From patchwork Mon Jul 24 13:47:45 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sergey Dyasli <sergey.dyasli@citrix.com>
X-Patchwork-Id: 9859417
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	5431560349 for <patchwork-xen-devel@patchwork.kernel.org>;
	Mon, 24 Jul 2017 13:50:28 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4538D284F4
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Mon, 24 Jul 2017 13:50:28 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 3A74928516; Mon, 24 Jul 2017 13:50:28 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 98DCB284F4
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Mon, 24 Jul 2017 13:50:26 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1dZdiF-0001Qi-8s; Mon, 24 Jul 2017 13:47:55 +0000
Received: from mail6.bemta6.messagelabs.com ([193.109.254.103])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <prvs=3711c57a7=sergey.dyasli@citrix.com>)
	id 1dZdiD-0001Ol-Fy
	for xen-devel@lists.xen.org; Mon, 24 Jul 2017 13:47:53 +0000
Received: from [193.109.254.147] by server-9.bemta-6.messagelabs.com id
	29/F6-03406-88AF5795; Mon, 24 Jul 2017 13:47:52 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprIIsWRWlGSWpSXmKPExsXitHRDpG7Hr9J
	IgzPXxSyWfFzM4sDocXT3b6YAxijWzLyk/IoE1ozzx5exFOyTq7jedoe1gfG0RBcjJ4eEgL/E
	33d/mEBsNgE9iY2zX4HZIgKyEqu75rB3MXJxMAscYZSYuuoIO0hCWMBeYuuKP2wgNouAqkT3z
	avMXYwcHLwCNhLPV4dDzJSX2NV2kRXE5hSwlTh8bzkziC0EVLJq5jpWCFtV4vWLXSwgNq+AoM
	TJmU/AbGYBCYmDL14wT2DknYUkNQtJagEj0ypGjeLUorLUIl1DU72kosz0jJLcxMwcXUMDM73
	c1OLixPTUnMSkYr3k/NxNjMDgYQCCHYzflgUcYpTkYFIS5V2+rihSiC8pP6UyI7E4I76oNCe1
	+BCjDAeHkgSvz8/SSCHBotT01Iq0zBxgGMOkJTh4lER4r/4ASvMWFyTmFmemQ6ROMepyvJrw/
	xuTEEtefl6qlDhvNcgMAZCijNI8uBGwmLrEKCslzMsIdJQQT0FqUW5mCar8K0ZxDkYlYd40kC
	k8mXklcJteAR3BBHTEnBlgR5QkIqSkGhgd5h3OuMVncrgo6mjzEtl3U1c/uPhr3au/KrsMiuo
	urw+47nz019Wd5vf3Conslg4orCgW/P627Js+V11D/b4b11QcZodcZFvyWCa4Qf/rCYmp7EXz
	9YqYNujseJCRIeNxoEVTIijcP2cOh3PNRpk1j+dMtWNX5r6XmZr5ef3LXSecP/zZ9eWtEktxR
	qKhFnNRcSIAFOIsbaQCAAA=
X-Env-Sender: prvs=3711c57a7=sergey.dyasli@citrix.com
X-Msg-Ref: server-5.tower-27.messagelabs.com!1500904069!103109264!3
X-Originating-IP: [66.165.176.89]
X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor:
	VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n,
	received_headers: No Received headers
X-StarScan-Received: 
X-StarScan-Version: 9.4.25; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 10247 invoked from network); 24 Jul 2017 13:47:52 -0000
Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89)
	by server-5.tower-27.messagelabs.com with RC4-SHA encrypted SMTP;
	24 Jul 2017 13:47:52 -0000
X-IronPort-AV: E=Sophos;i="5.40,407,1496102400"; d="scan'208";a="432696064"
From: Sergey Dyasli <sergey.dyasli@citrix.com>
To: <xen-devel@lists.xen.org>
Date: Mon, 24 Jul 2017 14:47:45 +0100
Message-ID: <20170724134745.4787-6-sergey.dyasli@citrix.com>
X-Mailer: git-send-email 2.11.0
In-Reply-To: <20170724134745.4787-1-sergey.dyasli@citrix.com>
References: <20170724134745.4787-1-sergey.dyasli@citrix.com>
MIME-Version: 1.0
Cc: Andrew Cooper <Andrew.Cooper3@citrix.com>,
	Kevin Tian <kevin.tian@intel.com>, Jan Beulich <jbeulich@suse.com>,
	Jun Nakajima <jun.nakajima@intel.com>,
	Sergey Dyasli <sergey.dyasli@citrix.com>
Subject: [Xen-devel] [PATCH v2 5/5] x86/vvmx: add per domain vmx msr policy
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Having a policy per domain allows to sensibly query what VMX features
the domain has, which unblocks some other nested virt work items.

For now, make policy for each domain equal to vvmx_max_msr_policy.
In the future it should be possible to independently configure
the policy for each domain.

Signed-off-by: Sergey Dyasli <sergey.dyasli@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
v1 --> v2:
- nvmx_msr_read_intercept() now uses const struct vmx_msr_policy *
  (starting from patch #4)
- Added Reviewed-by: Jan Beulich <jbeulich@suse.com>

 xen/arch/x86/domain.c              |  6 ++++++
 xen/arch/x86/hvm/vmx/vvmx.c        | 14 +++++++++++++-
 xen/include/asm-x86/domain.h       |  2 ++
 xen/include/asm-x86/hvm/vmx/vvmx.h |  1 +
 4 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
index dd8bf1302f..e72f17c593 100644
--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -425,6 +425,7 @@ int arch_domain_create(struct domain *d, unsigned int domcr_flags,
     {
         d->arch.emulation_flags = 0;
         d->arch.cpuid = ZERO_BLOCK_PTR; /* Catch stray misuses. */
+        d->arch.vmx_msr = ZERO_BLOCK_PTR;
     }
     else
     {
@@ -470,6 +471,9 @@ int arch_domain_create(struct domain *d, unsigned int domcr_flags,
         if ( (rc = init_domain_cpuid_policy(d)) )
             goto fail;
 
+        if ( (rc = init_domain_vmx_msr_policy(d)) )
+            goto fail;
+
         d->arch.ioport_caps = 
             rangeset_new(d, "I/O Ports", RANGESETF_prettyprint_hex);
         rc = -ENOMEM;
@@ -541,6 +545,7 @@ int arch_domain_create(struct domain *d, unsigned int domcr_flags,
     cleanup_domain_irq_mapping(d);
     free_xenheap_page(d->shared_info);
     xfree(d->arch.cpuid);
+    xfree(d->arch.vmx_msr);
     if ( paging_initialised )
         paging_final_teardown(d);
     free_perdomain_mappings(d);
@@ -555,6 +560,7 @@ void arch_domain_destroy(struct domain *d)
 
     xfree(d->arch.e820);
     xfree(d->arch.cpuid);
+    xfree(d->arch.vmx_msr);
 
     free_domain_pirqs(d);
     if ( !is_idle_domain(d) )
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index e71728f356..9a19e7a7c0 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -2072,6 +2072,18 @@ void __init calculate_vvmx_max_policy(void)
                                       MSR_IA32_VMX_VMFUNC);
 }
 
+int init_domain_vmx_msr_policy(struct domain *d)
+{
+    d->arch.vmx_msr = xmalloc(struct vmx_msr_policy);
+
+    if ( !d->arch.vmx_msr )
+        return -ENOMEM;
+
+    *d->arch.vmx_msr = vvmx_max_msr_policy;
+
+    return 0;
+}
+
 /*
  * Capability reporting
  */
@@ -2079,7 +2091,7 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
 {
     struct vcpu *v = current;
     struct domain *d = v->domain;
-    const struct vmx_msr_policy *p = &vvmx_max_msr_policy;
+    const struct vmx_msr_policy *p = d->arch.vmx_msr;
     int r = 1;
 
     /* VMX capablity MSRs are available only when guest supports VMX. */
diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h
index c10522b7f5..430188c1fa 100644
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -359,6 +359,8 @@ struct arch_domain
     /* CPUID Policy. */
     struct cpuid_policy *cpuid;
 
+    struct vmx_msr_policy *vmx_msr;
+
     struct PITState vpit;
 
     /* TSC management (emulation, pv, scaling, stats) */
diff --git a/xen/include/asm-x86/hvm/vmx/vvmx.h b/xen/include/asm-x86/hvm/vmx/vvmx.h
index 150124f3a3..0f5e44ae94 100644
--- a/xen/include/asm-x86/hvm/vmx/vvmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vvmx.h
@@ -246,5 +246,6 @@ int nvmx_cpu_up_prepare(unsigned int cpu);
 void nvmx_cpu_dead(unsigned int cpu);
 
 void calculate_vvmx_max_policy(void);
+int init_domain_vmx_msr_policy(struct domain *d);
 #endif /* __ASM_X86_HVM_VVMX_H__ */