From patchwork Thu Mar 20 10:34:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergiy Kibrik X-Patchwork-Id: 14023682 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C047FC36000 for ; Thu, 20 Mar 2025 10:34:47 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.921685.1325465 (Exim 4.92) (envelope-from ) id 1tvDEV-0002Nf-JU; Thu, 20 Mar 2025 10:34:39 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 921685.1325465; Thu, 20 Mar 2025 10:34:39 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDEV-0002NY-Fi; Thu, 20 Mar 2025 10:34:39 +0000 Received: by outflank-mailman (input) for mailman id 921685; Thu, 20 Mar 2025 10:34:38 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDEU-00028p-8f for xen-devel@lists.xenproject.org; Thu, 20 Mar 2025 10:34:38 +0000 Received: from fforwardh-b4-smtp.messagingengine.com (fforwardh-b4-smtp.messagingengine.com [202.12.124.199]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id eae78487-0576-11f0-9ffa-bf95429c2676; Thu, 20 Mar 2025 11:34:36 +0100 (CET) Received: from phl-compute-09.internal (phl-compute-09.phl.internal [10.202.2.49]) by mailfforwardh.stl.internal (Postfix) with ESMTP id 05A6A174026D; Thu, 20 Mar 2025 06:34:34 -0400 (EDT) Received: from phl-frontend-02 ([10.202.2.161]) by phl-compute-09.internal (MEProxy); Thu, 20 Mar 2025 06:34:35 -0400 Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 20 Mar 2025 06:34:33 -0400 (EDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: eae78487-0576-11f0-9ffa-bf95429c2676 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1742466874; x=1742553274; bh=Z vqoqk1j+rIu5ILPWCa0JGJxnaepdFoSJRqpq0naegA=; b=Gn2Eo1Tzdlh03yvJ/ SxWJkL1Oir9Q5RatAmHmOnlAAweksRBuHlzLaOXvzyluip72eP8T+jvxcvRVzDYY xThJRjGS47hrDS9xFYef7JQ9cTDEoBvjjcppDZiYZP/RLZVdOd44zQ1B43s0lFSB 2+NIbJ+qdq9IN0zmyo134o0WvilP804aljvUjNmNLkj24yrLDf0gkFvZqV/LWJok BWJrQTkEGk95+f9LGIgKkFIGHu0tpY2RbfdV3/A6QcMuDBlUhYN6Wti7d/nu77nA /BPQ/SwUXt1K+FNGOlzyxwQ4/NhjLkiS+sWH2z+Y+D9h4uGzxLi/owuy9KDfFQ+Z c//nQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddugeejleelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpih gvnhhtshculddquddttddmnecujfgurhephffvvefufffkofgjfhgggfestdekredtredt tdenucfhrhhomhepufgvrhhgihihucfmihgsrhhikhcuoefuvghrghhihigpmfhisghrih hksegvphgrmhdrtghomheqnecuggftrfgrthhtvghrnheptdejgeegvdffkeekleefueev gfduheevkedvhfdvkeeludehleegheeivedugfejnecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepshgrkhhisgesuggrrhhkshhtrghrrdhsihht vgdpnhgspghrtghpthhtohepiedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepgi gvnhdquggvvhgvlheslhhishhtshdrgigvnhhprhhojhgvtghtrdhorhhgpdhrtghpthht ohepshgvrhhgihihpghkihgsrhhikhesvghprghmrdgtohhmpdhrtghpthhtohepjhgsvg hulhhitghhsehsuhhsvgdrtghomhdprhgtphhtthhopegrnhgurhgvfidrtghoohhpvghr feestghithhrihigrdgtohhmpdhrtghpthhtoheprhhoghgvrhdrphgruhestghithhrih igrdgtohhmpdhrtghpthhtohepshhsthgrsggvlhhlihhniheskhgvrhhnvghlrdhorhhg X-ME-Proxy: Feedback-ID: idf2f5561:Fastmail From: Sergiy Kibrik To: xen-devel@lists.xenproject.org Cc: Sergiy Kibrik , Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Stefano Stabellini Subject: [XEN PATCH v1 1/4] x86:svm: use nsvm_efer_svm_enabled() to check guest's EFER.SVME Date: Thu, 20 Mar 2025 12:34:31 +0200 Message-Id: <67e52e38695be12aca828025077a378e92174952.1742465624.git.Sergiy_Kibrik@epam.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 There's a macro for this, might improve readability a bit & save a bit of space. Signed-off-by: Sergiy Kibrik Acked-by: Jan Beulich --- xen/arch/x86/hvm/svm/nestedsvm.c | 2 +- xen/arch/x86/hvm/svm/svm.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c index 35a2cbfd7d..dc2b6a4253 100644 --- a/xen/arch/x86/hvm/svm/nestedsvm.c +++ b/xen/arch/x86/hvm/svm/nestedsvm.c @@ -1616,7 +1616,7 @@ void svm_nested_features_on_efer_update(struct vcpu *v) * Need state for transfering the nested gif status so only write on * the hvm_vcpu EFER.SVME changing. */ - if ( v->arch.hvm.guest_efer & EFER_SVME ) + if ( nsvm_efer_svm_enabled(v) ) { if ( !vmcb->virt_ext.fields.vloadsave_enable && paging_mode_hap(v->domain) && diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 4b24891096..e33a38c1e4 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -253,7 +253,7 @@ static void cf_check svm_update_guest_efer(struct vcpu *v) vmcb_set_efer(vmcb, guest_efer); ASSERT(nestedhvm_enabled(v->domain) || - !(v->arch.hvm.guest_efer & EFER_SVME)); + !nsvm_efer_svm_enabled(v)); if ( nestedhvm_enabled(v->domain) ) svm_nested_features_on_efer_update(v); From patchwork Thu Mar 20 10:36:35 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergiy Kibrik X-Patchwork-Id: 14023683 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id AE46EC28B30 for ; Thu, 20 Mar 2025 10:36:57 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.921700.1325475 (Exim 4.92) (envelope-from ) id 1tvDGU-000308-Sl; Thu, 20 Mar 2025 10:36:42 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 921700.1325475; Thu, 20 Mar 2025 10:36:42 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDGU-000301-Pq; Thu, 20 Mar 2025 10:36:42 +0000 Received: by outflank-mailman (input) for mailman id 921700; Thu, 20 Mar 2025 10:36:41 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDGT-0002zv-SB for xen-devel@lists.xenproject.org; Thu, 20 Mar 2025 10:36:41 +0000 Received: from fforwardh-b4-smtp.messagingengine.com (fforwardh-b4-smtp.messagingengine.com [202.12.124.199]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 34be7fd3-0577-11f0-9ffa-bf95429c2676; Thu, 20 Mar 2025 11:36:40 +0100 (CET) Received: from phl-compute-07.internal (phl-compute-07.phl.internal [10.202.2.47]) by mailfforwardh.stl.internal (Postfix) with ESMTP id D4FC517400BF; Thu, 20 Mar 2025 06:36:38 -0400 (EDT) Received: from phl-frontend-02 ([10.202.2.161]) by phl-compute-07.internal (MEProxy); Thu, 20 Mar 2025 06:36:39 -0400 Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 20 Mar 2025 06:36:37 -0400 (EDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 34be7fd3-0577-11f0-9ffa-bf95429c2676 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1742466998; x=1742553398; bh=+ GvjfQhGqFlLWakh3kcAuKsyU0zqa7rKivVVChzonKU=; b=Y9ER6ptXRsa5ewX2t FK5+JE9IJtL4omOpX/zlGxwoYEWLEJuLwoeU8140Hiy/K9WULCPWcGFyCsW92Gd3 3SjNSmkFDFdvfPwMqmr4U/wCCe/9+54wogMYrd+2i621ZokaHDDpLO5H0gy5somB yYw/RkQ3Tbu/JBpYVex/4w/qAymwX5mxknkn+XpSMNq0LUcIvV4ZwIifSwq5QPQU V9wQdrJFhl2Y16D1o8Ljd+wxkDzFWYIYe6/N6GdNn40xD1OxBKPi2rCMB56EqfXt 2LMom++72aWKzMGDeQFra1h5ozZl+VetI5gOrvFlzbPShc66fMjN5ABpo1QWYvHJ VRNKA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddugeejleekucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpih gvnhhtshculddquddttddmnecujfgurhephffvvefufffkofgjfhgggfestdekredtredt tdenucfhrhhomhepufgvrhhgihihucfmihgsrhhikhcuoefuvghrghhihigpmfhisghrih hksegvphgrmhdrtghomheqnecuggftrfgrthhtvghrnheptdejgeegvdffkeekleefueev gfduheevkedvhfdvkeeludehleegheeivedugfejnecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepshgrkhhisgesuggrrhhkshhtrghrrdhsihht vgdpnhgspghrtghpthhtohepiedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepgi gvnhdquggvvhgvlheslhhishhtshdrgigvnhhprhhojhgvtghtrdhorhhgpdhrtghpthht ohepshgvrhhgihihpghkihgsrhhikhesvghprghmrdgtohhmpdhrtghpthhtohepjhgsvg hulhhitghhsehsuhhsvgdrtghomhdprhgtphhtthhopegrnhgurhgvfidrtghoohhpvghr feestghithhrihigrdgtohhmpdhrtghpthhtoheprhhoghgvrhdrphgruhestghithhrih igrdgtohhmpdhrtghpthhtohepshhsthgrsggvlhhlihhniheskhgvrhhnvghlrdhorhhg X-ME-Proxy: Feedback-ID: i77698ef3:Fastmail From: Sergiy Kibrik To: xen-devel@lists.xenproject.org Cc: Sergiy Kibrik , Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Stefano Stabellini Subject: [XEN PATCH v1 2/4] x86:svm: rename svm/nestedhvm.h -> svm/nestedsvm.h Date: Thu, 20 Mar 2025 12:36:35 +0200 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 This is private header for SVM code, comment in header and file's changelog suggest that intended name was svm/nestedsvm.h, so perhaps a small mistake here. Signed-off-by: Sergiy Kibrik --- xen/arch/x86/hvm/svm/intr.c | 2 +- xen/arch/x86/hvm/svm/{nestedhvm.h => nestedsvm.h} | 0 xen/arch/x86/hvm/svm/svm.c | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) rename xen/arch/x86/hvm/svm/{nestedhvm.h => nestedsvm.h} (100%) diff --git a/xen/arch/x86/hvm/svm/intr.c b/xen/arch/x86/hvm/svm/intr.c index 46186a1102..feaf42d81b 100644 --- a/xen/arch/x86/hvm/svm/intr.c +++ b/xen/arch/x86/hvm/svm/intr.c @@ -25,7 +25,7 @@ #include #include -#include "nestedhvm.h" +#include "nestedsvm.h" static void svm_inject_nmi(struct vcpu *v) { diff --git a/xen/arch/x86/hvm/svm/nestedhvm.h b/xen/arch/x86/hvm/svm/nestedsvm.h similarity index 100% rename from xen/arch/x86/hvm/svm/nestedhvm.h rename to xen/arch/x86/hvm/svm/nestedsvm.h diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index e33a38c1e4..09ac138691 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -41,7 +41,7 @@ #include -#include "nestedhvm.h" +#include "nestedsvm.h" #include "svm.h" void noreturn svm_asm_do_resume(void); From patchwork Thu Mar 20 10:38:39 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergiy Kibrik X-Patchwork-Id: 14023684 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8FD61C28B30 for ; Thu, 20 Mar 2025 10:38:58 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.921714.1325484 (Exim 4.92) (envelope-from ) id 1tvDIU-0003Z0-6Y; Thu, 20 Mar 2025 10:38:46 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 921714.1325484; Thu, 20 Mar 2025 10:38:46 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDIU-0003Yt-43; Thu, 20 Mar 2025 10:38:46 +0000 Received: by outflank-mailman (input) for mailman id 921714; Thu, 20 Mar 2025 10:38:45 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDIT-0003Yn-Ak for xen-devel@lists.xenproject.org; Thu, 20 Mar 2025 10:38:45 +0000 Received: from fforwardh-b4-smtp.messagingengine.com (fforwardh-b4-smtp.messagingengine.com [202.12.124.199]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 7e7bd635-0577-11f0-9ea0-5ba50f476ded; Thu, 20 Mar 2025 11:38:43 +0100 (CET) Received: from phl-compute-08.internal (phl-compute-08.phl.internal [10.202.2.48]) by mailfforwardh.stl.internal (Postfix) with ESMTP id 6DE461740212; Thu, 20 Mar 2025 06:38:42 -0400 (EDT) Received: from phl-frontend-02 ([10.202.2.161]) by phl-compute-08.internal (MEProxy); Thu, 20 Mar 2025 06:38:42 -0400 Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 20 Mar 2025 06:38:41 -0400 (EDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 7e7bd635-0577-11f0-9ea0-5ba50f476ded DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1742467122; x=1742553522; bh=H CSqtTK0OLa/KDGOXFDTBAHtZN66AA0RE3rsvMWIX/c=; b=IHtiK1r2HHhb0jq6C iof1p/ftdVi3fr6SO7gVFnCeEkFQxqkpUPmNrx8CHzpZdWOow3oeP1dt7yjjj9rA nVJvHoUpKEmteVFGbLMlaO+cBCh1ucQ6kmZDju4KhfNEThkm9g96KCAZHpW4LLmp VewvhhA8TKnMZU2xhfWM4yMxlixOnhGgXtOdJ6Wc6dj9/eFmUsDzHb0fF8mGaEl9 cjsftJ8UKiK5wp7UgTt44hxsTxAi2q9VSsc+2IwKrqC0pQLj/8mSU0cfCJx5Rv7G K6qXgaHp+Y8xODEIMsn1AtwxZIt5opu7IYXRqGeuw+uyIsWryoynT+CPfoSzvlfT F0aMA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddugeektddtucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpih gvnhhtshculddquddttddmnecujfgurhephffvvefufffkofgjfhgggfestdekredtredt tdenucfhrhhomhepufgvrhhgihihucfmihgsrhhikhcuoefuvghrghhihigpmfhisghrih hksegvphgrmhdrtghomheqnecuggftrfgrthhtvghrnheptdejgeegvdffkeekleefueev gfduheevkedvhfdvkeeludehleegheeivedugfejnecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepshgrkhhisgesuggrrhhkshhtrghrrdhsihht vgdpnhgspghrtghpthhtohepiedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepgi gvnhdquggvvhgvlheslhhishhtshdrgigvnhhprhhojhgvtghtrdhorhhgpdhrtghpthht ohepshgvrhhgihihpghkihgsrhhikhesvghprghmrdgtohhmpdhrtghpthhtohepjhgsvg hulhhitghhsehsuhhsvgdrtghomhdprhgtphhtthhopegrnhgurhgvfidrtghoohhpvghr feestghithhrihigrdgtohhmpdhrtghpthhtoheprhhoghgvrhdrphgruhestghithhrih igrdgtohhmpdhrtghpthhtohepshhsthgrsggvlhhlihhniheskhgvrhhnvghlrdhorhhg X-ME-Proxy: Feedback-ID: i5fffb4f7:Fastmail From: Sergiy Kibrik To: xen-devel@lists.xenproject.org Cc: Sergiy Kibrik , Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Stefano Stabellini Subject: [XEN PATCH v1 3/4] x86:hvm: guard calls to nestedhvm routines Date: Thu, 20 Mar 2025 12:38:39 +0200 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Check whether nested HVM is enabled for domain before calling nestedhvm_vcpu_*() and other not already guarded nestedhvm functions. Signed-off-by: Sergiy Kibrik --- xen/arch/x86/hvm/hvm.c | 6 ++++-- xen/arch/x86/hvm/svm/asid.c | 2 +- xen/arch/x86/hvm/svm/svm.c | 6 +++--- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 2f31180b6f..5abbf7029d 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -1658,7 +1658,8 @@ int hvm_vcpu_initialise(struct vcpu *v) return 0; fail6: - nestedhvm_vcpu_destroy(v); + if ( nestedhvm_enabled(d) ) + nestedhvm_vcpu_destroy(v); fail5: free_compat_arg_xlat(v); fail4: @@ -1682,7 +1683,8 @@ void hvm_vcpu_destroy(struct vcpu *v) if ( hvm_altp2m_supported() ) altp2m_vcpu_destroy(v); - nestedhvm_vcpu_destroy(v); + if ( nestedhvm_enabled(v->domain) ) + nestedhvm_vcpu_destroy(v); free_compat_arg_xlat(v); diff --git a/xen/arch/x86/hvm/svm/asid.c b/xen/arch/x86/hvm/svm/asid.c index 7977a8e86b..05c8971714 100644 --- a/xen/arch/x86/hvm/svm/asid.c +++ b/xen/arch/x86/hvm/svm/asid.c @@ -30,7 +30,7 @@ void svm_asid_handle_vmrun(void) struct vcpu *curr = current; struct vmcb_struct *vmcb = curr->arch.hvm.svm.vmcb; struct hvm_vcpu_asid *p_asid = - nestedhvm_vcpu_in_guestmode(curr) + ( nestedhvm_enabled(curr->domain) && nestedhvm_vcpu_in_guestmode(curr) ) ? &vcpu_nestedhvm(curr).nv_n2asid : &curr->arch.hvm.n1asid; bool need_flush = hvm_asid_handle_vmenter(p_asid); diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 09ac138691..d7d91427fd 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -795,7 +795,7 @@ static void cf_check svm_set_tsc_offset(struct vcpu *v, u64 offset, u64 at_tsc) n1vmcb = vcpu_nestedhvm(v).nv_n1vmcx; n2vmcb = vcpu_nestedhvm(v).nv_n2vmcx; - if ( nestedhvm_vcpu_in_guestmode(v) ) + if ( nestedhvm_enabled(d) && nestedhvm_vcpu_in_guestmode(v) ) { n2_tsc_offset = vmcb_get_tsc_offset(n2vmcb) - vmcb_get_tsc_offset(n1vmcb); @@ -2172,7 +2172,7 @@ svm_vmexit_do_vmrun(struct cpu_user_regs *regs, return; } - if ( !nestedsvm_vmcb_map(v, vmcbaddr) ) + if ( nestedhvm_enabled(v->domain) && !nestedsvm_vmcb_map(v, vmcbaddr) ) { gdprintk(XENLOG_ERR, "VMRUN: mapping vmcb failed, injecting #GP\n"); hvm_inject_hw_exception(X86_EXC_GP, 0); @@ -2190,7 +2190,7 @@ nsvm_get_nvmcb_page(struct vcpu *v, uint64_t vmcbaddr) struct page_info *page; struct nestedvcpu *nv = &vcpu_nestedhvm(v); - if ( !nestedsvm_vmcb_map(v, vmcbaddr) ) + if ( nestedhvm_enabled(v->domain) && !nestedsvm_vmcb_map(v, vmcbaddr) ) return NULL; /* Need to translate L1-GPA to MPA */ From patchwork Thu Mar 20 10:40:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergiy Kibrik X-Patchwork-Id: 14023685 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 92C75C28B30 for ; Thu, 20 Mar 2025 10:41:12 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.921740.1325506 (Exim 4.92) (envelope-from ) id 1tvDKW-0005nT-W7; Thu, 20 Mar 2025 10:40:52 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 921740.1325506; Thu, 20 Mar 2025 10:40:52 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDKW-0005nL-RG; Thu, 20 Mar 2025 10:40:52 +0000 Received: by outflank-mailman (input) for mailman id 921740; Thu, 20 Mar 2025 10:40:51 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1tvDKV-0005lS-JJ for xen-devel@lists.xenproject.org; Thu, 20 Mar 2025 10:40:51 +0000 Received: from fforwardh-b4-smtp.messagingengine.com (fforwardh-b4-smtp.messagingengine.com [202.12.124.199]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id c81987bd-0577-11f0-9ffa-bf95429c2676; Thu, 20 Mar 2025 11:40:47 +0100 (CET) Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfforwardh.stl.internal (Postfix) with ESMTP id 1A8E51740240; Thu, 20 Mar 2025 06:40:46 -0400 (EDT) Received: from phl-frontend-02 ([10.202.2.161]) by phl-compute-01.internal (MEProxy); Thu, 20 Mar 2025 06:40:46 -0400 Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 20 Mar 2025 06:40:45 -0400 (EDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: c81987bd-0577-11f0-9ffa-bf95429c2676 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1742467245; x=1742553645; bh=Z FBqzfTuIOcXKUcH4af4gFZfF5sz9uMBXXpfzTunwhs=; b=o0juFXLIxSaLe8GMX UJ6ZgDYUqJUMd5erKY5fZKzUAfc/GGPpN39veW1sleHIEqd39bGyYuT5PQdrFPUi ehBGf8qQad8hipCwB3AZ2PdPs1wLc/klw63cpbaHkaQgraBJ/6bDpEpSDNoRI+CS 3Sf3jpzTl88YkAonJKjAN3qE14WAMirVXzJgrsyDSE3NiKXFToaaAvxcYpqEInN4 IllasQ6wgVtouUHvglk8I4dHWcSdO72Xs1Zc9ezKuU2URQwJopV90RI9nqo4QDZ9 ML+Ph4d8k2PSixQ8YOqbgrbNjJihQp4Gg5H4h0e9kFLjw9dNMYqO5ThtggQMrrP+ 4AGhw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddugeejleelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpih gvnhhtshculddquddttddmnecujfgurhephffvvefufffkofgjfhgggfestdekredtredt tdenucfhrhhomhepufgvrhhgihihucfmihgsrhhikhcuoefuvghrghhihigpmfhisghrih hksegvphgrmhdrtghomheqnecuggftrfgrthhtvghrnhephfevveeuieeljefhkedugeeh leeugefgfffhjefhvdeitdethfettdeitefgheevnecuffhomhgrihhnpegvnhhtrhihrd hssgenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehs rghkihgssegurghrkhhsthgrrhdrshhithgvpdhnsggprhgtphhtthhopeeipdhmohguvg epshhmthhpohhuthdprhgtphhtthhopeigvghnqdguvghvvghlsehlihhsthhsrdigvghn phhrohhjvggtthdrohhrghdprhgtphhtthhopehsvghrghhihigpkhhisghrihhksegvph grmhdrtghomhdprhgtphhtthhopehjsggvuhhlihgthhesshhushgvrdgtohhmpdhrtghp thhtoheprghnughrvgifrdgtohhophgvrhefsegtihhtrhhigidrtghomhdprhgtphhtth hopehrohhgvghrrdhprghusegtihhtrhhigidrtghomhdprhgtphhtthhopehsshhtrggs vghllhhinhhisehkvghrnhgvlhdrohhrgh X-ME-Proxy: Feedback-ID: i7f3fb726:Fastmail From: Sergiy Kibrik To: xen-devel@lists.xenproject.org Cc: Sergiy Kibrik , Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Stefano Stabellini Subject: [XEN PATCH v1 4/4] x86:hvm: make nestedhvm support optional Date: Thu, 20 Mar 2025 12:40:43 +0200 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Introduce NESTEDHVM config option that controls nested virtualization in both SVM & VMX code. The option is for reduction of dead code on systems that aren't intended to run in nested mode. Signed-off-by: Sergiy Kibrik --- xen/arch/x86/Kconfig | 5 +++++ xen/arch/x86/hvm/Makefile | 2 +- xen/arch/x86/hvm/svm/Makefile | 2 +- xen/arch/x86/hvm/svm/entry.S | 2 ++ xen/arch/x86/hvm/svm/svm.c | 4 ++++ xen/arch/x86/hvm/vmx/Makefile | 2 +- xen/arch/x86/hvm/vmx/entry.S | 2 ++ xen/arch/x86/hvm/vmx/vmcs.c | 8 +++++--- xen/arch/x86/hvm/vmx/vmx.c | 10 +++++++++- xen/arch/x86/include/asm/hvm/nestedhvm.h | 10 +++++++++- 10 files changed, 39 insertions(+), 8 deletions(-) diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig index 6e41bc0fb4..bc140d8b77 100644 --- a/xen/arch/x86/Kconfig +++ b/xen/arch/x86/Kconfig @@ -144,6 +144,11 @@ config INTEL_VMX If your system includes a processor with Intel VT-x support, say Y. If in doubt, say Y. +config NESTEDHVM + bool "Support nested virtualization" if EXPERT + depends on HVM + default y + config XEN_SHSTK bool "Supervisor Shadow Stacks" depends on HAS_AS_CET_SS diff --git a/xen/arch/x86/hvm/Makefile b/xen/arch/x86/hvm/Makefile index 4c1fa5c6c2..c80b209296 100644 --- a/xen/arch/x86/hvm/Makefile +++ b/xen/arch/x86/hvm/Makefile @@ -17,7 +17,7 @@ obj-y += ioreq.o obj-y += irq.o obj-y += monitor.o obj-y += mtrr.o -obj-y += nestedhvm.o +obj-$(CONFIG_NESTEDHVM) += nestedhvm.o obj-y += pmtimer.o obj-y += quirks.o obj-y += rtc.o diff --git a/xen/arch/x86/hvm/svm/Makefile b/xen/arch/x86/hvm/svm/Makefile index 760d2954da..4b45ca050f 100644 --- a/xen/arch/x86/hvm/svm/Makefile +++ b/xen/arch/x86/hvm/svm/Makefile @@ -2,7 +2,7 @@ obj-y += asid.o obj-y += emulate.o obj-bin-y += entry.o obj-y += intr.o -obj-y += nestedsvm.o +obj-$(CONFIG_NESTEDHVM) += nestedsvm.o obj-y += svm.o obj-y += svmdebug.o obj-y += vmcb.o diff --git a/xen/arch/x86/hvm/svm/entry.S b/xen/arch/x86/hvm/svm/entry.S index 91edb33459..62ebe1198b 100644 --- a/xen/arch/x86/hvm/svm/entry.S +++ b/xen/arch/x86/hvm/svm/entry.S @@ -28,7 +28,9 @@ FUNC(svm_asm_do_resume) GET_CURRENT(bx) .Lsvm_do_resume: call svm_intr_assist +#ifdef CONFIG_NESTEDHVM call nsvm_vcpu_switch +#endif ASSERT_NOT_IN_ATOMIC mov VCPU_processor(%rbx),%eax diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index d7d91427fd..b678fb46aa 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -2460,6 +2460,7 @@ static struct hvm_function_table __initdata_cf_clobber svm_function_table = { .set_descriptor_access_exiting = svm_set_descriptor_access_exiting, .get_insn_bytes = svm_get_insn_bytes, +#ifdef CONFIG_NESTEDHVM .nhvm_vcpu_initialise = nsvm_vcpu_initialise, .nhvm_vcpu_destroy = nsvm_vcpu_destroy, .nhvm_vcpu_reset = nsvm_vcpu_reset, @@ -2469,6 +2470,7 @@ static struct hvm_function_table __initdata_cf_clobber svm_function_table = { .nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled, .nhvm_intr_blocked = nsvm_intr_blocked, .nhvm_hap_walk_L1_p2m = nsvm_hap_walk_L1_p2m, +#endif .get_reg = svm_get_reg, .set_reg = svm_set_reg, @@ -2991,12 +2993,14 @@ void asmlinkage svm_vmexit_handler(void) case VMEXIT_VMSAVE: svm_vmexit_do_vmsave(vmcb, regs, v, regs->rax); break; +#ifdef CONFIG_NESTEDHVM case VMEXIT_STGI: svm_vmexit_do_stgi(regs, v); break; case VMEXIT_CLGI: svm_vmexit_do_clgi(regs, v); break; +#endif case VMEXIT_XSETBV: if ( vmcb_get_cpl(vmcb) ) diff --git a/xen/arch/x86/hvm/vmx/Makefile b/xen/arch/x86/hvm/vmx/Makefile index 04a29ce59d..6588b58889 100644 --- a/xen/arch/x86/hvm/vmx/Makefile +++ b/xen/arch/x86/hvm/vmx/Makefile @@ -3,4 +3,4 @@ obj-y += intr.o obj-y += realmode.o obj-y += vmcs.o obj-y += vmx.o -obj-y += vvmx.o +obj-$(CONFIG_NESTEDHVM) += vvmx.o diff --git a/xen/arch/x86/hvm/vmx/entry.S b/xen/arch/x86/hvm/vmx/entry.S index 6aaeb28a5b..ed4db38733 100644 --- a/xen/arch/x86/hvm/vmx/entry.S +++ b/xen/arch/x86/hvm/vmx/entry.S @@ -86,7 +86,9 @@ FUNC(vmx_asm_vmexit_handler) .Lvmx_do_vmentry: call vmx_intr_assist +#ifdef CONFIG_NESTEDHVM call nvmx_switch_guest +#endif ASSERT_NOT_IN_ATOMIC mov VCPU_processor(%rbx),%eax diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c index 0ba65becec..8d7f714a04 100644 --- a/xen/arch/x86/hvm/vmx/vmcs.c +++ b/xen/arch/x86/hvm/vmx/vmcs.c @@ -674,7 +674,7 @@ int cf_check vmx_cpu_up_prepare(unsigned int cpu) * If nvmx_cpu_up_prepare() failed, do not return failure and just fallback * to legacy mode for vvmcs synchronization. */ - if ( nvmx_cpu_up_prepare(cpu) != 0 ) + if ( IS_ENABLED(CONFIG_NESTEDHVM) && nvmx_cpu_up_prepare(cpu) != 0 ) printk("CPU%d: Could not allocate virtual VMCS buffer.\n", cpu); if ( per_cpu(vmxon_region, cpu) ) @@ -685,7 +685,8 @@ int cf_check vmx_cpu_up_prepare(unsigned int cpu) return 0; printk("CPU%d: Could not allocate host VMCS\n", cpu); - nvmx_cpu_dead(cpu); + if ( IS_ENABLED(CONFIG_NESTEDHVM) ) + nvmx_cpu_dead(cpu); return -ENOMEM; } @@ -693,7 +694,8 @@ void cf_check vmx_cpu_dead(unsigned int cpu) { vmx_free_vmcs(per_cpu(vmxon_region, cpu)); per_cpu(vmxon_region, cpu) = 0; - nvmx_cpu_dead(cpu); + if ( IS_ENABLED(CONFIG_NESTEDHVM) ) + nvmx_cpu_dead(cpu); vmx_pi_desc_fixup(cpu); } diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 4883bd823d..ed68195445 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -1959,6 +1959,7 @@ static void nvmx_enqueue_n2_exceptions(struct vcpu *v, nvmx->intr.intr_info, nvmx->intr.error_code); } +#ifdef CONFIG_NESTEDHVM static int cf_check nvmx_vmexit_event( struct vcpu *v, const struct x86_event *event) { @@ -1966,6 +1967,7 @@ static int cf_check nvmx_vmexit_event( hvm_intsrc_none); return NESTEDHVM_VMEXIT_DONE; } +#endif static void __vmx_inject_exception(int trap, int type, int error_code) { @@ -2851,6 +2853,7 @@ static struct hvm_function_table __initdata_cf_clobber vmx_function_table = { .handle_cd = vmx_handle_cd, .set_info_guest = vmx_set_info_guest, .set_rdtsc_exiting = vmx_set_rdtsc_exiting, +#ifdef CONFIG_NESTEDHVM .nhvm_vcpu_initialise = nvmx_vcpu_initialise, .nhvm_vcpu_destroy = nvmx_vcpu_destroy, .nhvm_vcpu_reset = nvmx_vcpu_reset, @@ -2860,8 +2863,9 @@ static struct hvm_function_table __initdata_cf_clobber vmx_function_table = { .nhvm_vcpu_vmexit_event = nvmx_vmexit_event, .nhvm_intr_blocked = nvmx_intr_blocked, .nhvm_domain_relinquish_resources = nvmx_domain_relinquish_resources, - .update_vlapic_mode = vmx_vlapic_msr_changed, .nhvm_hap_walk_L1_p2m = nvmx_hap_walk_L1_p2m, +#endif + .update_vlapic_mode = vmx_vlapic_msr_changed, .enable_msr_interception = vmx_enable_msr_interception, .altp2m_vcpu_update_p2m = vmx_vcpu_update_eptp, .altp2m_vcpu_update_vmfunc_ve = vmx_vcpu_update_vmfunc_ve, @@ -3465,10 +3469,12 @@ static int cf_check vmx_msr_read_intercept( __vmread(GUEST_IA32_DEBUGCTL, msr_content); break; +#ifdef CONFIG_NESTEDHVM case MSR_IA32_VMX_BASIC...MSR_IA32_VMX_VMFUNC: if ( !nvmx_msr_read_intercept(msr, msr_content) ) goto gp_fault; break; +#endif case MSR_IA32_MISC_ENABLE: rdmsrl(MSR_IA32_MISC_ENABLE, *msr_content); /* Debug Trace Store is not supported. */ @@ -4631,6 +4637,7 @@ void asmlinkage vmx_vmexit_handler(struct cpu_user_regs *regs) } break; +#ifdef CONFIG_NESTEDHVM case EXIT_REASON_VMXOFF: case EXIT_REASON_VMXON: case EXIT_REASON_VMCLEAR: @@ -4645,6 +4652,7 @@ void asmlinkage vmx_vmexit_handler(struct cpu_user_regs *regs) if ( nvmx_handle_vmx_insn(regs, exit_reason) == X86EMUL_OKAY ) update_guest_eip(); break; +#endif case EXIT_REASON_VMFUNC: if ( vmx_vmfunc_intercept(regs) != X86EMUL_OKAY ) diff --git a/xen/arch/x86/include/asm/hvm/nestedhvm.h b/xen/arch/x86/include/asm/hvm/nestedhvm.h index ea2c1bc328..1703eaafde 100644 --- a/xen/arch/x86/include/asm/hvm/nestedhvm.h +++ b/xen/arch/x86/include/asm/hvm/nestedhvm.h @@ -25,14 +25,22 @@ enum nestedhvm_vmexits { /* Nested HVM on/off per domain */ static inline bool nestedhvm_enabled(const struct domain *d) { - return IS_ENABLED(CONFIG_HVM) && (d->options & XEN_DOMCTL_CDF_nested_virt); + return IS_ENABLED(CONFIG_NESTEDHVM) && + (d->options & XEN_DOMCTL_CDF_nested_virt); } /* Nested VCPU */ int nestedhvm_vcpu_initialise(struct vcpu *v); void nestedhvm_vcpu_destroy(struct vcpu *v); void nestedhvm_vcpu_reset(struct vcpu *v); +#ifdef CONFIG_NESTEDHVM bool nestedhvm_vcpu_in_guestmode(struct vcpu *v); +#else +static inline bool nestedhvm_vcpu_in_guestmode(struct vcpu *v) +{ + return false; +} +#endif #define nestedhvm_vcpu_enter_guestmode(v) \ vcpu_nestedhvm(v).nv_guestmode = 1 #define nestedhvm_vcpu_exit_guestmode(v) \