From patchwork Wed Jan 29 14:45:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= X-Patchwork-Id: 11356289 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0D5D6138C for ; Wed, 29 Jan 2020 14:46:36 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id DE263206F0 for ; Wed, 29 Jan 2020 14:46:35 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="gFksgsPu" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DE263206F0 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iwob2-0007Eu-1L; Wed, 29 Jan 2020 14:45:36 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iwob0-0007Eh-44 for xen-devel@lists.xenproject.org; Wed, 29 Jan 2020 14:45:34 +0000 X-Inumbo-ID: 00436096-42a6-11ea-b211-bc764e2007e4 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 00436096-42a6-11ea-b211-bc764e2007e4; Wed, 29 Jan 2020 14:45:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1580309133; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=kUUVFXs300eZPYkIFY4J6xtq3ukAunIJ6SYJ9l5Clps=; b=gFksgsPuwv4YeJ1xw7Hcb5XXdvxXwe6pJLN/t8fMOyloSoAe9FdRXQqS O2e1KiXGTGSivv+pVhwRD2fB7ypCcnEEhw2LYoNqtL75MRspeOWVRsnTO dSDnrK03F8x0ObR8lh5ABMHIBpdrnXCtq8QcFIE40tqWQPlrDA9LkIiMJ Q=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: fdrrx310ktFWA5EYz5TuWE7K2munDambpHrwCKGM8KG450tLJzsVHxOXHYA1FVQAPeRESaovqo KE1hn1D6Pb0K3n2PiCSmz5+CJ3poiO9Ifp+Rf5EsQh1klZAIlFuNASLPUoN0NTOV+ylLE7pTbg X3expc5yYH56N58xxHbnbCxUjp1m9SU3A1PX2+tGfSepmrB9nTMayppUGqbbAV5NQNaWskYSv5 5/3PL01V0kMR8Hy08jq0TVhA34rBpINx4Wqkl0gouROjZ+rg4Bu4Vvg85WGUSBDvI5tlzs+asz Wpc= X-SBRS: 2.7 X-MesageID: 11633369 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,378,1574139600"; d="scan'208";a="11633369" From: Roger Pau Monne To: Date: Wed, 29 Jan 2020 15:45:12 +0100 Message-ID: <20200129144514.96686-1-roger.pau@citrix.com> X-Mailer: git-send-email 2.25.0 MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v2 0/2] nvmx: implement support for MSR bitmaps X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Jun Nakajima , Wei Liu , Andrew Cooper , Roger Pau Monne Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Hello, Current nested VMX code advertises support for the MSR bitmap feature, yet the implementation isn't done. Previous to this series Xen just maps the nested guest MSR bitmap (as set by L1) and that's it, the L2 guest ends up using the L1 MSR bitmap. This series adds handling of the L2 MSR bitmap and merging with the L1 MSR bitmap and loading it into the nested guest VMCS. Patch #2 makes sure the x2APIC MSR range is always trapped, or else a guest with nested virtualization enabled could manage to access some of the x2APIC MSR registers from the host. Thanks, Roger. Roger Pau Monne (2): nvmx: implement support for MSR bitmaps nvmx: always trap accesses to x2APIC MSRs xen/arch/x86/hvm/vmx/vvmx.c | 73 ++++++++++++++++++++++++++++-- xen/include/asm-x86/hvm/vmx/vvmx.h | 3 +- 2 files changed, 72 insertions(+), 4 deletions(-)