun.nakajima@intel.com> X-Gm-Message-State: ALoCoQlTVjng+6p4TwkaXbijVbk/uIzH+bsabF1s46T6OzBPdOOaGnu7bJbZmmxctHF+QruULlWQ Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Advertise the support of EPT to the L1 guest, through the appropriate MSR. This is the last patch of the basic Nested EPT feature, so as to allow bisection through this patch series: The guest will not see EPT support until this last patch, and will not attempt to use the half-applied feature. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/vmx.h | 2 ++ arch/x86/kvm/vmx.c | 17 +++++++++++++++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index f3e01a2..4aec45d 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -394,7 +394,9 @@ enum vmcs_field { #define VMX_EPTP_WB_BIT (1ull << 14) #define VMX_EPT_2MB_PAGE_BIT (1ull << 16) #define VMX_EPT_1GB_PAGE_BIT (1ull << 17) +#define VMX_EPT_INVEPT_BIT (1ull << 20) #define VMX_EPT_AD_BIT (1ull << 21) +#define VMX_EPT_EXTENT_INDIVIDUAL_BIT (1ull << 24) #define VMX_EPT_EXTENT_CONTEXT_BIT (1ull << 25) #define VMX_EPT_EXTENT_GLOBAL_BIT (1ull << 26) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 17d8b89..136fc25 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -2155,6 +2155,7 @@ static u32 nested_vmx_pinbased_ctls_low, nested_vmx_pinbased_ctls_high; static u32 nested_vmx_exit_ctls_low, nested_vmx_exit_ctls_high; static u32 nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high; static u32 nested_vmx_misc_low, nested_vmx_misc_high; +static u32 nested_vmx_ept_caps; static __init void nested_vmx_setup_ctls_msrs(void) { /* @@ -2242,6 +2243,18 @@ static __init void nested_vmx_setup_ctls_msrs(void) SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | SECONDARY_EXEC_WBINVD_EXITING; + if (enable_ept) { + /* nested EPT: emulate EPT also to L1 */ + nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT; + nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT; + nested_vmx_ept_caps |= + VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT | + VMX_EPT_EXTENT_CONTEXT_BIT | + VMX_EPT_EXTENT_INDIVIDUAL_BIT; + nested_vmx_ept_caps &= vmx_capability.ept; + } else + nested_vmx_ept_caps = 0; + /* miscellaneous data */ rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high); nested_vmx_misc_low &= VMX_MISC_PREEMPTION_TIMER_RATE_MASK | @@ -2347,8 +2360,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata) nested_vmx_secondary_ctls_high); break; case MSR_IA32_VMX_EPT_VPID_CAP: - /* Currently, no nested ept or nested vpid */ - *pdata = 0; + /* Currently, no nested vpid support */ + *pdata = nested_vmx_ept_caps; break; default: return 0;