From patchwork Thu Nov 9 07:20:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Li, Xin3" X-Patchwork-Id: 13450718 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 12BE9E554 for ; Thu, 9 Nov 2023 07:50:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="cTks9mzc" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A20F1268D for ; Wed, 8 Nov 2023 23:50:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1699516222; x=1731052222; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=XHdLvfVHJIvI0mv20DOWuf8Ii7qbgRx1MvES8geIcoU=; b=cTks9mzcGPPcbOcCJwlfWUmcus2xvEIXxo6JP7ayOZYfwNJEjLtxYtRr oxVJQkyiTp0xq1CEReOO/fUgZs31DlUjOxwV8Ljri5Wl2Ye5AjUA+09FT MAynfUAMrgM7dtFWJZFR2iQmAmGkKeaAkc+NIrQq/c51xNO1PRWva06w9 6NMDLpGY2xf45KchnejG+utm06/lfMzE/E7G+QMs7zTnit++Httr6dIfu gL0/opsCc7xNNi2kkbH/Av916lA6JeDifm/H/CAfyEjJIaeRPlge7WzZd UU+VfKqzM8aj8meg6kI0qjBxkWMgHx+g7M+gB8hVRfyvQ09PgAVSSJAWx A==; X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="476165127" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="476165127" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 23:50:22 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="763329268" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="763329268" Received: from unknown (HELO fred..) ([172.25.112.68]) by orsmga002.jf.intel.com with ESMTP; 08 Nov 2023 23:50:21 -0800 From: Xin Li To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, richard.henderson@linaro.org, pbonzini@redhat.com, eduardo@habkost.net, seanjc@google.com, chao.gao@intel.com, hpa@zytor.com, xiaoyao.li@intel.com, weijiang.yang@intel.com Subject: [PATCH v3 1/6] target/i386: add support for FRED in CPUID enumeration Date: Wed, 8 Nov 2023 23:20:07 -0800 Message-ID: <20231109072012.8078-2-xin3.li@intel.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231109072012.8078-1-xin3.li@intel.com> References: <20231109072012.8078-1-xin3.li@intel.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 FRED, i.e., the Intel flexible return and event delivery architecture, defines simple new transitions that change privilege level (ring transitions). The new transitions defined by the FRED architecture are FRED event delivery and, for returning from events, two FRED return instructions. FRED event delivery can effect a transition from ring 3 to ring 0, but it is used also to deliver events incident to ring 0. One FRED instruction (ERETU) effects a return from ring 0 to ring 3, while the other (ERETS) returns while remaining in ring 0. Collectively, FRED event delivery and the FRED return instructions are FRED transitions. In addition to these transitions, the FRED architecture defines a new instruction (LKGS) for managing the state of the GS segment register. The LKGS instruction can be used by 64-bit operating systems that do not use the new FRED transitions. WRMSRNS is an instruction that behaves exactly like WRMSR, with the only difference being that it is not a serializing instruction by default. Under certain conditions, WRMSRNS may replace WRMSR to improve performance. FRED uses it to switch RSP0 in a faster manner. Search for the latest FRED spec in most search engines with this search pattern: site:intel.com FRED (flexible return and event delivery) specification The CPUID feature flag CPUID.(EAX=7,ECX=1):EAX[17] enumerates FRED, and the CPUID feature flag CPUID.(EAX=7,ECX=1):EAX[18] enumerates LKGS, and the CPUID feature flag CPUID.(EAX=7,ECX=1):EAX[19] enumerates WRMSRNS. Add CPUID definitions for FRED/LKGS/WRMSRNS, and expose them to KVM guests. Because FRED relies on LKGS and WRMSRNS, add that to feature dependency map. Tested-by: Shan Kang Signed-off-by: Xin Li --- target/i386/cpu.c | 10 +++++++++- target/i386/cpu.h | 6 ++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 358d9c0a65..403c84177a 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -965,7 +965,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = { "avx-vnni", "avx512-bf16", NULL, "cmpccxadd", NULL, NULL, "fzrm", "fsrs", "fsrc", NULL, NULL, NULL, - NULL, NULL, NULL, NULL, + NULL, "fred", "lkgs", "wrmsrns", NULL, "amx-fp16", NULL, "avx-ifma", NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, @@ -1552,6 +1552,14 @@ static FeatureDep feature_dependencies[] = { .from = { FEAT_VMX_SECONDARY_CTLS, VMX_SECONDARY_EXEC_ENABLE_USER_WAIT_PAUSE }, .to = { FEAT_7_0_ECX, CPUID_7_0_ECX_WAITPKG }, }, + { + .from = { FEAT_7_1_EAX, CPUID_7_1_EAX_FRED }, + .to = { FEAT_7_1_EAX, CPUID_7_1_EAX_LKGS }, + }, + { + .from = { FEAT_7_1_EAX, CPUID_7_1_EAX_FRED }, + .to = { FEAT_7_1_EAX, CPUID_7_1_EAX_WRMSRNS }, + }, }; typedef struct X86RegisterInfo32 { diff --git a/target/i386/cpu.h b/target/i386/cpu.h index cd2e295bd6..5faf00551d 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -934,6 +934,12 @@ uint64_t x86_cpu_get_supported_feature_word(FeatureWord w, #define CPUID_7_1_EDX_AMX_COMPLEX (1U << 8) /* PREFETCHIT0/1 Instructions */ #define CPUID_7_1_EDX_PREFETCHITI (1U << 14) +/* Flexible return and event delivery (FRED) */ +#define CPUID_7_1_EAX_FRED (1U << 17) +/* Load into IA32_KERNEL_GS_BASE (LKGS) */ +#define CPUID_7_1_EAX_LKGS (1U << 18) +/* Non-Serializing Write to Model Specific Register (WRMSRNS) */ +#define CPUID_7_1_EAX_WRMSRNS (1U << 19) /* Do not exhibit MXCSR Configuration Dependent Timing (MCDT) behavior */ #define CPUID_7_2_EDX_MCDT_NO (1U << 5) From patchwork Thu Nov 9 07:20:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Li, Xin3" X-Patchwork-Id: 13450716 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4D76DF9EE for ; Thu, 9 Nov 2023 07:50:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Nhs0t5CC" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D70C02728 for ; Wed, 8 Nov 2023 23:50:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1699516222; x=1731052222; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=cErrvaQ2Y2YRcZJb/xIJHbANMmxb80XwPPZKGztP7x4=; b=Nhs0t5CC3FEOgdXXrUbUl6fxQEch6G5d2/lTYwFULaV1wSiWZ0CJfrhz ai64pd33kHQ02BAGDD1QRkbgKrpYDoZkDdfIhRKBlXSkxGqySPNr6wlgQ hJC0OtxngZfy7ReAZHLDgqyoWn8S3FfxiLPhsXjAkS/cj+IHWsSt11DD7 aUemoT5pv6uTdFZ2Yvn2G79q2AL9ng2Yco75loxbXzfVX/7BMKu7rhh7h mSRN4ICun5ndUJrx5y8olX7V+uv6Rqz9hjFFvX4eMfwPkrygZlwZDJ7fj id0AiybK48WDPTW8U6zHyAPtyY38S6Q+mmXrNoMF6AvYNZnLDOM7FgdM+ A==; X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="476165136" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="476165136" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 23:50:22 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="763329273" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="763329273" Received: from unknown (HELO fred..) ([172.25.112.68]) by orsmga002.jf.intel.com with ESMTP; 08 Nov 2023 23:50:22 -0800 From: Xin Li To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, richard.henderson@linaro.org, pbonzini@redhat.com, eduardo@habkost.net, seanjc@google.com, chao.gao@intel.com, hpa@zytor.com, xiaoyao.li@intel.com, weijiang.yang@intel.com Subject: [PATCH v3 2/6] target/i386: mark CR4.FRED not reserved Date: Wed, 8 Nov 2023 23:20:08 -0800 Message-ID: <20231109072012.8078-3-xin3.li@intel.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231109072012.8078-1-xin3.li@intel.com> References: <20231109072012.8078-1-xin3.li@intel.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The CR4.FRED bit, i.e., CR4[32], is no longer a reserved bit when FRED is exposed to guests, otherwise it is still a reserved bit. Tested-by: Shan Kang Signed-off-by: Xin Li Reviewed-by: Zhao Liu --- target/i386/cpu.h | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 5faf00551d..e210957cba 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -262,6 +262,12 @@ typedef enum X86Seg { #define CR4_PKE_MASK (1U << 22) #define CR4_PKS_MASK (1U << 24) +#ifdef TARGET_X86_64 +#define CR4_FRED_MASK (1ULL << 32) +#else +#define CR4_FRED_MASK 0 +#endif + #define CR4_RESERVED_MASK \ (~(target_ulong)(CR4_VME_MASK | CR4_PVI_MASK | CR4_TSD_MASK \ | CR4_DE_MASK | CR4_PSE_MASK | CR4_PAE_MASK \ @@ -269,7 +275,8 @@ typedef enum X86Seg { | CR4_OSFXSR_MASK | CR4_OSXMMEXCPT_MASK | CR4_UMIP_MASK \ | CR4_LA57_MASK \ | CR4_FSGSBASE_MASK | CR4_PCIDE_MASK | CR4_OSXSAVE_MASK \ - | CR4_SMEP_MASK | CR4_SMAP_MASK | CR4_PKE_MASK | CR4_PKS_MASK)) + | CR4_SMEP_MASK | CR4_SMAP_MASK | CR4_PKE_MASK | CR4_PKS_MASK \ + | CR4_FRED_MASK)) #define DR6_BD (1 << 13) #define DR6_BS (1 << 14) @@ -2520,6 +2527,9 @@ static inline uint64_t cr4_reserved_bits(CPUX86State *env) if (!(env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_PKS)) { reserved_bits |= CR4_PKS_MASK; } + if (!(env->features[FEAT_7_1_EAX] & CPUID_7_1_EAX_FRED)) { + reserved_bits |= CR4_FRED_MASK; + } return reserved_bits; } From patchwork Thu Nov 9 07:20:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Li, Xin3" X-Patchwork-Id: 13450717 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BF5ECFBE7 for ; Thu, 9 Nov 2023 07:50:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="c1Bz19Tf" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2A8CB2D4F for ; Wed, 8 Nov 2023 23:50:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1699516223; x=1731052223; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=OTzIm8gCXp6Ung+Q+TxnUDKEdG2Zy3BQi6wounkD6Es=; b=c1Bz19TfDJorjX+uhB0wFrQeVs3AjebuKWtXh4Nc3ETvgBmQbNuyCC/Y XNCAth3qa/SNEgDKULxVUS0Ca3kwJZQ3zbRl+U9SggZ+q0Pr3xG7dRLqa VLyUGrqJQWdqortKvD7AqFrD0DgfFCIZlnkkqJkqFprCOsShWFETnPilp +aRFFtcqP8Ey9ET0L/B7kn5tC/tiB7EUMfr1jR7RokJM/I4GN2KVfVw+X MyddIV2qNFsf+G/j/fBdATiOYvYWUGLhd9Q/m6RAt33E0u9fz9arYIPQt 1XQc/civQT2ZkJybEbJWWqmEgamwU50TQUCvFtCecI8hIIeqoynbHSjNh w==; X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="476165144" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="476165144" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 23:50:22 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="763329279" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="763329279" Received: from unknown (HELO fred..) ([172.25.112.68]) by orsmga002.jf.intel.com with ESMTP; 08 Nov 2023 23:50:22 -0800 From: Xin Li To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, richard.henderson@linaro.org, pbonzini@redhat.com, eduardo@habkost.net, seanjc@google.com, chao.gao@intel.com, hpa@zytor.com, xiaoyao.li@intel.com, weijiang.yang@intel.com Subject: [PATCH v3 3/6] target/i386: add the secondary VM exit controls MSR Date: Wed, 8 Nov 2023 23:20:09 -0800 Message-ID: <20231109072012.8078-4-xin3.li@intel.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231109072012.8078-1-xin3.li@intel.com> References: <20231109072012.8078-1-xin3.li@intel.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add the secondary VM exit controls MSR to prepare for KVM FRED enabling. Tested-by: Shan Kang Signed-off-by: Xin Li --- scripts/kvm/vmxcap | 9 +++++++++ target/i386/cpu.c | 2 +- target/i386/cpu.h | 1 + 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/scripts/kvm/vmxcap b/scripts/kvm/vmxcap index 3fb4d5b342..7da1e00ca8 100755 --- a/scripts/kvm/vmxcap +++ b/scripts/kvm/vmxcap @@ -24,6 +24,7 @@ MSR_IA32_VMX_TRUE_EXIT_CTLS = 0x48F MSR_IA32_VMX_TRUE_ENTRY_CTLS = 0x490 MSR_IA32_VMX_VMFUNC = 0x491 MSR_IA32_VMX_PROCBASED_CTLS3 = 0x492 +MSR_IA32_VMX_EXIT_CTLS2 = 0x493 class msr(object): def __init__(self): @@ -219,11 +220,19 @@ controls = [ 23: 'Clear IA32_BNDCFGS', 24: 'Conceal VM exits from PT', 25: 'Clear IA32_RTIT_CTL', + 31: 'Activate secondary VM-exit controls', }, cap_msr = MSR_IA32_VMX_EXIT_CTLS, true_cap_msr = MSR_IA32_VMX_TRUE_EXIT_CTLS, ), + Allowed1Control( + name = 'secondary VM-Exit controls', + bits = { + }, + cap_msr = MSR_IA32_VMX_EXIT_CTLS2, + ), + Control( name = 'VM-Entry controls', bits = { diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 403c84177a..227ee1c759 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1270,7 +1270,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = { "vmx-exit-save-efer", "vmx-exit-load-efer", "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs", NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL, - NULL, "vmx-exit-load-pkrs", NULL, NULL, + NULL, "vmx-exit-load-pkrs", NULL, "vmx-exit-secondary-ctls", }, .msr = { .index = MSR_IA32_VMX_TRUE_EXIT_CTLS, diff --git a/target/i386/cpu.h b/target/i386/cpu.h index e210957cba..a4d3702621 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -551,6 +551,7 @@ typedef enum X86Seg { #define MSR_IA32_VMX_TRUE_EXIT_CTLS 0x0000048f #define MSR_IA32_VMX_TRUE_ENTRY_CTLS 0x00000490 #define MSR_IA32_VMX_VMFUNC 0x00000491 +#define MSR_IA32_VMX_EXIT_CTLS2 0x00000493 #define XSTATE_FP_BIT 0 #define XSTATE_SSE_BIT 1 From patchwork Thu Nov 9 07:20:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Li, Xin3" X-Patchwork-Id: 13450719 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BF62CFBF1 for ; Thu, 9 Nov 2023 07:50:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="OK2pgU+z" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6A2E62D50 for ; Wed, 8 Nov 2023 23:50:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1699516223; x=1731052223; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MRaXk3shPh7gkjPfs7QFU/AG2qwffhxmzb8OZqrofHo=; b=OK2pgU+zV0KOQa8MyHhGVA8sGeTrYqpgg6/lhAYmKeg/m48Kn8AIV7an GFLf0/E4dFHsEvDDJzwM7i2u9df0lEgXf/1eckRJpFMoOSHiOt4JHs9ql lgBBUg18JzRhFsWT/5oGHNTYDggZev8dJEIMhbYxuW0bpEbOkX71ALR6V 3A9pu+bjOyatZrlSW/+xIyThD7ijpD2XlGX632yty1moOvnSHG4815eta 9A5xKVTg2js5EOE9b4UfH03OfKUc1u1guWwsgAciFpxfldsbfZ1rawFwC xkeBBPTKjGwCM4ge0rBjTCakJ2GADA2aQnQqOibnAT9w7qQqlceUF4dK2 A==; X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="476165153" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="476165153" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 23:50:23 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="763329284" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="763329284" Received: from unknown (HELO fred..) ([172.25.112.68]) by orsmga002.jf.intel.com with ESMTP; 08 Nov 2023 23:50:22 -0800 From: Xin Li To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, richard.henderson@linaro.org, pbonzini@redhat.com, eduardo@habkost.net, seanjc@google.com, chao.gao@intel.com, hpa@zytor.com, xiaoyao.li@intel.com, weijiang.yang@intel.com Subject: [PATCH v3 4/6] target/i386: add support for VMX FRED controls Date: Wed, 8 Nov 2023 23:20:10 -0800 Message-ID: <20231109072012.8078-5-xin3.li@intel.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231109072012.8078-1-xin3.li@intel.com> References: <20231109072012.8078-1-xin3.li@intel.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add VMX FRED controls used to enable save/load of FRED MSRs. Tested-by: Shan Kang Signed-off-by: Xin Li --- scripts/kvm/vmxcap | 3 +++ target/i386/cpu.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/kvm/vmxcap b/scripts/kvm/vmxcap index 7da1e00ca8..44898d73c2 100755 --- a/scripts/kvm/vmxcap +++ b/scripts/kvm/vmxcap @@ -229,6 +229,8 @@ controls = [ Allowed1Control( name = 'secondary VM-Exit controls', bits = { + 0: 'Save IA32 FRED MSRs', + 1: 'Load IA32 FRED MSRs', }, cap_msr = MSR_IA32_VMX_EXIT_CTLS2, ), @@ -246,6 +248,7 @@ controls = [ 16: 'Load IA32_BNDCFGS', 17: 'Conceal VM entries from PT', 18: 'Load IA32_RTIT_CTL', + 23: 'Load IA32 FRED MSRs', }, cap_msr = MSR_IA32_VMX_ENTRY_CTLS, true_cap_msr = MSR_IA32_VMX_TRUE_ENTRY_CTLS, diff --git a/target/i386/cpu.c b/target/i386/cpu.c index 227ee1c759..dcf914a7ec 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1285,7 +1285,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = { NULL, "vmx-entry-ia32e-mode", NULL, NULL, NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer", "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL, - NULL, NULL, "vmx-entry-load-pkrs", NULL, + NULL, NULL, "vmx-entry-load-pkrs", "vmx-entry-load-fred", NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, }, From patchwork Thu Nov 9 07:20:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Li, Xin3" X-Patchwork-Id: 13450721 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3DE6FFC01 for ; Thu, 9 Nov 2023 07:50:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="jragFRa+" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CD3BE2693 for ; Wed, 8 Nov 2023 23:50:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1699516223; x=1731052223; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MbIfcTx5Jpa1uax7o3pELRo6a1v5BYZchyQrtHIxi40=; b=jragFRa+Ns1SGMQAVXgG+ebU2PNEqyC7B/o+3cXyIj9TezgXzgMNWUXx CV/63V3dlPzGbVxzPlyf5rklCRbwIvS5FyUaaFXTDMshFVYxp0/XytOyD 056FWeHi44pf8G8+XkcAB2OurMdsjNdqr6T5C/TVIWkWX0C9J8gG2BytN krgseFFUR9zR5gFqHMco75k5ZOl73tq/aAZklJGnKYhLQ4301++0XZIb+ nSasWQS4cHxFEGUPIwx9mNF+C9uVUo8vmdBkE1JvEeMEZFH6sI1jHMiJB gzT0RC6YY+h6WyLJ1/KWZuIFurOOXlXzWi3fCct/2YBMi1Ukt2PeRmWwK A==; X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="476165161" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="476165161" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 23:50:23 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="763329289" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="763329289" Received: from unknown (HELO fred..) ([172.25.112.68]) by orsmga002.jf.intel.com with ESMTP; 08 Nov 2023 23:50:23 -0800 From: Xin Li To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, richard.henderson@linaro.org, pbonzini@redhat.com, eduardo@habkost.net, seanjc@google.com, chao.gao@intel.com, hpa@zytor.com, xiaoyao.li@intel.com, weijiang.yang@intel.com Subject: [PATCH v3 5/6] target/i386: enumerate VMX nested-exception support Date: Wed, 8 Nov 2023 23:20:11 -0800 Message-ID: <20231109072012.8078-6-xin3.li@intel.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231109072012.8078-1-xin3.li@intel.com> References: <20231109072012.8078-1-xin3.li@intel.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Allow VMX nested-exception support to be exposed in KVM guests, thus nested KVM guests can enumerate it. Tested-by: Shan Kang Signed-off-by: Xin Li --- scripts/kvm/vmxcap | 1 + target/i386/cpu.c | 1 + target/i386/cpu.h | 1 + 3 files changed, 3 insertions(+) diff --git a/scripts/kvm/vmxcap b/scripts/kvm/vmxcap index 44898d73c2..508be19c75 100755 --- a/scripts/kvm/vmxcap +++ b/scripts/kvm/vmxcap @@ -117,6 +117,7 @@ controls = [ 54: 'INS/OUTS instruction information', 55: 'IA32_VMX_TRUE_*_CTLS support', 56: 'Skip checks on event error code', + 58: 'VMX nested exception support', }, msr = MSR_IA32_VMX_BASIC, ), diff --git a/target/i386/cpu.c b/target/i386/cpu.c index dcf914a7ec..f7556621a5 100644 --- a/target/i386/cpu.c +++ b/target/i386/cpu.c @@ -1343,6 +1343,7 @@ FeatureWordInfo feature_word_info[FEATURE_WORDS] = { [54] = "vmx-ins-outs", [55] = "vmx-true-ctls", [56] = "vmx-any-errcode", + [58] = "vmx-nested-exception", }, .msr = { .index = MSR_IA32_VMX_BASIC, diff --git a/target/i386/cpu.h b/target/i386/cpu.h index a4d3702621..cc3b4fefb8 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1054,6 +1054,7 @@ uint64_t x86_cpu_get_supported_feature_word(FeatureWord w, #define MSR_VMX_BASIC_INS_OUTS (1ULL << 54) #define MSR_VMX_BASIC_TRUE_CTLS (1ULL << 55) #define MSR_VMX_BASIC_ANY_ERRCODE (1ULL << 56) +#define MSR_VMX_BASIC_NESTED_EXCEPTION (1ULL << 58) #define MSR_VMX_MISC_PREEMPTION_TIMER_SHIFT_MASK 0x1Full #define MSR_VMX_MISC_STORE_LMA (1ULL << 5) From patchwork Thu Nov 9 07:20:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Li, Xin3" X-Patchwork-Id: 13450720 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E1BF3FC0E for ; Thu, 9 Nov 2023 07:50:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="d2NbwX/7" Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 28D622D51 for ; Wed, 8 Nov 2023 23:50:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1699516224; x=1731052224; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qS2divpzlg34Mgdu79EblBhmAA77ycjlMQsD+syQIDc=; b=d2NbwX/7LTEQFNukQikmF2tLIHgGaQwvL1ywIWZlCw5dd80GKlggblU9 kz5n9qtYLeDAvjCU7tChKFkAE1xtjXH2B3ZIy7lyVzWRD/MGUe3X1pwJS BzDUjsnbz3vzBdH+JIW3IR989Kn2hKrfs9eVQUKj+Z1T8z4V7BqVErpnS YrqlSTUKFPqnGs1Q1H8ntOgUsKDy3f4pNg7+IxT3VwrgEdQYgjNKDq2U1 hN57aKDxrsInRBUXp+uYm66qRcVjUjdeVsfLW78zLxz8YsHXQbRRn8ky6 WBDdXI72N3xfh+Q+gUMRX5MUYps9eYHRMP1ur3uqNGGMMFgo3hq/KgNej A==; X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="476165169" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="476165169" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 23:50:23 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10888"; a="763329295" X-IronPort-AV: E=Sophos;i="6.03,288,1694761200"; d="scan'208";a="763329295" Received: from unknown (HELO fred..) ([172.25.112.68]) by orsmga002.jf.intel.com with ESMTP; 08 Nov 2023 23:50:23 -0800 From: Xin Li To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, richard.henderson@linaro.org, pbonzini@redhat.com, eduardo@habkost.net, seanjc@google.com, chao.gao@intel.com, hpa@zytor.com, xiaoyao.li@intel.com, weijiang.yang@intel.com Subject: [PATCH v3 6/6] target/i386: Add get/set/migrate support for FRED MSRs Date: Wed, 8 Nov 2023 23:20:12 -0800 Message-ID: <20231109072012.8078-7-xin3.li@intel.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20231109072012.8078-1-xin3.li@intel.com> References: <20231109072012.8078-1-xin3.li@intel.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 FRED CPU states are managed in 9 new FRED MSRs, in addtion to a few existing CPU registers and MSRs, e.g., CR4.FRED and MSR_IA32_PL0_SSP. Save/restore/migrate FRED MSRs if FRED is exposed to the guest. Tested-by: Shan Kang Signed-off-by: Xin Li --- target/i386/cpu.h | 22 +++++++++++++++++++ target/i386/kvm/kvm.c | 49 +++++++++++++++++++++++++++++++++++++++++++ target/i386/machine.c | 28 +++++++++++++++++++++++++ 3 files changed, 99 insertions(+) diff --git a/target/i386/cpu.h b/target/i386/cpu.h index cc3b4fefb8..3b13eceffe 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -529,6 +529,17 @@ typedef enum X86Seg { #define MSR_IA32_XFD 0x000001c4 #define MSR_IA32_XFD_ERR 0x000001c5 +/* FRED MSRs */ +#define MSR_IA32_FRED_RSP0 0x000001cc /* Stack level 0 regular stack pointer */ +#define MSR_IA32_FRED_RSP1 0x000001cd /* Stack level 1 regular stack pointer */ +#define MSR_IA32_FRED_RSP2 0x000001ce /* Stack level 2 regular stack pointer */ +#define MSR_IA32_FRED_RSP3 0x000001cf /* Stack level 3 regular stack pointer */ +#define MSR_IA32_FRED_STKLVLS 0x000001d0 /* FRED exception stack levels */ +#define MSR_IA32_FRED_SSP1 0x000001d1 /* Stack level 1 shadow stack pointer in ring 0 */ +#define MSR_IA32_FRED_SSP2 0x000001d2 /* Stack level 2 shadow stack pointer in ring 0 */ +#define MSR_IA32_FRED_SSP3 0x000001d3 /* Stack level 3 shadow stack pointer in ring 0 */ +#define MSR_IA32_FRED_CONFIG 0x000001d4 /* FRED Entrypoint and interrupt stack level */ + #define MSR_IA32_BNDCFGS 0x00000d90 #define MSR_IA32_XSS 0x00000da0 #define MSR_IA32_UMWAIT_CONTROL 0xe1 @@ -1687,6 +1698,17 @@ typedef struct CPUArchState { target_ulong cstar; target_ulong fmask; target_ulong kernelgsbase; + + /* FRED MSRs */ + uint64_t fred_rsp0; + uint64_t fred_rsp1; + uint64_t fred_rsp2; + uint64_t fred_rsp3; + uint64_t fred_stklvls; + uint64_t fred_ssp1; + uint64_t fred_ssp2; + uint64_t fred_ssp3; + uint64_t fred_config; #endif uint64_t tsc_adjust; diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 11b8177eff..101ff63805 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -3309,6 +3309,17 @@ static int kvm_put_msrs(X86CPU *cpu, int level) kvm_msr_entry_add(cpu, MSR_KERNELGSBASE, env->kernelgsbase); kvm_msr_entry_add(cpu, MSR_FMASK, env->fmask); kvm_msr_entry_add(cpu, MSR_LSTAR, env->lstar); + if (env->features[FEAT_7_1_EAX] & CPUID_7_1_EAX_FRED) { + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP0, env->fred_rsp0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP1, env->fred_rsp1); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP2, env->fred_rsp2); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP3, env->fred_rsp3); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_STKLVLS, env->fred_stklvls); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP1, env->fred_ssp1); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP2, env->fred_ssp2); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP3, env->fred_ssp3); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_CONFIG, env->fred_config); + } } #endif @@ -3773,6 +3784,17 @@ static int kvm_get_msrs(X86CPU *cpu) kvm_msr_entry_add(cpu, MSR_KERNELGSBASE, 0); kvm_msr_entry_add(cpu, MSR_FMASK, 0); kvm_msr_entry_add(cpu, MSR_LSTAR, 0); + if (env->features[FEAT_7_1_EAX] & CPUID_7_1_EAX_FRED) { + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP0, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP1, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP2, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_RSP3, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_STKLVLS, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP1, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP2, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_SSP3, 0); + kvm_msr_entry_add(cpu, MSR_IA32_FRED_CONFIG, 0); + } } #endif kvm_msr_entry_add(cpu, MSR_KVM_SYSTEM_TIME, 0); @@ -3994,6 +4016,33 @@ static int kvm_get_msrs(X86CPU *cpu) case MSR_LSTAR: env->lstar = msrs[i].data; break; + case MSR_IA32_FRED_RSP0: + env->fred_rsp0 = msrs[i].data; + break; + case MSR_IA32_FRED_RSP1: + env->fred_rsp1 = msrs[i].data; + break; + case MSR_IA32_FRED_RSP2: + env->fred_rsp2 = msrs[i].data; + break; + case MSR_IA32_FRED_RSP3: + env->fred_rsp3 = msrs[i].data; + break; + case MSR_IA32_FRED_STKLVLS: + env->fred_stklvls = msrs[i].data; + break; + case MSR_IA32_FRED_SSP1: + env->fred_ssp1 = msrs[i].data; + break; + case MSR_IA32_FRED_SSP2: + env->fred_ssp2 = msrs[i].data; + break; + case MSR_IA32_FRED_SSP3: + env->fred_ssp3 = msrs[i].data; + break; + case MSR_IA32_FRED_CONFIG: + env->fred_config = msrs[i].data; + break; #endif case MSR_IA32_TSC: env->tsc = msrs[i].data; diff --git a/target/i386/machine.c b/target/i386/machine.c index a1041ef828..850a19cb8e 100644 --- a/target/i386/machine.c +++ b/target/i386/machine.c @@ -1544,6 +1544,33 @@ static const VMStateDescription vmstate_msr_xfd = { }; #ifdef TARGET_X86_64 +static bool intel_fred_msrs_needed(void *opaque) +{ + X86CPU *cpu = opaque; + CPUX86State *env = &cpu->env; + + return !!(env->features[FEAT_7_1_EAX] & CPUID_7_1_EAX_FRED); +} + +static const VMStateDescription vmstate_msr_fred = { + .name = "cpu/fred", + .version_id = 1, + .minimum_version_id = 1, + .needed = intel_fred_msrs_needed, + .fields = (VMStateField[]) { + VMSTATE_UINT64(env.fred_rsp0, X86CPU), + VMSTATE_UINT64(env.fred_rsp1, X86CPU), + VMSTATE_UINT64(env.fred_rsp2, X86CPU), + VMSTATE_UINT64(env.fred_rsp3, X86CPU), + VMSTATE_UINT64(env.fred_stklvls, X86CPU), + VMSTATE_UINT64(env.fred_ssp1, X86CPU), + VMSTATE_UINT64(env.fred_ssp2, X86CPU), + VMSTATE_UINT64(env.fred_ssp3, X86CPU), + VMSTATE_UINT64(env.fred_config, X86CPU), + VMSTATE_END_OF_LIST() + } + }; + static bool amx_xtile_needed(void *opaque) { X86CPU *cpu = opaque; @@ -1747,6 +1774,7 @@ const VMStateDescription vmstate_x86_cpu = { &vmstate_pdptrs, &vmstate_msr_xfd, #ifdef TARGET_X86_64 + &vmstate_msr_fred, &vmstate_amx_xtile, #endif &vmstate_arch_lbr,