| /* |
| * Kernel-based Virtual Machine driver for Linux |
| * |
| * This module enables machines with Intel VT-x extensions to run virtual |
| * machines without emulation or binary translation. |
| * |
| * Copyright (C) 2006 Qumranet, Inc. |
| * Copyright 2010 Red Hat, Inc. and/or its affiliates. |
| * |
| * Authors: |
| * Avi Kivity <avi@qumranet.com> |
| * Yaniv Kamay <yaniv@qumranet.com> |
| * |
| * This work is licensed under the terms of the GNU GPL, version 2. See |
| * the COPYING file in the top-level directory. |
| * |
| */ |
| |
| #include "irq.h" |
| #include "mmu.h" |
| #include "cpuid.h" |
| #include "lapic.h" |
| |
| #include <linux/kvm_host.h> |
| #include <linux/module.h> |
| #include <linux/kernel.h> |
| #include <linux/mm.h> |
| #include <linux/highmem.h> |
| #include <linux/sched.h> |
| #include <linux/moduleparam.h> |
| #include <linux/mod_devicetable.h> |
| #include <linux/trace_events.h> |
| #include <linux/slab.h> |
| #include <linux/tboot.h> |
| #include <linux/hrtimer.h> |
| #include "kvm_cache_regs.h" |
| #include "x86.h" |
| |
| #include <asm/cpu.h> |
| #include <asm/io.h> |
| #include <asm/desc.h> |
| #include <asm/vmx.h> |
| #include <asm/virtext.h> |
| #include <asm/mce.h> |
| #include <asm/fpu/internal.h> |
| #include <asm/perf_event.h> |
| #include <asm/debugreg.h> |
| #include <asm/kexec.h> |
| #include <asm/apic.h> |
| #include <asm/irq_remapping.h> |
| |
| #include "trace.h" |
| #include "pmu.h" |
| |
| #define __ex(x) __kvm_handle_fault_on_reboot(x) |
| #define __ex_clear(x, reg) \ |
| ____kvm_handle_fault_on_reboot(x, "xor " reg " , " reg) |
| |
| MODULE_AUTHOR("Qumranet"); |
| MODULE_LICENSE("GPL"); |
| |
| static const struct x86_cpu_id vmx_cpu_id[] = { |
| X86_FEATURE_MATCH(X86_FEATURE_VMX), |
| {} |
| }; |
| MODULE_DEVICE_TABLE(x86cpu, vmx_cpu_id); |
| |
| static bool __read_mostly enable_vpid = 1; |
| module_param_named(vpid, enable_vpid, bool, 0444); |
| |
| static bool __read_mostly flexpriority_enabled = 1; |
| module_param_named(flexpriority, flexpriority_enabled, bool, S_IRUGO); |
| |
| static bool __read_mostly enable_ept = 1; |
| module_param_named(ept, enable_ept, bool, S_IRUGO); |
| |
| static bool __read_mostly enable_unrestricted_guest = 1; |
| module_param_named(unrestricted_guest, |
| enable_unrestricted_guest, bool, S_IRUGO); |
| |
| static bool __read_mostly enable_ept_ad_bits = 1; |
| module_param_named(eptad, enable_ept_ad_bits, bool, S_IRUGO); |
| |
| static bool __read_mostly emulate_invalid_guest_state = true; |
| module_param(emulate_invalid_guest_state, bool, S_IRUGO); |
| |
| static bool __read_mostly fasteoi = 1; |
| module_param(fasteoi, bool, S_IRUGO); |
| |
| static bool __read_mostly enable_apicv = 1; |
| module_param(enable_apicv, bool, S_IRUGO); |
| |
| static bool __read_mostly enable_shadow_vmcs = 1; |
| module_param_named(enable_shadow_vmcs, enable_shadow_vmcs, bool, S_IRUGO); |
| /* |
| * If nested=1, nested virtualization is supported, i.e., guests may use |
| * VMX and be a hypervisor for its own guests. If nested=0, guests may not |
| * use VMX instructions. |
| */ |
| static bool __read_mostly nested = 0; |
| module_param(nested, bool, S_IRUGO); |
| |
| static u64 __read_mostly host_xss; |
| |
| static bool __read_mostly enable_pml = 1; |
| module_param_named(pml, enable_pml, bool, S_IRUGO); |
| |
| #define KVM_VMX_TSC_MULTIPLIER_MAX 0xffffffffffffffffULL |
| |
| /* Guest_tsc -> host_tsc conversion requires 64-bit division. */ |
| static int __read_mostly cpu_preemption_timer_multi; |
| static bool __read_mostly enable_preemption_timer = 1; |
| #ifdef CONFIG_X86_64 |
| module_param_named(preemption_timer, enable_preemption_timer, bool, S_IRUGO); |
| #endif |
| |
| #define KVM_GUEST_CR0_MASK (X86_CR0_NW | X86_CR0_CD) |
| #define KVM_VM_CR0_ALWAYS_ON_UNRESTRICTED_GUEST (X86_CR0_WP | X86_CR0_NE) |
| #define KVM_VM_CR0_ALWAYS_ON \ |
| (KVM_VM_CR0_ALWAYS_ON_UNRESTRICTED_GUEST | X86_CR0_PG | X86_CR0_PE) |
| #define KVM_CR4_GUEST_OWNED_BITS \ |
| (X86_CR4_PVI | X86_CR4_DE | X86_CR4_PCE | X86_CR4_OSFXSR \ |
| | X86_CR4_OSXMMEXCPT | X86_CR4_TSD) |
| |
| #define KVM_PMODE_VM_CR4_ALWAYS_ON (X86_CR4_PAE | X86_CR4_VMXE) |
| #define KVM_RMODE_VM_CR4_ALWAYS_ON (X86_CR4_VME | X86_CR4_PAE | X86_CR4_VMXE) |
| |
| #define RMODE_GUEST_OWNED_EFLAGS_BITS (~(X86_EFLAGS_IOPL | X86_EFLAGS_VM)) |
| |
| #define VMX_MISC_EMULATED_PREEMPTION_TIMER_RATE 5 |
| |
| /* |
| * Hyper-V requires all of these, so mark them as supported even though |
| * they are just treated the same as all-context. |
| */ |
| #define VMX_VPID_EXTENT_SUPPORTED_MASK \ |
| (VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT | \ |
| VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT | \ |
| VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT | \ |
| VMX_VPID_EXTENT_SINGLE_NON_GLOBAL_BIT) |
| |
| /* |
| * These 2 parameters are used to config the controls for Pause-Loop Exiting: |
| * ple_gap: upper bound on the amount of time between two successive |
| * executions of PAUSE in a loop. Also indicate if ple enabled. |
| * According to test, this time is usually smaller than 128 cycles. |
| * ple_window: upper bound on the amount of time a guest is allowed to execute |
| * in a PAUSE loop. Tests indicate that most spinlocks are held for |
| * less than 2^12 cycles |
| * Time is measured based on a counter that runs at the same rate as the TSC, |
| * refer SDM volume 3b section 21.6.13 & 22.1.3. |
| */ |
| #define KVM_VMX_DEFAULT_PLE_GAP 128 |
| #define KVM_VMX_DEFAULT_PLE_WINDOW 4096 |
| #define KVM_VMX_DEFAULT_PLE_WINDOW_GROW 2 |
| #define KVM_VMX_DEFAULT_PLE_WINDOW_SHRINK 0 |
| #define KVM_VMX_DEFAULT_PLE_WINDOW_MAX \ |
| INT_MAX / KVM_VMX_DEFAULT_PLE_WINDOW_GROW |
| |
| static int ple_gap = KVM_VMX_DEFAULT_PLE_GAP; |
| module_param(ple_gap, int, S_IRUGO); |
| |
| static int ple_window = KVM_VMX_DEFAULT_PLE_WINDOW; |
| module_param(ple_window, int, S_IRUGO); |
| |
| /* Default doubles per-vcpu window every exit. */ |
| static int ple_window_grow = KVM_VMX_DEFAULT_PLE_WINDOW_GROW; |
| module_param(ple_window_grow, int, S_IRUGO); |
| |
| /* Default resets per-vcpu window every exit to ple_window. */ |
| static int ple_window_shrink = KVM_VMX_DEFAULT_PLE_WINDOW_SHRINK; |
| module_param(ple_window_shrink, int, S_IRUGO); |
| |
| /* Default is to compute the maximum so we can never overflow. */ |
| static int ple_window_actual_max = KVM_VMX_DEFAULT_PLE_WINDOW_MAX; |
| static int ple_window_max = KVM_VMX_DEFAULT_PLE_WINDOW_MAX; |
| module_param(ple_window_max, int, S_IRUGO); |
| |
| extern const ulong vmx_return; |
| |
| #define NR_AUTOLOAD_MSRS 8 |
| #define VMCS02_POOL_SIZE 1 |
| |
| struct vmcs { |
| u32 revision_id; |
| u32 abort; |
| char data[0]; |
| }; |
| |
| /* |
| * Track a VMCS that may be loaded on a certain CPU. If it is (cpu!=-1), also |
| * remember whether it was VMLAUNCHed, and maintain a linked list of all VMCSs |
| * loaded on this CPU (so we can clear them if the CPU goes down). |
| */ |
| struct loaded_vmcs { |
| struct vmcs *vmcs; |
| struct vmcs *shadow_vmcs; |
| int cpu; |
| int launched; |
| struct list_head loaded_vmcss_on_cpu_link; |
| }; |
| |
| struct shared_msr_entry { |
| unsigned index; |
| u64 data; |
| u64 mask; |
| }; |
| |
| /* |
| * struct vmcs12 describes the state that our guest hypervisor (L1) keeps for a |
| * single nested guest (L2), hence the name vmcs12. Any VMX implementation has |
| * a VMCS structure, and vmcs12 is our emulated VMX's VMCS. This structure is |
| * stored in guest memory specified by VMPTRLD, but is opaque to the guest, |
| * which must access it using VMREAD/VMWRITE/VMCLEAR instructions. |
| * More than one of these structures may exist, if L1 runs multiple L2 guests. |
| * nested_vmx_run() will use the data here to build a vmcs02: a VMCS for the |
| * underlying hardware which will be used to run L2. |
| * This structure is packed to ensure that its layout is identical across |
| * machines (necessary for live migration). |
| * If there are changes in this struct, VMCS12_REVISION must be changed. |
| */ |
| typedef u64 natural_width; |
| struct __packed vmcs12 { |
| /* According to the Intel spec, a VMCS region must start with the |
| * following two fields. Then follow implementation-specific data. |
| */ |
| u32 revision_id; |
| u32 abort; |
| |
| u32 launch_state; /* set to 0 by VMCLEAR, to 1 by VMLAUNCH */ |
| u32 padding[7]; /* room for future expansion */ |
| |
| u64 io_bitmap_a; |
| u64 io_bitmap_b; |
| u64 msr_bitmap; |
| u64 vm_exit_msr_store_addr; |
| u64 vm_exit_msr_load_addr; |
| u64 vm_entry_msr_load_addr; |
| u64 tsc_offset; |
| u64 virtual_apic_page_addr; |
| u64 apic_access_addr; |
| u64 posted_intr_desc_addr; |
| u64 ept_pointer; |
| u64 eoi_exit_bitmap0; |
| u64 eoi_exit_bitmap1; |
| u64 eoi_exit_bitmap2; |
| u64 eoi_exit_bitmap3; |
| u64 xss_exit_bitmap; |
| u64 guest_physical_address; |
| u64 vmcs_link_pointer; |
| u64 pml_address; |
| u64 guest_ia32_debugctl; |
| u64 guest_ia32_pat; |
| u64 guest_ia32_efer; |
| u64 guest_ia32_perf_global_ctrl; |
| u64 guest_pdptr0; |
| u64 guest_pdptr1; |
| u64 guest_pdptr2; |
| u64 guest_pdptr3; |
| u64 guest_bndcfgs; |
| u64 host_ia32_pat; |
| u64 host_ia32_efer; |
| u64 host_ia32_perf_global_ctrl; |
| u64 padding64[8]; /* room for future expansion */ |
| /* |
| * To allow migration of L1 (complete with its L2 guests) between |
| * machines of different natural widths (32 or 64 bit), we cannot have |
| * unsigned long fields with no explict size. We use u64 (aliased |
| * natural_width) instead. Luckily, x86 is little-endian. |
| */ |
| natural_width cr0_guest_host_mask; |
| natural_width cr4_guest_host_mask; |
| natural_width cr0_read_shadow; |
| natural_width cr4_read_shadow; |
| natural_width cr3_target_value0; |
| natural_width cr3_target_value1; |
| natural_width cr3_target_value2; |
| natural_width cr3_target_value3; |
| natural_width exit_qualification; |
| natural_width guest_linear_address; |
| natural_width guest_cr0; |
| natural_width guest_cr3; |
| natural_width guest_cr4; |
| natural_width guest_es_base; |
| natural_width guest_cs_base; |
| natural_width guest_ss_base; |
| natural_width guest_ds_base; |
| natural_width guest_fs_base; |
| natural_width guest_gs_base; |
| natural_width guest_ldtr_base; |
| natural_width guest_tr_base; |
| natural_width guest_gdtr_base; |
| natural_width guest_idtr_base; |
| natural_width guest_dr7; |
| natural_width guest_rsp; |
| natural_width guest_rip; |
| natural_width guest_rflags; |
| natural_width guest_pending_dbg_exceptions; |
| natural_width guest_sysenter_esp; |
| natural_width guest_sysenter_eip; |
| natural_width host_cr0; |
| natural_width host_cr3; |
| natural_width host_cr4; |
| natural_width host_fs_base; |
| natural_width host_gs_base; |
| natural_width host_tr_base; |
| natural_width host_gdtr_base; |
| natural_width host_idtr_base; |
| natural_width host_ia32_sysenter_esp; |
| natural_width host_ia32_sysenter_eip; |
| natural_width host_rsp; |
| natural_width host_rip; |
| natural_width paddingl[8]; /* room for future expansion */ |
| u32 pin_based_vm_exec_control; |
| u32 cpu_based_vm_exec_control; |
| u32 exception_bitmap; |
| u32 page_fault_error_code_mask; |
| u32 page_fault_error_code_match; |
| u32 cr3_target_count; |
| u32 vm_exit_controls; |
| u32 vm_exit_msr_store_count; |
| u32 vm_exit_msr_load_count; |
| u32 vm_entry_controls; |
| u32 vm_entry_msr_load_count; |
| u32 vm_entry_intr_info_field; |
| u32 vm_entry_exception_error_code; |
| u32 vm_entry_instruction_len; |
| u32 tpr_threshold; |
| u32 secondary_vm_exec_control; |
| u32 vm_instruction_error; |
| u32 vm_exit_reason; |
| u32 vm_exit_intr_info; |
| u32 vm_exit_intr_error_code; |
| u32 idt_vectoring_info_field; |
| u32 idt_vectoring_error_code; |
| u32 vm_exit_instruction_len; |
| u32 vmx_instruction_info; |
| u32 guest_es_limit; |
| u32 guest_cs_limit; |
| u32 guest_ss_limit; |
| u32 guest_ds_limit; |
| u32 guest_fs_limit; |
| u32 guest_gs_limit; |
| u32 guest_ldtr_limit; |
| u32 guest_tr_limit; |
| u32 guest_gdtr_limit; |
| u32 guest_idtr_limit; |
| u32 guest_es_ar_bytes; |
| u32 guest_cs_ar_bytes; |
| u32 guest_ss_ar_bytes; |
| u32 guest_ds_ar_bytes; |
| u32 guest_fs_ar_bytes; |
| u32 guest_gs_ar_bytes; |
| u32 guest_ldtr_ar_bytes; |
| u32 guest_tr_ar_bytes; |
| u32 guest_interruptibility_info; |
| u32 guest_activity_state; |
| u32 guest_sysenter_cs; |
| u32 host_ia32_sysenter_cs; |
| u32 vmx_preemption_timer_value; |
| u32 padding32[7]; /* room for future expansion */ |
| u16 virtual_processor_id; |
| u16 posted_intr_nv; |
| u16 guest_es_selector; |
| u16 guest_cs_selector; |
| u16 guest_ss_selector; |
| u16 guest_ds_selector; |
| u16 guest_fs_selector; |
| u16 guest_gs_selector; |
| u16 guest_ldtr_selector; |
| u16 guest_tr_selector; |
| u16 guest_intr_status; |
| u16 guest_pml_index; |
| u16 host_es_selector; |
| u16 host_cs_selector; |
| u16 host_ss_selector; |
| u16 host_ds_selector; |
| u16 host_fs_selector; |
| u16 host_gs_selector; |
| u16 host_tr_selector; |
| }; |
| |
| /* |
| * VMCS12_REVISION is an arbitrary id that should be changed if the content or |
| * layout of struct vmcs12 is changed. MSR_IA32_VMX_BASIC returns this id, and |
| * VMPTRLD verifies that the VMCS region that L1 is loading contains this id. |
| */ |
| #define VMCS12_REVISION 0x11e57ed0 |
| |
| /* |
| * VMCS12_SIZE is the number of bytes L1 should allocate for the VMXON region |
| * and any VMCS region. Although only sizeof(struct vmcs12) are used by the |
| * current implementation, 4K are reserved to avoid future complications. |
| */ |
| #define VMCS12_SIZE 0x1000 |
| |
| /* Used to remember the last vmcs02 used for some recently used vmcs12s */ |
| struct vmcs02_list { |
| struct list_head list; |
| gpa_t vmptr; |
| struct loaded_vmcs vmcs02; |
| }; |
| |
| /* |
| * The nested_vmx structure is part of vcpu_vmx, and holds information we need |
| * for correct emulation of VMX (i.e., nested VMX) on this vcpu. |
| */ |
| struct nested_vmx { |
| /* Has the level1 guest done vmxon? */ |
| bool vmxon; |
| gpa_t vmxon_ptr; |
| bool pml_full; |
| |
| /* The guest-physical address of the current VMCS L1 keeps for L2 */ |
| gpa_t current_vmptr; |
| /* The host-usable pointer to the above */ |
| struct page *current_vmcs12_page; |
| struct vmcs12 *current_vmcs12; |
| /* |
| * Cache of the guest's VMCS, existing outside of guest memory. |
| * Loaded from guest memory during VMPTRLD. Flushed to guest |
| * memory during VMXOFF, VMCLEAR, VMPTRLD. |
| */ |
| struct vmcs12 *cached_vmcs12; |
| /* |
| * Indicates if the shadow vmcs must be updated with the |
| * data hold by vmcs12 |
| */ |
| bool sync_shadow_vmcs; |
| |
| /* vmcs02_list cache of VMCSs recently used to run L2 guests */ |
| struct list_head vmcs02_pool; |
| int vmcs02_num; |
| bool change_vmcs01_virtual_x2apic_mode; |
| /* L2 must run next, and mustn't decide to exit to L1. */ |
| bool nested_run_pending; |
| /* |
| * Guest pages referred to in vmcs02 with host-physical pointers, so |
| * we must keep them pinned while L2 runs. |
| */ |
| struct page *apic_access_page; |
| struct page *virtual_apic_page; |
| struct page *pi_desc_page; |
| struct pi_desc *pi_desc; |
| bool pi_pending; |
| u16 posted_intr_nv; |
| |
| unsigned long *msr_bitmap; |
| |
| struct hrtimer preemption_timer; |
| bool preemption_timer_expired; |
| |
| /* to migrate it to L2 if VM_ENTRY_LOAD_DEBUG_CONTROLS is off */ |
| u64 vmcs01_debugctl; |
| |
| u16 vpid02; |
| u16 last_vpid; |
| |
| /* |
| * We only store the "true" versions of the VMX capability MSRs. We |
| * generate the "non-true" versions by setting the must-be-1 bits |
| * according to the SDM. |
| */ |
| u32 nested_vmx_procbased_ctls_low; |
| u32 nested_vmx_procbased_ctls_high; |
| u32 nested_vmx_secondary_ctls_low; |
| u32 nested_vmx_secondary_ctls_high; |
| u32 nested_vmx_pinbased_ctls_low; |
| u32 nested_vmx_pinbased_ctls_high; |
| u32 nested_vmx_exit_ctls_low; |
| u32 nested_vmx_exit_ctls_high; |
| u32 nested_vmx_entry_ctls_low; |
| u32 nested_vmx_entry_ctls_high; |
| u32 nested_vmx_misc_low; |
| u32 nested_vmx_misc_high; |
| u32 nested_vmx_ept_caps; |
| u32 nested_vmx_vpid_caps; |
| u64 nested_vmx_basic; |
| u64 nested_vmx_cr0_fixed0; |
| u64 nested_vmx_cr0_fixed1; |
| u64 nested_vmx_cr4_fixed0; |
| u64 nested_vmx_cr4_fixed1; |
| u64 nested_vmx_vmcs_enum; |
| }; |
| |
| #define POSTED_INTR_ON 0 |
| #define POSTED_INTR_SN 1 |
| |
| /* Posted-Interrupt Descriptor */ |
| struct pi_desc { |
| u32 pir[8]; /* Posted interrupt requested */ |
| union { |
| struct { |
| /* bit 256 - Outstanding Notification */ |
| u16 on : 1, |
| /* bit 257 - Suppress Notification */ |
| sn : 1, |
| /* bit 271:258 - Reserved */ |
| rsvd_1 : 14; |
| /* bit 279:272 - Notification Vector */ |
| u8 nv; |
| /* bit 287:280 - Reserved */ |
| u8 rsvd_2; |
| /* bit 319:288 - Notification Destination */ |
| u32 ndst; |
| }; |
| u64 control; |
| }; |
| u32 rsvd[6]; |
| } __aligned(64); |
| |
| static bool pi_test_and_set_on(struct pi_desc *pi_desc) |
| { |
| return test_and_set_bit(POSTED_INTR_ON, |
| (unsigned long *)&pi_desc->control); |
| } |
| |
| static bool pi_test_and_clear_on(struct pi_desc *pi_desc) |
| { |
| return test_and_clear_bit(POSTED_INTR_ON, |
| (unsigned long *)&pi_desc->control); |
| } |
| |
| static int pi_test_and_set_pir(int vector, struct pi_desc *pi_desc) |
| { |
| return test_and_set_bit(vector, (unsigned long *)pi_desc->pir); |
| } |
| |
| static inline void pi_clear_sn(struct pi_desc *pi_desc) |
| { |
| return clear_bit(POSTED_INTR_SN, |
| (unsigned long *)&pi_desc->control); |
| } |
| |
| static inline void pi_set_sn(struct pi_desc *pi_desc) |
| { |
| return set_bit(POSTED_INTR_SN, |
| (unsigned long *)&pi_desc->control); |
| } |
| |
| static inline void pi_clear_on(struct pi_desc *pi_desc) |
| { |
| clear_bit(POSTED_INTR_ON, |
| (unsigned long *)&pi_desc->control); |
| } |
| |
| static inline int pi_test_on(struct pi_desc *pi_desc) |
| { |
| return test_bit(POSTED_INTR_ON, |
| (unsigned long *)&pi_desc->control); |
| } |
| |
| static inline int pi_test_sn(struct pi_desc *pi_desc) |
| { |
| return test_bit(POSTED_INTR_SN, |
| (unsigned long *)&pi_desc->control); |
| } |
| |
| struct vcpu_vmx { |
| struct kvm_vcpu vcpu; |
| unsigned long host_rsp; |
| u8 fail; |
| bool nmi_known_unmasked; |
| u32 exit_intr_info; |
| u32 idt_vectoring_info; |
| ulong rflags; |
| struct shared_msr_entry *guest_msrs; |
| int nmsrs; |
| int save_nmsrs; |
| unsigned long host_idt_base; |
| #ifdef CONFIG_X86_64 |
| u64 msr_host_kernel_gs_base; |
| u64 msr_guest_kernel_gs_base; |
| #endif |
| u32 vm_entry_controls_shadow; |
| u32 vm_exit_controls_shadow; |
| /* |
| * loaded_vmcs points to the VMCS currently used in this vcpu. For a |
| * non-nested (L1) guest, it always points to vmcs01. For a nested |
| * guest (L2), it points to a different VMCS. |
| */ |
| struct loaded_vmcs vmcs01; |
| struct loaded_vmcs *loaded_vmcs; |
| bool __launched; /* temporary, used in vmx_vcpu_run */ |
| struct msr_autoload { |
| unsigned nr; |
| struct vmx_msr_entry guest[NR_AUTOLOAD_MSRS]; |
| struct vmx_msr_entry host[NR_AUTOLOAD_MSRS]; |
| } msr_autoload; |
| struct { |
| int loaded; |
| u16 fs_sel, gs_sel, ldt_sel; |
| #ifdef CONFIG_X86_64 |
| u16 ds_sel, es_sel; |
| #endif |
| int gs_ldt_reload_needed; |
| int fs_reload_needed; |
| u64 msr_host_bndcfgs; |
| unsigned long vmcs_host_cr4; /* May not match real cr4 */ |
| } host_state; |
| struct { |
| int vm86_active; |
| ulong save_rflags; |
| struct kvm_segment segs[8]; |
| } rmode; |
| struct { |
| u32 bitmask; /* 4 bits per segment (1 bit per field) */ |
| struct kvm_save_segment { |
| u16 selector; |
| unsigned long base; |
| u32 limit; |
| u32 ar; |
| } seg[8]; |
| } segment_cache; |
| int vpid; |
| bool emulation_required; |
| |
| u32 exit_reason; |
| |
| /* Posted interrupt descriptor */ |
| struct pi_desc pi_desc; |
| |
| /* Support for a guest hypervisor (nested VMX) */ |
| struct nested_vmx nested; |
| |
| /* Dynamic PLE window. */ |
| int ple_window; |
| bool ple_window_dirty; |
| |
| /* Support for PML */ |
| #define PML_ENTITY_NUM 512 |
| struct page *pml_pg; |
| |
| /* apic deadline value in host tsc */ |
| u64 hv_deadline_tsc; |
| |
| u64 current_tsc_ratio; |
| |
| bool guest_pkru_valid; |
| u32 guest_pkru; |
| u32 host_pkru; |
| |
| /* |
| * Only bits masked by msr_ia32_feature_control_valid_bits can be set in |
| * msr_ia32_feature_control. FEATURE_CONTROL_LOCKED is always included |
| * in msr_ia32_feature_control_valid_bits. |
| */ |
| u64 msr_ia32_feature_control; |
| u64 msr_ia32_feature_control_valid_bits; |
| }; |
| |
| enum segment_cache_field { |
| SEG_FIELD_SEL = 0, |
| SEG_FIELD_BASE = 1, |
| SEG_FIELD_LIMIT = 2, |
| SEG_FIELD_AR = 3, |
| |
| SEG_FIELD_NR = 4 |
| }; |
| |
| static inline struct vcpu_vmx *to_vmx(struct kvm_vcpu *vcpu) |
| { |
| return container_of(vcpu, struct vcpu_vmx, vcpu); |
| } |
| |
| static struct pi_desc *vcpu_to_pi_desc(struct kvm_vcpu *vcpu) |
| { |
| return &(to_vmx(vcpu)->pi_desc); |
| } |
| |
| #define VMCS12_OFFSET(x) offsetof(struct vmcs12, x) |
| #define FIELD(number, name) [number] = VMCS12_OFFSET(name) |
| #define FIELD64(number, name) [number] = VMCS12_OFFSET(name), \ |
| [number##_HIGH] = VMCS12_OFFSET(name)+4 |
| |
| |
| static unsigned long shadow_read_only_fields[] = { |
| /* |
| * We do NOT shadow fields that are modified when L0 |
| * traps and emulates any vmx instruction (e.g. VMPTRLD, |
| * VMXON...) executed by L1. |
| * For example, VM_INSTRUCTION_ERROR is read |
| * by L1 if a vmx instruction fails (part of the error path). |
| * Note the code assumes this logic. If for some reason |
| * we start shadowing these fields then we need to |
| * force a shadow sync when L0 emulates vmx instructions |
| * (e.g. force a sync if VM_INSTRUCTION_ERROR is modified |
| * by nested_vmx_failValid) |
| */ |
| VM_EXIT_REASON, |
| VM_EXIT_INTR_INFO, |
| VM_EXIT_INSTRUCTION_LEN, |
| IDT_VECTORING_INFO_FIELD, |
| IDT_VECTORING_ERROR_CODE, |
| VM_EXIT_INTR_ERROR_CODE, |
| EXIT_QUALIFICATION, |
| GUEST_LINEAR_ADDRESS, |
| GUEST_PHYSICAL_ADDRESS |
| }; |
| static int max_shadow_read_only_fields = |
| ARRAY_SIZE(shadow_read_only_fields); |
| |
| static unsigned long shadow_read_write_fields[] = { |
| TPR_THRESHOLD, |
| GUEST_RIP, |
| GUEST_RSP, |
| GUEST_CR0, |
| GUEST_CR3, |
| GUEST_CR4, |
| GUEST_INTERRUPTIBILITY_INFO, |
| GUEST_RFLAGS, |
| GUEST_CS_SELECTOR, |
| GUEST_CS_AR_BYTES, |
| GUEST_CS_LIMIT, |
| GUEST_CS_BASE, |
| GUEST_ES_BASE, |
| GUEST_BNDCFGS, |
| CR0_GUEST_HOST_MASK, |
| CR0_READ_SHADOW, |
| CR4_READ_SHADOW, |
| TSC_OFFSET, |
| EXCEPTION_BITMAP, |
| CPU_BASED_VM_EXEC_CONTROL, |
| VM_ENTRY_EXCEPTION_ERROR_CODE, |
| VM_ENTRY_INTR_INFO_FIELD, |
| VM_ENTRY_INSTRUCTION_LEN, |
| VM_ENTRY_EXCEPTION_ERROR_CODE, |
| HOST_FS_BASE, |
| HOST_GS_BASE, |
| HOST_FS_SELECTOR, |
| HOST_GS_SELECTOR |
| }; |
| static int max_shadow_read_write_fields = |
| ARRAY_SIZE(shadow_read_write_fields); |
| |
| static const unsigned short vmcs_field_to_offset_table[] = { |
| FIELD(VIRTUAL_PROCESSOR_ID, virtual_processor_id), |
| FIELD(POSTED_INTR_NV, posted_intr_nv), |
| FIELD(GUEST_ES_SELECTOR, guest_es_selector), |
| FIELD(GUEST_CS_SELECTOR, guest_cs_selector), |
| FIELD(GUEST_SS_SELECTOR, guest_ss_selector), |
| FIELD(GUEST_DS_SELECTOR, guest_ds_selector), |
| FIELD(GUEST_FS_SELECTOR, guest_fs_selector), |
| FIELD(GUEST_GS_SELECTOR, guest_gs_selector), |
| FIELD(GUEST_LDTR_SELECTOR, guest_ldtr_selector), |
| FIELD(GUEST_TR_SELECTOR, guest_tr_selector), |
| FIELD(GUEST_INTR_STATUS, guest_intr_status), |
| FIELD(GUEST_PML_INDEX, guest_pml_index), |
| FIELD(HOST_ES_SELECTOR, host_es_selector), |
| FIELD(HOST_CS_SELECTOR, host_cs_selector), |
| FIELD(HOST_SS_SELECTOR, host_ss_selector), |
| FIELD(HOST_DS_SELECTOR, host_ds_selector), |
| FIELD(HOST_FS_SELECTOR, host_fs_selector), |
| FIELD(HOST_GS_SELECTOR, host_gs_selector), |
| FIELD(HOST_TR_SELECTOR, host_tr_selector), |
| FIELD64(IO_BITMAP_A, io_bitmap_a), |
| FIELD64(IO_BITMAP_B, io_bitmap_b), |
| FIELD64(MSR_BITMAP, msr_bitmap), |
| FIELD64(VM_EXIT_MSR_STORE_ADDR, vm_exit_msr_store_addr), |
| FIELD64(VM_EXIT_MSR_LOAD_ADDR, vm_exit_msr_load_addr), |
| FIELD64(VM_ENTRY_MSR_LOAD_ADDR, vm_entry_msr_load_addr), |
| FIELD64(TSC_OFFSET, tsc_offset), |
| FIELD64(VIRTUAL_APIC_PAGE_ADDR, virtual_apic_page_addr), |
| FIELD64(APIC_ACCESS_ADDR, apic_access_addr), |
| FIELD64(POSTED_INTR_DESC_ADDR, posted_intr_desc_addr), |
| FIELD64(EPT_POINTER, ept_pointer), |
| FIELD64(EOI_EXIT_BITMAP0, eoi_exit_bitmap0), |
| FIELD64(EOI_EXIT_BITMAP1, eoi_exit_bitmap1), |
| FIELD64(EOI_EXIT_BITMAP2, eoi_exit_bitmap2), |
| FIELD64(EOI_EXIT_BITMAP3, eoi_exit_bitmap3), |
| FIELD64(XSS_EXIT_BITMAP, xss_exit_bitmap), |
| FIELD64(GUEST_PHYSICAL_ADDRESS, guest_physical_address), |
| FIELD64(VMCS_LINK_POINTER, vmcs_link_pointer), |
| FIELD64(PML_ADDRESS, pml_address), |
| FIELD64(GUEST_IA32_DEBUGCTL, guest_ia32_debugctl), |
| FIELD64(GUEST_IA32_PAT, guest_ia32_pat), |
| FIELD64(GUEST_IA32_EFER, guest_ia32_efer), |
| FIELD64(GUEST_IA32_PERF_GLOBAL_CTRL, guest_ia32_perf_global_ctrl), |
| FIELD64(GUEST_PDPTR0, guest_pdptr0), |
| FIELD64(GUEST_PDPTR1, guest_pdptr1), |
| FIELD64(GUEST_PDPTR2, guest_pdptr2), |
| FIELD64(GUEST_PDPTR3, guest_pdptr3), |
| FIELD64(GUEST_BNDCFGS, guest_bndcfgs), |
| FIELD64(HOST_IA32_PAT, host_ia32_pat), |
| FIELD64(HOST_IA32_EFER, host_ia32_efer), |
| FIELD64(HOST_IA32_PERF_GLOBAL_CTRL, host_ia32_perf_global_ctrl), |
| FIELD(PIN_BASED_VM_EXEC_CONTROL, pin_based_vm_exec_control), |
| FIELD(CPU_BASED_VM_EXEC_CONTROL, cpu_based_vm_exec_control), |
| FIELD(EXCEPTION_BITMAP, exception_bitmap), |
| FIELD(PAGE_FAULT_ERROR_CODE_MASK, page_fault_error_code_mask), |
| FIELD(PAGE_FAULT_ERROR_CODE_MATCH, page_fault_error_code_match), |
| FIELD(CR3_TARGET_COUNT, cr3_target_count), |
| FIELD(VM_EXIT_CONTROLS, vm_exit_controls), |
| FIELD(VM_EXIT_MSR_STORE_COUNT, vm_exit_msr_store_count), |
| FIELD(VM_EXIT_MSR_LOAD_COUNT, vm_exit_msr_load_count), |
| FIELD(VM_ENTRY_CONTROLS, vm_entry_controls), |
| FIELD(VM_ENTRY_MSR_LOAD_COUNT, vm_entry_msr_load_count), |
| FIELD(VM_ENTRY_INTR_INFO_FIELD, vm_entry_intr_info_field), |
| FIELD(VM_ENTRY_EXCEPTION_ERROR_CODE, vm_entry_exception_error_code), |
| FIELD(VM_ENTRY_INSTRUCTION_LEN, vm_entry_instruction_len), |
| FIELD(TPR_THRESHOLD, tpr_threshold), |
| FIELD(SECONDARY_VM_EXEC_CONTROL, secondary_vm_exec_control), |
| FIELD(VM_INSTRUCTION_ERROR, vm_instruction_error), |
| FIELD(VM_EXIT_REASON, vm_exit_reason), |
| FIELD(VM_EXIT_INTR_INFO, vm_exit_intr_info), |
| FIELD(VM_EXIT_INTR_ERROR_CODE, vm_exit_intr_error_code), |
| FIELD(IDT_VECTORING_INFO_FIELD, idt_vectoring_info_field), |
| FIELD(IDT_VECTORING_ERROR_CODE, idt_vectoring_error_code), |
| FIELD(VM_EXIT_INSTRUCTION_LEN, vm_exit_instruction_len), |
| FIELD(VMX_INSTRUCTION_INFO, vmx_instruction_info), |
| FIELD(GUEST_ES_LIMIT, guest_es_limit), |
| FIELD(GUEST_CS_LIMIT, guest_cs_limit), |
| FIELD(GUEST_SS_LIMIT, guest_ss_limit), |
| FIELD(GUEST_DS_LIMIT, guest_ds_limit), |
| FIELD(GUEST_FS_LIMIT, guest_fs_limit), |
| FIELD(GUEST_GS_LIMIT, guest_gs_limit), |
| FIELD(GUEST_LDTR_LIMIT, guest_ldtr_limit), |
| FIELD(GUEST_TR_LIMIT, guest_tr_limit), |
| FIELD(GUEST_GDTR_LIMIT, guest_gdtr_limit), |
| FIELD(GUEST_IDTR_LIMIT, guest_idtr_limit), |
| FIELD(GUEST_ES_AR_BYTES, guest_es_ar_bytes), |
| FIELD(GUEST_CS_AR_BYTES, guest_cs_ar_bytes), |
| FIELD(GUEST_SS_AR_BYTES, guest_ss_ar_bytes), |
| FIELD(GUEST_DS_AR_BYTES, guest_ds_ar_bytes), |
| FIELD(GUEST_FS_AR_BYTES, guest_fs_ar_bytes), |
| FIELD(GUEST_GS_AR_BYTES, guest_gs_ar_bytes), |
| FIELD(GUEST_LDTR_AR_BYTES, guest_ldtr_ar_bytes), |
| FIELD(GUEST_TR_AR_BYTES, guest_tr_ar_bytes), |
| FIELD(GUEST_INTERRUPTIBILITY_INFO, guest_interruptibility_info), |
| FIELD(GUEST_ACTIVITY_STATE, guest_activity_state), |
| FIELD(GUEST_SYSENTER_CS, guest_sysenter_cs), |
| FIELD(HOST_IA32_SYSENTER_CS, host_ia32_sysenter_cs), |
| FIELD(VMX_PREEMPTION_TIMER_VALUE, vmx_preemption_timer_value), |
| FIELD(CR0_GUEST_HOST_MASK, cr0_guest_host_mask), |
| FIELD(CR4_GUEST_HOST_MASK, cr4_guest_host_mask), |
| FIELD(CR0_READ_SHADOW, cr0_read_shadow), |
| FIELD(CR4_READ_SHADOW, cr4_read_shadow), |
| FIELD(CR3_TARGET_VALUE0, cr3_target_value0), |
| FIELD(CR3_TARGET_VALUE1, cr3_target_value1), |
| FIELD(CR3_TARGET_VALUE2, cr3_target_value2), |
| FIELD(CR3_TARGET_VALUE3, cr3_target_value3), |
| FIELD(EXIT_QUALIFICATION, exit_qualification), |
| FIELD(GUEST_LINEAR_ADDRESS, guest_linear_address), |
| FIELD(GUEST_CR0, guest_cr0), |
| FIELD(GUEST_CR3, guest_cr3), |
| FIELD(GUEST_CR4, guest_cr4), |
| FIELD(GUEST_ES_BASE, guest_es_base), |
| FIELD(GUEST_CS_BASE, guest_cs_base), |
| FIELD(GUEST_SS_BASE, guest_ss_base), |
| FIELD(GUEST_DS_BASE, guest_ds_base), |
| FIELD(GUEST_FS_BASE, guest_fs_base), |
| FIELD(GUEST_GS_BASE, guest_gs_base), |
| FIELD(GUEST_LDTR_BASE, guest_ldtr_base), |
| FIELD(GUEST_TR_BASE, guest_tr_base), |
| FIELD(GUEST_GDTR_BASE, guest_gdtr_base), |
| FIELD(GUEST_IDTR_BASE, guest_idtr_base), |
| FIELD(GUEST_DR7, guest_dr7), |
| FIELD(GUEST_RSP, guest_rsp), |
| FIELD(GUEST_RIP, guest_rip), |
| FIELD(GUEST_RFLAGS, guest_rflags), |
| FIELD(GUEST_PENDING_DBG_EXCEPTIONS, guest_pending_dbg_exceptions), |
| FIELD(GUEST_SYSENTER_ESP, guest_sysenter_esp), |
| FIELD(GUEST_SYSENTER_EIP, guest_sysenter_eip), |
| FIELD(HOST_CR0, host_cr0), |
| FIELD(HOST_CR3, host_cr3), |
| FIELD(HOST_CR4, host_cr4), |
| FIELD(HOST_FS_BASE, host_fs_base), |
| FIELD(HOST_GS_BASE, host_gs_base), |
| FIELD(HOST_TR_BASE, host_tr_base), |
| FIELD(HOST_GDTR_BASE, host_gdtr_base), |
| FIELD(HOST_IDTR_BASE, host_idtr_base), |
| FIELD(HOST_IA32_SYSENTER_ESP, host_ia32_sysenter_esp), |
| FIELD(HOST_IA32_SYSENTER_EIP, host_ia32_sysenter_eip), |
| FIELD(HOST_RSP, host_rsp), |
| FIELD(HOST_RIP, host_rip), |
| }; |
| |
| static inline short vmcs_field_to_offset(unsigned long field) |
| { |
| BUILD_BUG_ON(ARRAY_SIZE(vmcs_field_to_offset_table) > SHRT_MAX); |
| |
| if (field >= ARRAY_SIZE(vmcs_field_to_offset_table) || |
| vmcs_field_to_offset_table[field] == 0) |
| return -ENOENT; |
| |
| return vmcs_field_to_offset_table[field]; |
| } |
| |
| static inline struct vmcs12 *get_vmcs12(struct kvm_vcpu *vcpu) |
| { |
| return to_vmx(vcpu)->nested.cached_vmcs12; |
| } |
| |
| static struct page *nested_get_page(struct kvm_vcpu *vcpu, gpa_t addr) |
| { |
| struct page *page = kvm_vcpu_gfn_to_page(vcpu, addr >> PAGE_SHIFT); |
| if (is_error_page(page)) |
| return NULL; |
| |
| return page; |
| } |
| |
| static void nested_release_page(struct page *page) |
| { |
| kvm_release_page_dirty(page); |
| } |
| |
| static void nested_release_page_clean(struct page *page) |
| { |
| kvm_release_page_clean(page); |
| } |
| |
| static unsigned long nested_ept_get_cr3(struct kvm_vcpu *vcpu); |
| static u64 construct_eptp(unsigned long root_hpa); |
| static bool vmx_xsaves_supported(void); |
| static int vmx_set_tss_addr(struct kvm *kvm, unsigned int addr); |
| static void vmx_set_segment(struct kvm_vcpu *vcpu, |
| struct kvm_segment *var, int seg); |
| static void vmx_get_segment(struct kvm_vcpu *vcpu, |
| struct kvm_segment *var, int seg); |
| static bool guest_state_valid(struct kvm_vcpu *vcpu); |
| static u32 vmx_segment_access_rights(struct kvm_segment *var); |
| static void copy_vmcs12_to_shadow(struct vcpu_vmx *vmx); |
| static void copy_shadow_to_vmcs12(struct vcpu_vmx *vmx); |
| static int alloc_identity_pagetable(struct kvm *kvm); |
| |
| static DEFINE_PER_CPU(struct vmcs *, vmxarea); |
| static DEFINE_PER_CPU(struct vmcs *, current_vmcs); |
| /* |
| * We maintain a per-CPU linked-list of VMCS loaded on that CPU. This is needed |
| * when a CPU is brought down, and we need to VMCLEAR all VMCSs loaded on it. |
| */ |
| static DEFINE_PER_CPU(struct list_head, loaded_vmcss_on_cpu); |
| |
| /* |
| * We maintian a per-CPU linked-list of vCPU, so in wakeup_handler() we |
| * can find which vCPU should be waken up. |
| */ |
| static DEFINE_PER_CPU(struct list_head, blocked_vcpu_on_cpu); |
| static DEFINE_PER_CPU(spinlock_t, blocked_vcpu_on_cpu_lock); |
| |
| enum { |
| VMX_IO_BITMAP_A, |
| VMX_IO_BITMAP_B, |
| VMX_MSR_BITMAP_LEGACY, |
| VMX_MSR_BITMAP_LONGMODE, |
| VMX_MSR_BITMAP_LEGACY_X2APIC_APICV, |
| VMX_MSR_BITMAP_LONGMODE_X2APIC_APICV, |
| VMX_MSR_BITMAP_LEGACY_X2APIC, |
| VMX_MSR_BITMAP_LONGMODE_X2APIC, |
| VMX_VMREAD_BITMAP, |
| VMX_VMWRITE_BITMAP, |
| VMX_BITMAP_NR |
| }; |
| |
| static unsigned long *vmx_bitmap[VMX_BITMAP_NR]; |
| |
| #define vmx_io_bitmap_a (vmx_bitmap[VMX_IO_BITMAP_A]) |
| #define vmx_io_bitmap_b (vmx_bitmap[VMX_IO_BITMAP_B]) |
| #define vmx_msr_bitmap_legacy (vmx_bitmap[VMX_MSR_BITMAP_LEGACY]) |
| #define vmx_msr_bitmap_longmode (vmx_bitmap[VMX_MSR_BITMAP_LONGMODE]) |
| #define vmx_msr_bitmap_legacy_x2apic_apicv (vmx_bitmap[VMX_MSR_BITMAP_LEGACY_X2APIC_APICV]) |
| #define vmx_msr_bitmap_longmode_x2apic_apicv (vmx_bitmap[VMX_MSR_BITMAP_LONGMODE_X2APIC_APICV]) |
| #define vmx_msr_bitmap_legacy_x2apic (vmx_bitmap[VMX_MSR_BITMAP_LEGACY_X2APIC]) |
| #define vmx_msr_bitmap_longmode_x2apic (vmx_bitmap[VMX_MSR_BITMAP_LONGMODE_X2APIC]) |
| #define vmx_vmread_bitmap (vmx_bitmap[VMX_VMREAD_BITMAP]) |
| #define vmx_vmwrite_bitmap (vmx_bitmap[VMX_VMWRITE_BITMAP]) |
| |
| static bool cpu_has_load_ia32_efer; |
| static bool cpu_has_load_perf_global_ctrl; |
| |
| static DECLARE_BITMAP(vmx_vpid_bitmap, VMX_NR_VPIDS); |
| static DEFINE_SPINLOCK(vmx_vpid_lock); |
| |
| static struct vmcs_config { |
| int size; |
| int order; |
| u32 basic_cap; |
| u32 revision_id; |
| u32 pin_based_exec_ctrl; |
| u32 cpu_based_exec_ctrl; |
| u32 cpu_based_2nd_exec_ctrl; |
| u32 vmexit_ctrl; |
| u32 vmentry_ctrl; |
| } vmcs_config; |
| |
| static struct vmx_capability { |
| u32 ept; |
| u32 vpid; |
| } vmx_capability; |
| |
| #define VMX_SEGMENT_FIELD(seg) \ |
| [VCPU_SREG_##seg] = { \ |
| .selector = GUEST_##seg##_SELECTOR, \ |
| .base = GUEST_##seg##_BASE, \ |
| .limit = GUEST_##seg##_LIMIT, \ |
| .ar_bytes = GUEST_##seg##_AR_BYTES, \ |
| } |
| |
| static const struct kvm_vmx_segment_field { |
| unsigned selector; |
| unsigned base; |
| unsigned limit; |
| unsigned ar_bytes; |
| } kvm_vmx_segment_fields[] = { |
| VMX_SEGMENT_FIELD(CS), |
| VMX_SEGMENT_FIELD(DS), |
| VMX_SEGMENT_FIELD(ES), |
| VMX_SEGMENT_FIELD(FS), |
| VMX_SEGMENT_FIELD(GS), |
| VMX_SEGMENT_FIELD(SS), |
| VMX_SEGMENT_FIELD(TR), |
| VMX_SEGMENT_FIELD(LDTR), |
| }; |
| |
| static u64 host_efer; |
| |
| static void ept_save_pdptrs(struct kvm_vcpu *vcpu); |
| |
| /* |
| * Keep MSR_STAR at the end, as setup_msrs() will try to optimize it |
| * away by decrementing the array size. |
| */ |
| static const u32 vmx_msr_index[] = { |
| #ifdef CONFIG_X86_64 |
| MSR_SYSCALL_MASK, MSR_LSTAR, MSR_CSTAR, |
| #endif |
| MSR_EFER, MSR_TSC_AUX, MSR_STAR, |
| }; |
| |
| static inline bool is_exception_n(u32 intr_info, u8 vector) |
| { |
| return (intr_info & (INTR_INFO_INTR_TYPE_MASK | INTR_INFO_VECTOR_MASK | |
| INTR_INFO_VALID_MASK)) == |
| (INTR_TYPE_HARD_EXCEPTION | vector | INTR_INFO_VALID_MASK); |
| } |
| |
| static inline bool is_debug(u32 intr_info) |
| { |
| return is_exception_n(intr_info, DB_VECTOR); |
| } |
| |
| static inline bool is_breakpoint(u32 intr_info) |
| { |
| return is_exception_n(intr_info, BP_VECTOR); |
| } |
| |
| static inline bool is_page_fault(u32 intr_info) |
| { |
| return is_exception_n(intr_info, PF_VECTOR); |
| } |
| |
| static inline bool is_no_device(u32 intr_info) |
| { |
| return is_exception_n(intr_info, NM_VECTOR); |
| } |
| |
| static inline bool is_invalid_opcode(u32 intr_info) |
| { |
| return is_exception_n(intr_info, UD_VECTOR); |
| } |
| |
| static inline bool is_external_interrupt(u32 intr_info) |
| { |
| return (intr_info & (INTR_INFO_INTR_TYPE_MASK | INTR_INFO_VALID_MASK)) |
| == (INTR_TYPE_EXT_INTR | INTR_INFO_VALID_MASK); |
| } |
| |
| static inline bool is_machine_check(u32 intr_info) |
| { |
| return (intr_info & (INTR_INFO_INTR_TYPE_MASK | INTR_INFO_VECTOR_MASK | |
| INTR_INFO_VALID_MASK)) == |
| (INTR_TYPE_HARD_EXCEPTION | MC_VECTOR | INTR_INFO_VALID_MASK); |
| } |
| |
| static inline bool cpu_has_vmx_msr_bitmap(void) |
| { |
| return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS; |
| } |
| |
| static inline bool cpu_has_vmx_tpr_shadow(void) |
| { |
| return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW; |
| } |
| |
| static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu) |
| { |
| return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu); |
| } |
| |
| static inline bool cpu_has_secondary_exec_ctrls(void) |
| { |
| return vmcs_config.cpu_based_exec_ctrl & |
| CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; |
| } |
| |
| static inline bool cpu_has_vmx_virtualize_apic_accesses(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; |
| } |
| |
| static inline bool cpu_has_vmx_virtualize_x2apic_mode(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; |
| } |
| |
| static inline bool cpu_has_vmx_apic_register_virt(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_APIC_REGISTER_VIRT; |
| } |
| |
| static inline bool cpu_has_vmx_virtual_intr_delivery(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; |
| } |
| |
| /* |
| * Comment's format: document - errata name - stepping - processor name. |
| * Refer from |
| * https://www.virtualbox.org/svn/vbox/trunk/src/VBox/VMM/VMMR0/HMR0.cpp |
| */ |
| static u32 vmx_preemption_cpu_tfms[] = { |
| /* 323344.pdf - BA86 - D0 - Xeon 7500 Series */ |
| 0x000206E6, |
| /* 323056.pdf - AAX65 - C2 - Xeon L3406 */ |
| /* 322814.pdf - AAT59 - C2 - i7-600, i5-500, i5-400 and i3-300 Mobile */ |
| /* 322911.pdf - AAU65 - C2 - i5-600, i3-500 Desktop and Pentium G6950 */ |
| 0x00020652, |
| /* 322911.pdf - AAU65 - K0 - i5-600, i3-500 Desktop and Pentium G6950 */ |
| 0x00020655, |
| /* 322373.pdf - AAO95 - B1 - Xeon 3400 Series */ |
| /* 322166.pdf - AAN92 - B1 - i7-800 and i5-700 Desktop */ |
| /* |
| * 320767.pdf - AAP86 - B1 - |
| * i7-900 Mobile Extreme, i7-800 and i7-700 Mobile |
| */ |
| 0x000106E5, |
| /* 321333.pdf - AAM126 - C0 - Xeon 3500 */ |
| 0x000106A0, |
| /* 321333.pdf - AAM126 - C1 - Xeon 3500 */ |
| 0x000106A1, |
| /* 320836.pdf - AAJ124 - C0 - i7-900 Desktop Extreme and i7-900 Desktop */ |
| 0x000106A4, |
| /* 321333.pdf - AAM126 - D0 - Xeon 3500 */ |
| /* 321324.pdf - AAK139 - D0 - Xeon 5500 */ |
| /* 320836.pdf - AAJ124 - D0 - i7-900 Extreme and i7-900 Desktop */ |
| 0x000106A5, |
| }; |
| |
| static inline bool cpu_has_broken_vmx_preemption_timer(void) |
| { |
| u32 eax = cpuid_eax(0x00000001), i; |
| |
| /* Clear the reserved bits */ |
| eax &= ~(0x3U << 14 | 0xfU << 28); |
| for (i = 0; i < ARRAY_SIZE(vmx_preemption_cpu_tfms); i++) |
| if (eax == vmx_preemption_cpu_tfms[i]) |
| return true; |
| |
| return false; |
| } |
| |
| static inline bool cpu_has_vmx_preemption_timer(void) |
| { |
| return vmcs_config.pin_based_exec_ctrl & |
| PIN_BASED_VMX_PREEMPTION_TIMER; |
| } |
| |
| static inline bool cpu_has_vmx_posted_intr(void) |
| { |
| return IS_ENABLED(CONFIG_X86_LOCAL_APIC) && |
| vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR; |
| } |
| |
| static inline bool cpu_has_vmx_apicv(void) |
| { |
| return cpu_has_vmx_apic_register_virt() && |
| cpu_has_vmx_virtual_intr_delivery() && |
| cpu_has_vmx_posted_intr(); |
| } |
| |
| static inline bool cpu_has_vmx_flexpriority(void) |
| { |
| return cpu_has_vmx_tpr_shadow() && |
| cpu_has_vmx_virtualize_apic_accesses(); |
| } |
| |
| static inline bool cpu_has_vmx_ept_execute_only(void) |
| { |
| return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_ept_2m_page(void) |
| { |
| return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_ept_1g_page(void) |
| { |
| return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_ept_4levels(void) |
| { |
| return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_ept_ad_bits(void) |
| { |
| return vmx_capability.ept & VMX_EPT_AD_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_invept_context(void) |
| { |
| return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_invept_global(void) |
| { |
| return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_invvpid_single(void) |
| { |
| return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_invvpid_global(void) |
| { |
| return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_invvpid(void) |
| { |
| return vmx_capability.vpid & VMX_VPID_INVVPID_BIT; |
| } |
| |
| static inline bool cpu_has_vmx_ept(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_ENABLE_EPT; |
| } |
| |
| static inline bool cpu_has_vmx_unrestricted_guest(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_UNRESTRICTED_GUEST; |
| } |
| |
| static inline bool cpu_has_vmx_ple(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_PAUSE_LOOP_EXITING; |
| } |
| |
| static inline bool cpu_has_vmx_basic_inout(void) |
| { |
| return (((u64)vmcs_config.basic_cap << 32) & VMX_BASIC_INOUT); |
| } |
| |
| static inline bool cpu_need_virtualize_apic_accesses(struct kvm_vcpu *vcpu) |
| { |
| return flexpriority_enabled && lapic_in_kernel(vcpu); |
| } |
| |
| static inline bool cpu_has_vmx_vpid(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_ENABLE_VPID; |
| } |
| |
| static inline bool cpu_has_vmx_rdtscp(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_RDTSCP; |
| } |
| |
| static inline bool cpu_has_vmx_invpcid(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_ENABLE_INVPCID; |
| } |
| |
| static inline bool cpu_has_vmx_wbinvd_exit(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_WBINVD_EXITING; |
| } |
| |
| static inline bool cpu_has_vmx_shadow_vmcs(void) |
| { |
| u64 vmx_msr; |
| rdmsrl(MSR_IA32_VMX_MISC, vmx_msr); |
| /* check if the cpu supports writing r/o exit information fields */ |
| if (!(vmx_msr & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS)) |
| return false; |
| |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_SHADOW_VMCS; |
| } |
| |
| static inline bool cpu_has_vmx_pml(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML; |
| } |
| |
| static inline bool cpu_has_vmx_tsc_scaling(void) |
| { |
| return vmcs_config.cpu_based_2nd_exec_ctrl & |
| SECONDARY_EXEC_TSC_SCALING; |
| } |
| |
| static inline bool report_flexpriority(void) |
| { |
| return flexpriority_enabled; |
| } |
| |
| static inline unsigned nested_cpu_vmx_misc_cr3_count(struct kvm_vcpu *vcpu) |
| { |
| return vmx_misc_cr3_count(to_vmx(vcpu)->nested.nested_vmx_misc_low); |
| } |
| |
| static inline bool nested_cpu_has(struct vmcs12 *vmcs12, u32 bit) |
| { |
| return vmcs12->cpu_based_vm_exec_control & bit; |
| } |
| |
| static inline bool nested_cpu_has2(struct vmcs12 *vmcs12, u32 bit) |
| { |
| return (vmcs12->cpu_based_vm_exec_control & |
| CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && |
| (vmcs12->secondary_vm_exec_control & bit); |
| } |
| |
| static inline bool nested_cpu_has_virtual_nmis(struct vmcs12 *vmcs12) |
| { |
| return vmcs12->pin_based_vm_exec_control & PIN_BASED_VIRTUAL_NMIS; |
| } |
| |
| static inline bool nested_cpu_has_preemption_timer(struct vmcs12 *vmcs12) |
| { |
| return vmcs12->pin_based_vm_exec_control & |
| PIN_BASED_VMX_PREEMPTION_TIMER; |
| } |
| |
| static inline int nested_cpu_has_ept(struct vmcs12 *vmcs12) |
| { |
| return nested_cpu_has2(vmcs12, SECONDARY_EXEC_ENABLE_EPT); |
| } |
| |
| static inline bool nested_cpu_has_xsaves(struct vmcs12 *vmcs12) |
| { |
| return nested_cpu_has2(vmcs12, SECONDARY_EXEC_XSAVES) && |
| vmx_xsaves_supported(); |
| } |
| |
| static inline bool nested_cpu_has_pml(struct vmcs12 *vmcs12) |
| { |
| return nested_cpu_has2(vmcs12, SECONDARY_EXEC_ENABLE_PML); |
| } |
| |
| static inline bool nested_cpu_has_virt_x2apic_mode(struct vmcs12 *vmcs12) |
| { |
| return nested_cpu_has2(vmcs12, SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE); |
| } |
| |
| static inline bool nested_cpu_has_vpid(struct vmcs12 *vmcs12) |
| { |
| return nested_cpu_has2(vmcs12, SECONDARY_EXEC_ENABLE_VPID); |
| } |
| |
| static inline bool nested_cpu_has_apic_reg_virt(struct vmcs12 *vmcs12) |
| { |
| return nested_cpu_has2(vmcs12, SECONDARY_EXEC_APIC_REGISTER_VIRT); |
| } |
| |
| static inline bool nested_cpu_has_vid(struct vmcs12 *vmcs12) |
| { |
| return nested_cpu_has2(vmcs12, SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY); |
| } |
| |
| static inline bool nested_cpu_has_posted_intr(struct vmcs12 *vmcs12) |
| { |
| return vmcs12->pin_based_vm_exec_control & PIN_BASED_POSTED_INTR; |
| } |
| |
| static inline bool is_nmi(u32 intr_info) |
| { |
| return (intr_info & (INTR_INFO_INTR_TYPE_MASK | INTR_INFO_VALID_MASK)) |
| == (INTR_TYPE_NMI_INTR | INTR_INFO_VALID_MASK); |
| } |
| |
| static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 exit_reason, |
| u32 exit_intr_info, |
| unsigned long exit_qualification); |
| static void nested_vmx_entry_failure(struct kvm_vcpu *vcpu, |
| struct vmcs12 *vmcs12, |
| u32 reason, unsigned long qualification); |
| |
| static int __find_msr_index(struct vcpu_vmx *vmx, u32 msr) |
| { |
| int i; |
| |
| for (i = 0; i < vmx->nmsrs; ++i) |
| if (vmx_msr_index[vmx->guest_msrs[i].index] == msr) |
| return i; |
| return -1; |
| } |
| |
| static inline void __invvpid(int ext, u16 vpid, gva_t gva) |
| { |
| struct { |
| u64 vpid : 16; |
| u64 rsvd : 48; |
| u64 gva; |
| } operand = { vpid, 0, gva }; |
| |
| asm volatile (__ex(ASM_VMX_INVVPID) |
| /* CF==1 or ZF==1 --> rc = -1 */ |
| "; ja 1f ; ud2 ; 1:" |
| : : "a"(&operand), "c"(ext) : "cc", "memory"); |
| } |
| |
| static inline void __invept(int ext, u64 eptp, gpa_t gpa) |
| { |
| struct { |
| u64 eptp, gpa; |
| } operand = {eptp, gpa}; |
| |
| asm volatile (__ex(ASM_VMX_INVEPT) |
| /* CF==1 or ZF==1 --> rc = -1 */ |
| "; ja 1f ; ud2 ; 1:\n" |
| : : "a" (&operand), "c" (ext) : "cc", "memory"); |
| } |
| |
| static struct shared_msr_entry *find_msr_entry(struct vcpu_vmx *vmx, u32 msr) |
| { |
| int i; |
| |
| i = __find_msr_index(vmx, msr); |
| if (i >= 0) |
| return &vmx->guest_msrs[i]; |
| return NULL; |
| } |
| |
| static void vmcs_clear(struct vmcs *vmcs) |
| { |
| u64 phys_addr = __pa(vmcs); |
| u8 error; |
| |
| asm volatile (__ex(ASM_VMX_VMCLEAR_RAX) "; setna %0" |
| : "=qm"(error) : "a"(&phys_addr), "m"(phys_addr) |
| : "cc", "memory"); |
| if (error) |
| printk(KERN_ERR "kvm: vmclear fail: %p/%llx\n", |
| vmcs, phys_addr); |
| } |
| |
| static inline void loaded_vmcs_init(struct loaded_vmcs *loaded_vmcs) |
| { |
| vmcs_clear(loaded_vmcs->vmcs); |
| if (loaded_vmcs->shadow_vmcs && loaded_vmcs->launched) |
| vmcs_clear(loaded_vmcs->shadow_vmcs); |
| loaded_vmcs->cpu = -1; |
| loaded_vmcs->launched = 0; |
| } |
| |
| static void vmcs_load(struct vmcs *vmcs) |
| { |
| u64 phys_addr = __pa(vmcs); |
| u8 error; |
| |
| asm volatile (__ex(ASM_VMX_VMPTRLD_RAX) "; setna %0" |
| : "=qm"(error) : "a"(&phys_addr), "m"(phys_addr) |
| : "cc", "memory"); |
| if (error) |
| printk(KERN_ERR "kvm: vmptrld %p/%llx failed\n", |
| vmcs, phys_addr); |
| } |
| |
| #ifdef CONFIG_KEXEC_CORE |
| /* |
| * This bitmap is used to indicate whether the vmclear |
| * operation is enabled on all cpus. All disabled by |
| * default. |
| */ |
| static cpumask_t crash_vmclear_enabled_bitmap = CPU_MASK_NONE; |
| |
| static inline void crash_enable_local_vmclear(int cpu) |
| { |
| cpumask_set_cpu(cpu, &crash_vmclear_enabled_bitmap); |
| } |
| |
| static inline void crash_disable_local_vmclear(int cpu) |
| { |
| cpumask_clear_cpu(cpu, &crash_vmclear_enabled_bitmap); |
| } |
| |
| static inline int crash_local_vmclear_enabled(int cpu) |
| { |
| return cpumask_test_cpu(cpu, &crash_vmclear_enabled_bitmap); |
| } |
| |
| static void crash_vmclear_local_loaded_vmcss(void) |
| { |
| int cpu = raw_smp_processor_id(); |
| struct loaded_vmcs *v; |
| |
| if (!crash_local_vmclear_enabled(cpu)) |
| return; |
| |
| list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), |
| loaded_vmcss_on_cpu_link) |
| vmcs_clear(v->vmcs); |
| } |
| #else |
| static inline void crash_enable_local_vmclear(int cpu) { } |
| static inline void crash_disable_local_vmclear(int cpu) { } |
| #endif /* CONFIG_KEXEC_CORE */ |
| |
| static void __loaded_vmcs_clear(void *arg) |
| { |
| struct loaded_vmcs *loaded_vmcs = arg; |
| int cpu = raw_smp_processor_id(); |
| |
| if (loaded_vmcs->cpu != cpu) |
| return; /* vcpu migration can race with cpu offline */ |
| if (per_cpu(current_vmcs, cpu) == loaded_vmcs->vmcs) |
| per_cpu(current_vmcs, cpu) = NULL; |
| crash_disable_local_vmclear(cpu); |
| list_del(&loaded_vmcs->loaded_vmcss_on_cpu_link); |
| |
| /* |
| * we should ensure updating loaded_vmcs->loaded_vmcss_on_cpu_link |
| * is before setting loaded_vmcs->vcpu to -1 which is done in |
| * loaded_vmcs_init. Otherwise, other cpu can see vcpu = -1 fist |
| * then adds the vmcs into percpu list before it is deleted. |
| */ |
| smp_wmb(); |
| |
| loaded_vmcs_init(loaded_vmcs); |
| crash_enable_local_vmclear(cpu); |
| } |
| |
| static void loaded_vmcs_clear(struct loaded_vmcs *loaded_vmcs) |
| { |
| int cpu = loaded_vmcs->cpu; |
| |
| if (cpu != -1) |
| smp_call_function_single(cpu, |
| __loaded_vmcs_clear, loaded_vmcs, 1); |
| } |
| |
| static inline void vpid_sync_vcpu_single(int vpid) |
| { |
| if (vpid == 0) |
| return; |
| |
| if (cpu_has_vmx_invvpid_single()) |
| __invvpid(VMX_VPID_EXTENT_SINGLE_CONTEXT, vpid, 0); |
| } |
| |
| static inline void vpid_sync_vcpu_global(void) |
| { |
| if (cpu_has_vmx_invvpid_global()) |
| __invvpid(VMX_VPID_EXTENT_ALL_CONTEXT, 0, 0); |
| } |
| |
| static inline void vpid_sync_context(int vpid) |
| { |
| if (cpu_has_vmx_invvpid_single()) |
| vpid_sync_vcpu_single(vpid); |
| else |
| vpid_sync_vcpu_global(); |
| } |
| |
| static inline void ept_sync_global(void) |
| { |
| if (cpu_has_vmx_invept_global()) |
| __invept(VMX_EPT_EXTENT_GLOBAL, 0, 0); |
| } |
| |
| static inline void ept_sync_context(u64 eptp) |
| { |
| if (enable_ept) { |
| if (cpu_has_vmx_invept_context()) |
| __invept(VMX_EPT_EXTENT_CONTEXT, eptp, 0); |
| else |
| ept_sync_global(); |
| } |
| } |
| |
| static __always_inline void vmcs_check16(unsigned long field) |
| { |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2000, |
| "16-bit accessor invalid for 64-bit field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2001, |
| "16-bit accessor invalid for 64-bit high field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x4000, |
| "16-bit accessor invalid for 32-bit high field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x6000, |
| "16-bit accessor invalid for natural width field"); |
| } |
| |
| static __always_inline void vmcs_check32(unsigned long field) |
| { |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0, |
| "32-bit accessor invalid for 16-bit field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x6000, |
| "32-bit accessor invalid for natural width field"); |
| } |
| |
| static __always_inline void vmcs_check64(unsigned long field) |
| { |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0, |
| "64-bit accessor invalid for 16-bit field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2001, |
| "64-bit accessor invalid for 64-bit high field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x4000, |
| "64-bit accessor invalid for 32-bit field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x6000, |
| "64-bit accessor invalid for natural width field"); |
| } |
| |
| static __always_inline void vmcs_checkl(unsigned long field) |
| { |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0, |
| "Natural width accessor invalid for 16-bit field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2000, |
| "Natural width accessor invalid for 64-bit field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6001) == 0x2001, |
| "Natural width accessor invalid for 64-bit high field"); |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x4000, |
| "Natural width accessor invalid for 32-bit field"); |
| } |
| |
| static __always_inline unsigned long __vmcs_readl(unsigned long field) |
| { |
| unsigned long value; |
| |
| asm volatile (__ex_clear(ASM_VMX_VMREAD_RDX_RAX, "%0") |
| : "=a"(value) : "d"(field) : "cc"); |
| return value; |
| } |
| |
| static __always_inline u16 vmcs_read16(unsigned long field) |
| { |
| vmcs_check16(field); |
| return __vmcs_readl(field); |
| } |
| |
| static __always_inline u32 vmcs_read32(unsigned long field) |
| { |
| vmcs_check32(field); |
| return __vmcs_readl(field); |
| } |
| |
| static __always_inline u64 vmcs_read64(unsigned long field) |
| { |
| vmcs_check64(field); |
| #ifdef CONFIG_X86_64 |
| return __vmcs_readl(field); |
| #else |
| return __vmcs_readl(field) | ((u64)__vmcs_readl(field+1) << 32); |
| #endif |
| } |
| |
| static __always_inline unsigned long vmcs_readl(unsigned long field) |
| { |
| vmcs_checkl(field); |
| return __vmcs_readl(field); |
| } |
| |
| static noinline void vmwrite_error(unsigned long field, unsigned long value) |
| { |
| printk(KERN_ERR "vmwrite error: reg %lx value %lx (err %d)\n", |
| field, value, vmcs_read32(VM_INSTRUCTION_ERROR)); |
| dump_stack(); |
| } |
| |
| static __always_inline void __vmcs_writel(unsigned long field, unsigned long value) |
| { |
| u8 error; |
| |
| asm volatile (__ex(ASM_VMX_VMWRITE_RAX_RDX) "; setna %0" |
| : "=q"(error) : "a"(value), "d"(field) : "cc"); |
| if (unlikely(error)) |
| vmwrite_error(field, value); |
| } |
| |
| static __always_inline void vmcs_write16(unsigned long field, u16 value) |
| { |
| vmcs_check16(field); |
| __vmcs_writel(field, value); |
| } |
| |
| static __always_inline void vmcs_write32(unsigned long field, u32 value) |
| { |
| vmcs_check32(field); |
| __vmcs_writel(field, value); |
| } |
| |
| static __always_inline void vmcs_write64(unsigned long field, u64 value) |
| { |
| vmcs_check64(field); |
| __vmcs_writel(field, value); |
| #ifndef CONFIG_X86_64 |
| asm volatile (""); |
| __vmcs_writel(field+1, value >> 32); |
| #endif |
| } |
| |
| static __always_inline void vmcs_writel(unsigned long field, unsigned long value) |
| { |
| vmcs_checkl(field); |
| __vmcs_writel(field, value); |
| } |
| |
| static __always_inline void vmcs_clear_bits(unsigned long field, u32 mask) |
| { |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x2000, |
| "vmcs_clear_bits does not support 64-bit fields"); |
| __vmcs_writel(field, __vmcs_readl(field) & ~mask); |
| } |
| |
| static __always_inline void vmcs_set_bits(unsigned long field, u32 mask) |
| { |
| BUILD_BUG_ON_MSG(__builtin_constant_p(field) && ((field) & 0x6000) == 0x2000, |
| "vmcs_set_bits does not support 64-bit fields"); |
| __vmcs_writel(field, __vmcs_readl(field) | mask); |
| } |
| |
| static inline void vm_entry_controls_reset_shadow(struct vcpu_vmx *vmx) |
| { |
| vmx->vm_entry_controls_shadow = vmcs_read32(VM_ENTRY_CONTROLS); |
| } |
| |
| static inline void vm_entry_controls_init(struct vcpu_vmx *vmx, u32 val) |
| { |
| vmcs_write32(VM_ENTRY_CONTROLS, val); |
| vmx->vm_entry_controls_shadow = val; |
| } |
| |
| static inline void vm_entry_controls_set(struct vcpu_vmx *vmx, u32 val) |
| { |
| if (vmx->vm_entry_controls_shadow != val) |
| vm_entry_controls_init(vmx, val); |
| } |
| |
| static inline u32 vm_entry_controls_get(struct vcpu_vmx *vmx) |
| { |
| return vmx->vm_entry_controls_shadow; |
| } |
| |
| |
| static inline void vm_entry_controls_setbit(struct vcpu_vmx *vmx, u32 val) |
| { |
| vm_entry_controls_set(vmx, vm_entry_controls_get(vmx) | val); |
| } |
| |
| static inline void vm_entry_controls_clearbit(struct vcpu_vmx *vmx, u32 val) |
| { |
| vm_entry_controls_set(vmx, vm_entry_controls_get(vmx) & ~val); |
| } |
| |
| static inline void vm_exit_controls_reset_shadow(struct vcpu_vmx *vmx) |
| { |
| vmx->vm_exit_controls_shadow = vmcs_read32(VM_EXIT_CONTROLS); |
| } |
| |
| static inline void vm_exit_controls_init(struct vcpu_vmx *vmx, u32 val) |
| { |
| vmcs_write32(VM_EXIT_CONTROLS, val); |
| vmx->vm_exit_controls_shadow = val; |
| } |
| |
| static inline void vm_exit_controls_set(struct vcpu_vmx *vmx, u32 val) |
| { |
| if (vmx->vm_exit_controls_shadow != val) |
| vm_exit_controls_init(vmx, val); |
| } |
| |
| static inline u32 vm_exit_controls_get(struct vcpu_vmx *vmx) |
| { |
| return vmx->vm_exit_controls_shadow; |
| } |
| |
| |
| static inline void vm_exit_controls_setbit(struct vcpu_vmx *vmx, u32 val) |
| { |
| vm_exit_controls_set(vmx, vm_exit_controls_get(vmx) | val); |
| } |
| |
| static inline void vm_exit_controls_clearbit(struct vcpu_vmx *vmx, u32 val) |
| { |
| vm_exit_controls_set(vmx, vm_exit_controls_get(vmx) & ~val); |
| } |
| |
| static void vmx_segment_cache_clear(struct vcpu_vmx *vmx) |
| { |
| vmx->segment_cache.bitmask = 0; |
| } |
| |
| static bool vmx_segment_cache_test_set(struct vcpu_vmx *vmx, unsigned seg, |
| unsigned field) |
| { |
| bool ret; |
| u32 mask = 1 << (seg * SEG_FIELD_NR + field); |
| |
| if (!(vmx->vcpu.arch.regs_avail & (1 << VCPU_EXREG_SEGMENTS))) { |
| vmx->vcpu.arch.regs_avail |= (1 << VCPU_EXREG_SEGMENTS); |
| vmx->segment_cache.bitmask = 0; |
| } |
| ret = vmx->segment_cache.bitmask & mask; |
| vmx->segment_cache.bitmask |= mask; |
| return ret; |
| } |
| |
| static u16 vmx_read_guest_seg_selector(struct vcpu_vmx *vmx, unsigned seg) |
| { |
| u16 *p = &vmx->segment_cache.seg[seg].selector; |
| |
| if (!vmx_segment_cache_test_set(vmx, seg, SEG_FIELD_SEL)) |
| *p = vmcs_read16(kvm_vmx_segment_fields[seg].selector); |
| return *p; |
| } |
| |
| static ulong vmx_read_guest_seg_base(struct vcpu_vmx *vmx, unsigned seg) |
| { |
| ulong *p = &vmx->segment_cache.seg[seg].base; |
| |
| if (!vmx_segment_cache_test_set(vmx, seg, SEG_FIELD_BASE)) |
| *p = vmcs_readl(kvm_vmx_segment_fields[seg].base); |
| return *p; |
| } |
| |
| static u32 vmx_read_guest_seg_limit(struct vcpu_vmx *vmx, unsigned seg) |
| { |
| u32 *p = &vmx->segment_cache.seg[seg].limit; |
| |
| if (!vmx_segment_cache_test_set(vmx, seg, SEG_FIELD_LIMIT)) |
| *p = vmcs_read32(kvm_vmx_segment_fields[seg].limit); |
| return *p; |
| } |
| |
| static u32 vmx_read_guest_seg_ar(struct vcpu_vmx *vmx, unsigned seg) |
| { |
| u32 *p = &vmx->segment_cache.seg[seg].ar; |
| |
| if (!vmx_segment_cache_test_set(vmx, seg, SEG_FIELD_AR)) |
| *p = vmcs_read32(kvm_vmx_segment_fields[seg].ar_bytes); |
| return *p; |
| } |
| |
| static void update_exception_bitmap(struct kvm_vcpu *vcpu) |
| { |
| u32 eb; |
| |
| eb = (1u << PF_VECTOR) | (1u << UD_VECTOR) | (1u << MC_VECTOR) | |
| (1u << DB_VECTOR) | (1u << AC_VECTOR); |
| if ((vcpu->guest_debug & |
| (KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_SW_BP)) == |
| (KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_SW_BP)) |
| eb |= 1u << BP_VECTOR; |
| if (to_vmx(vcpu)->rmode.vm86_active) |
| eb = ~0; |
| if (enable_ept) |
| eb &= ~(1u << PF_VECTOR); /* bypass_guest_pf = 0 */ |
| |
| /* When we are running a nested L2 guest and L1 specified for it a |
| * certain exception bitmap, we must trap the same exceptions and pass |
| * them to L1. When running L2, we will only handle the exceptions |
| * specified above if L1 did not want them. |
| */ |
| if (is_guest_mode(vcpu)) |
| eb |= get_vmcs12(vcpu)->exception_bitmap; |
| |
| vmcs_write32(EXCEPTION_BITMAP, eb); |
| } |
| |
| static void clear_atomic_switch_msr_special(struct vcpu_vmx *vmx, |
| unsigned long entry, unsigned long exit) |
| { |
| vm_entry_controls_clearbit(vmx, entry); |
| vm_exit_controls_clearbit(vmx, exit); |
| } |
| |
| static void clear_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr) |
| { |
| unsigned i; |
| struct msr_autoload *m = &vmx->msr_autoload; |
| |
| switch (msr) { |
| case MSR_EFER: |
| if (cpu_has_load_ia32_efer) { |
| clear_atomic_switch_msr_special(vmx, |
| VM_ENTRY_LOAD_IA32_EFER, |
| VM_EXIT_LOAD_IA32_EFER); |
| return; |
| } |
| break; |
| case MSR_CORE_PERF_GLOBAL_CTRL: |
| if (cpu_has_load_perf_global_ctrl) { |
| clear_atomic_switch_msr_special(vmx, |
| VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL, |
| VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL); |
| return; |
| } |
| break; |
| } |
| |
| for (i = 0; i < m->nr; ++i) |
| if (m->guest[i].index == msr) |
| break; |
| |
| if (i == m->nr) |
| return; |
| --m->nr; |
| m->guest[i] = m->guest[m->nr]; |
| m->host[i] = m->host[m->nr]; |
| vmcs_write32(VM_ENTRY_MSR_LOAD_COUNT, m->nr); |
| vmcs_write32(VM_EXIT_MSR_LOAD_COUNT, m->nr); |
| } |
| |
| static void add_atomic_switch_msr_special(struct vcpu_vmx *vmx, |
| unsigned long entry, unsigned long exit, |
| unsigned long guest_val_vmcs, unsigned long host_val_vmcs, |
| u64 guest_val, u64 host_val) |
| { |
| vmcs_write64(guest_val_vmcs, guest_val); |
| vmcs_write64(host_val_vmcs, host_val); |
| vm_entry_controls_setbit(vmx, entry); |
| vm_exit_controls_setbit(vmx, exit); |
| } |
| |
| static void add_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr, |
| u64 guest_val, u64 host_val) |
| { |
| unsigned i; |
| struct msr_autoload *m = &vmx->msr_autoload; |
| |
| switch (msr) { |
| case MSR_EFER: |
| if (cpu_has_load_ia32_efer) { |
| add_atomic_switch_msr_special(vmx, |
| VM_ENTRY_LOAD_IA32_EFER, |
| VM_EXIT_LOAD_IA32_EFER, |
| GUEST_IA32_EFER, |
| HOST_IA32_EFER, |
| guest_val, host_val); |
| return; |
| } |
| break; |
| case MSR_CORE_PERF_GLOBAL_CTRL: |
| if (cpu_has_load_perf_global_ctrl) { |
| add_atomic_switch_msr_special(vmx, |
| VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL, |
| VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL, |
| GUEST_IA32_PERF_GLOBAL_CTRL, |
| HOST_IA32_PERF_GLOBAL_CTRL, |
| guest_val, host_val); |
| return; |
| } |
| break; |
| case MSR_IA32_PEBS_ENABLE: |
| /* PEBS needs a quiescent period after being disabled (to write |
| * a record). Disabling PEBS through VMX MSR swapping doesn't |
| * provide that period, so a CPU could write host's record into |
| * guest's memory. |
| */ |
| wrmsrl(MSR_IA32_PEBS_ENABLE, 0); |
| } |
| |
| for (i = 0; i < m->nr; ++i) |
| if (m->guest[i].index == msr) |
| break; |
| |
| if (i == NR_AUTOLOAD_MSRS) { |
| printk_once(KERN_WARNING "Not enough msr switch entries. " |
| "Can't add msr %x\n", msr); |
| return; |
| } else if (i == m->nr) { |
| ++m->nr; |
| vmcs_write32(VM_ENTRY_MSR_LOAD_COUNT, m->nr); |
| vmcs_write32(VM_EXIT_MSR_LOAD_COUNT, m->nr); |
| } |
| |
| m->guest[i].index = msr; |
| m->guest[i].value = guest_val; |
| m->host[i].index = msr; |
| m->host[i].value = host_val; |
| } |
| |
| static bool update_transition_efer(struct vcpu_vmx *vmx, int efer_offset) |
| { |
| u64 guest_efer = vmx->vcpu.arch.efer; |
| u64 ignore_bits = 0; |
| |
| if (!enable_ept) { |
| /* |
| * NX is needed to handle CR0.WP=1, CR4.SMEP=1. Testing |
| * host CPUID is more efficient than testing guest CPUID |
| * or CR4. Host SMEP is anyway a requirement for guest SMEP. |
| */ |
| if (boot_cpu_has(X86_FEATURE_SMEP)) |
| guest_efer |= EFER_NX; |
| else if (!(guest_efer & EFER_NX)) |
| ignore_bits |= EFER_NX; |
| } |
| |
| /* |
| * LMA and LME handled by hardware; SCE meaningless outside long mode. |
| */ |
| ignore_bits |= EFER_SCE; |
| #ifdef CONFIG_X86_64 |
| ignore_bits |= EFER_LMA | EFER_LME; |
| /* SCE is meaningful only in long mode on Intel */ |
| if (guest_efer & EFER_LMA) |
| ignore_bits &= ~(u64)EFER_SCE; |
| #endif |
| |
| clear_atomic_switch_msr(vmx, MSR_EFER); |
| |
| /* |
| * On EPT, we can't emulate NX, so we must switch EFER atomically. |
| * On CPUs that support "load IA32_EFER", always switch EFER |
| * atomically, since it's faster than switching it manually. |
| */ |
| if (cpu_has_load_ia32_efer || |
| (enable_ept && ((vmx->vcpu.arch.efer ^ host_efer) & EFER_NX))) { |
| if (!(guest_efer & EFER_LMA)) |
| guest_efer &= ~EFER_LME; |
| if (guest_efer != host_efer) |
| add_atomic_switch_msr(vmx, MSR_EFER, |
| guest_efer, host_efer); |
| return false; |
| } else { |
| guest_efer &= ~ignore_bits; |
| guest_efer |= host_efer & ignore_bits; |
| |
| vmx->guest_msrs[efer_offset].data = guest_efer; |
| vmx->guest_msrs[efer_offset].mask = ~ignore_bits; |
| |
| return true; |
| } |
| } |
| |
| #ifdef CONFIG_X86_32 |
| /* |
| * On 32-bit kernels, VM exits still load the FS and GS bases from the |
| * VMCS rather than the segment table. KVM uses this helper to figure |
| * out the current bases to poke them into the VMCS before entry. |
| */ |
| static unsigned long segment_base(u16 selector) |
| { |
| struct desc_struct *table; |
| unsigned long v; |
| |
| if (!(selector & ~SEGMENT_RPL_MASK)) |
| return 0; |
| |
| table = get_current_gdt_ro(); |
| |
| if ((selector & SEGMENT_TI_MASK) == SEGMENT_LDT) { |
| u16 ldt_selector = kvm_read_ldt(); |
| |
| if (!(ldt_selector & ~SEGMENT_RPL_MASK)) |
| return 0; |
| |
| table = (struct desc_struct *)segment_base(ldt_selector); |
| } |
| v = get_desc_base(&table[selector >> 3]); |
| return v; |
| } |
| #endif |
| |
| static void vmx_save_host_state(struct kvm_vcpu *vcpu) |
| { |
| struct vcpu_vmx *vmx = to_vmx(vcpu); |
| int i; |
| |
| if (vmx->host_state.loaded) |
| return; |
| |
| vmx->host_state.loaded = 1; |
| /* |
| * Set host fs and gs selectors. Unfortunately, 22.2.3 does not |
| * allow segment selectors with cpl > 0 or ti == 1. |
| */ |
| vmx->host_state.ldt_sel = kvm_read_ldt(); |
| vmx->host_state.gs_ldt_reload_needed = vmx->host_state.ldt_sel; |
| savesegment(fs, vmx->host_state.fs_sel); |
| if (!(vmx->host_state.fs_sel & 7)) { |
| vmcs_write16(HOST_FS_SELECTOR, vmx->host_state.fs_sel); |
| vmx->host_state.fs_reload_needed = 0; |
| } else { |
| vmcs_write16(HOST_FS_SELECTOR, 0); |
| vmx->host_state.fs_reload_needed = 1; |
| } |
| savesegment(gs, vmx->host_state.gs_sel); |
| if (!(vmx->host_state.gs_sel & 7)) |
| vmcs_write16(HOST_GS_SELECTOR, vmx->host_state.gs_sel); |
| else { |
| vmcs_write16(HOST_GS_SELECTOR, 0); |
| vmx->host_state.gs_ldt_reload_needed = 1; |
| } |
| |
| #ifdef CONFIG_X86_64 |
| savesegment(ds, vmx->host_state.ds_sel); |
| savesegment(es, vmx->host_state.es_sel); |
| #endif |
| |
| #ifdef CONFIG_X86_64 |
| vmcs_writel(HOST_FS_BASE, read_msr(MSR_FS_BASE)); |
| vmcs_writel(HOST_GS_BASE, read_msr(MSR_GS_BASE)); |
| #else |
| vmcs_writel(HOST_FS_BASE, segment_base(vmx->host_state.fs_sel)); |
| vmcs_writel(HOST_GS_BASE, segment_base(vmx->host_state.gs_sel)); |
| #endif |
| |
| #ifdef CONFIG_X86_64 |
| rdmsrl(MSR_KERNEL_GS_BASE, vmx->msr_host_kernel_gs_base); |
| if (is_long_mode(&vmx->vcpu)) |
| wrmsrl(MSR_KERNEL_GS_BASE, vmx->msr_guest_kernel_gs_base); |
| #endif |
| if (boot_cpu_has(X86_FEATURE_MPX)) |
| rdmsrl(MSR_IA32_BNDCFGS, vmx->host_state.msr_host_bndcfgs); |
| for (i = 0; i < vmx->save_nmsrs; ++i) |
| kvm_set_shared_msr(vmx->guest_msrs[i].index, |
| vmx->guest_msrs[i].data, |
| vmx->guest_msrs[i].mask); |
| } |
| |
| static void __vmx_load_host_state(struct vcpu_vmx *vmx) |
| { |
| if (!vmx->host_state.loaded) |
| return; |
| |
| ++vmx->vcpu.stat.host_state_reload; |
| vmx->host_state.loaded = 0; |
| #ifdef CONFIG_X86_64 |
| if (is_long_mode(&vmx->vcpu)) |
| rdmsrl(MSR_KERNEL_GS_BASE, vmx->msr_guest_kernel_gs_base); |
| #endif |
| if (vmx->host_state.gs_ldt_reload_needed) { |
| kvm_load_ldt(vmx->host_state.ldt_sel); |
| #ifdef CONFIG_X86_64 |
| load_gs_index(vmx->host_state.gs_sel); |
| #else |
| loadsegment(gs, vmx->host_state.gs_sel); |
| #endif |
| } |
| if (vmx->host_state.fs_reload_needed) |
| loadsegment(fs, vmx->host_state.fs_sel); |
| #ifdef CONFIG_X86_64 |
| if (unlikely(vmx->host_state.ds_sel | vmx->host_state.es_sel)) { |
| loadsegment(ds, vmx->host_state.ds_sel); |
| loadsegment(es, vmx->host_state.es_sel); |
| } |
| #endif |
| invalidate_tss_limit(); |
| #ifdef CONFIG_X86_64 |
| wrmsrl(MSR_KERNEL_GS_BASE, vmx->msr_host_kernel_gs_base); |
| #endif |
| if (vmx->host_state.msr_host_bndcfgs) |
| wrmsrl(MSR_IA32_BNDCFGS, vmx->host_state.msr_host_bndcfgs); |
| load_fixmap_gdt(raw_smp_processor_id()); |
| } |
| |
| static void vmx_load_host_state(struct vcpu_vmx *vmx) |
| { |
| preempt_disable(); |
| __vmx_load_host_state(vmx); |
| preempt_enable(); |
| } |
| |
| static void vmx_vcpu_pi_load(struct kvm_vcpu *vcpu, int cpu) |
| { |
| struct pi_desc *pi_desc = vcpu_to_pi_desc(vcpu); |
| struct pi_desc old, new; |
| unsigned int dest; |
| |
| if (!kvm_arch_has_assigned_device(vcpu->kvm) || |
| !irq_remapping_cap(IRQ_POSTING_CAP) || |
| !kvm_vcpu_apicv_active(vcpu)) |
| return; |
| |
| do { |
| old.control = new.control = pi_desc->control; |
| |
| /* |
| * If 'nv' field is POSTED_INTR_WAKEUP_VECTOR, there |
| * are two possible cases: |
| * 1. After running 'pre_block', context switch |
| * happened. For this case, 'sn' was set in |
| * vmx_vcpu_put(), so we need to clear it here. |
| * 2. After running 'pre_block', we were blocked, |
| * and woken up by some other guy. For this case, |
| * we don't need to do anything, 'pi_post_block' |
| * will do everything for us. However, we cannot |
| * check whether it is case #1 or case #2 here |
| * (maybe, not needed), so we also clear sn here, |
| * I think it is not a big deal. |
| */ |
| if (pi_desc->nv != POSTED_INTR_WAKEUP_VECTOR) { |
| if (vcpu->cpu != cpu) { |
| dest = cpu_physical_id(cpu); |
| |
| if (x2apic_enabled()) |
| new.ndst = dest; |
| else |
| new.ndst = (dest << 8) & 0xFF00; |
| } |
| |
| /* set 'NV' to 'notification vector' */ |
| new.nv = POSTED_INTR_VECTOR; |
| } |
| |
| /* Allow posting non-urgent interrupts */ |
| new.sn = 0; |
| } while (cmpxchg(&pi_desc->control, old.control, |
| new.control) != old.control); |
| } |
| |
| static void decache_tsc_multiplier(struct vcpu_vmx *vmx) |
| { |
| vmx->current_tsc_ratio = vmx->vcpu.arch.tsc_scaling_ratio; |
| vmcs_write64(TSC_MULTIPLIER, vmx->current_tsc_ratio); |
| } |
| |
| /* |
| * Switches to specified vcpu, until a matching vcpu_put(), but assumes |
| * vcpu mutex is already taken. |
| */ |
| static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) |
| { |
| struct vcpu_vmx *vmx = to_vmx(vcpu); |
| bool already_loaded = vmx->loaded_vmcs->cpu == cpu; |
| |
| if (!already_loaded) { |
| loaded_vmcs_clear(vmx->loaded_vmcs); |
| local_irq_disable(); |
| crash_disable_local_vmclear(cpu); |
| |
| /* |
| * Read loaded_vmcs->cpu should be before fetching |
| * loaded_vmcs->loaded_vmcss_on_cpu_link. |
| * See the comments in __loaded_vmcs_clear(). |
| */ |
| smp_rmb(); |
| |
| list_add(&vmx->loaded_vmcs->loaded_vmcss_on_cpu_link, |
| &per_cpu(loaded_vmcss_on_cpu, cpu)); |
| crash_enable_local_vmclear(cpu); |
| local_irq_enable(); |
| } |
| |
| if (per_cpu(current_vmcs, cpu) != vmx->loaded_vmcs->vmcs) { |
| per_cpu(current_vmcs, cpu) = vmx->loaded_vmcs->vmcs; |
| vmcs_load(vmx->loaded_vmcs->vmcs); |
| } |
| |
| if (!already_loaded) { |
| void *gdt = get_current_gdt_ro(); |
| unsigned long sysenter_esp; |
| |
| kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu); |
| |
| /* |
| * Linux uses per-cpu TSS and GDT, so set these when switching |
| * processors. See 22.2.4. |
| */ |
| vmcs_writel(HOST_TR_BASE, |
| (unsigned long)this_cpu_ptr(&cpu_tss)); |
| vmcs_writel(HOST_GDTR_BASE, (unsigned long)gdt); /* 22.2.4 */ |
| |
| /* |
| * VM exits change the host TR limit to 0x67 after a VM |
| * exit. This is okay, since 0x67 covers everything except |
| * the IO bitmap and have have code to handle the IO bitmap |
| * being lost after a VM exit. |
| */ |
| BUILD_BUG_ON(IO_BITMAP_OFFSET - 1 != 0x67); |
| |
| rdmsrl(MSR_IA32_SYSENTER_ESP, sysenter_esp); |
| vmcs_writel(HOST_IA32_SYSENTER_ESP, sysenter_esp); /* 22.2.3 */ |
| |
| vmx->loaded_vmcs->cpu = cpu; |
| } |
| |
| /* Setup TSC multiplier */ |
| if (kvm_has_tsc_control && |
| vmx->current_tsc_ratio != vcpu->arch.tsc_scaling_ratio) |
| decache_tsc_multiplier(vmx); |
| |
| vmx_vcpu_pi_load(vcpu, cpu); |
| vmx->host_pkru = read_pkru(); |
| } |
| |
| static void vmx_vcpu_pi_put(struct kvm_vcpu *vcpu) |
| { |
| struct pi_desc *pi_desc = vcpu_to_pi_desc(vcpu); |
| |
| if (!kvm_arch_has_assigned_device(vcpu->kvm) || |
| !irq_remapping_cap(IRQ_POSTING_CAP) || |
| !kvm_vcpu_apicv_active(vcpu)) |
| return; |
| |
| /* Set SN when the vCPU is preempted */ |
| if (vcpu->preempted) |
| pi_set_sn(pi_desc); |
| } |
| |
| static void vmx_vcpu_put(struct kvm_vcpu *vcpu) |
| { |
| vmx_vcpu_pi_put(vcpu); |
| |
| __vmx_load_host_state(to_vmx(vcpu)); |
| } |
| |
| static void vmx_decache_cr0_guest_bits(struct kvm_vcpu *vcpu); |
| |
| /* |
| * Return the cr0 value that a nested guest would read. This is a combination |
| * of the real cr0 used to run the guest (guest_cr0), and the bits shadowed by |
| * its hypervisor (cr0_read_shadow). |
| */ |
| static inline unsigned long nested_read_cr0(struct vmcs12 *fields) |
| { |
| return (fields->guest_cr0 & ~fields->cr0_guest_host_mask) | |
| (fields->cr0_read_shadow & fields->cr0_guest_host_mask); |
| } |
| static inline unsigned long nested_read_cr4(struct vmcs12 *fields) |
| { |
| return (fields->guest_cr4 & ~fields->cr4_guest_host_mask) | |
| (fields->cr4_read_shadow & fields->cr4_guest_host_mask); |
| } |
| |
| static unsigned long vmx_get_rflags(struct kvm_vcpu *vcpu) |
| { |
| unsigned long rflags, save_rflags; |
| |
| if (!test_bit(VCPU_EXREG_RFLAGS, (ulong *)&vcpu->arch.regs_avail)) { |
| __set_bit(VCPU_EXREG_RFLAGS, (ulong *)&vcpu->arch.regs_avail); |
| rflags = vmcs_readl(GUEST_RFLAGS); |
| if (to_vmx(vcpu)->rmode.vm86_active) { |
| rflags &= RMODE_GUEST_OWNED_EFLAGS_BITS; |
| save_rflags = to_vmx(vcpu)->rmode.save_rflags; |
| rflags |= save_rflags & ~RMODE_GUEST_OWNED_EFLAGS_BITS; |
| } |
| to_vmx(vcpu)->rflags = rflags; |
| } |
| return to_vmx(vcpu)->rflags; |
| } |
| |
| static void vmx_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags) |
| { |
| __set_bit(VCPU_EXREG_RFLAGS, (ulong *)&vcpu->arch.regs_avail); |
| to_vmx(vcpu)->rflags = rflags; |
| if (to_vmx(vcpu)->rmode.vm86_active) { |
| to_vmx(vcpu)->rmode.save_rflags = rflags; |
| rflags |= X86_EFLAGS_IOPL | X86_EFLAGS_VM; |
| } |
| vmcs_writel(GUEST_RFLAGS, rflags); |
| } |
| |
| static u32 vmx_get_pkru(struct kvm_vcpu *vcpu) |
| { |
| return to_vmx(vcpu)->guest_pkru; |
| } |
| |
| static u32 vmx_get_interrupt_shadow(struct kvm_vcpu *vcpu) |
| { |
| u32 interruptibility = vmcs_read32(GUEST_INTERRUPTIBILITY_INFO); |
| int ret = 0; |
| |
| if (interruptibility & GUEST_INTR_STATE_STI) |
| ret |= KVM_X86_SHADOW_INT_STI; |
| if (interruptibility & GUEST_INTR_STATE_MOV_SS) |
| ret |= KVM_X86_SHADOW_INT_MOV_SS; |
| |
| return ret; |
| } |
| |
| static void vmx_set_interrupt_shadow(struct kvm_vcpu *vcpu, int mask) |
| { |
| u32 interruptibility_old = vmcs_read32(GUEST_INTERRUPTIBILITY_INFO); |
| u32 interruptibility = interruptibility_old; |
| |
| interruptibility &= ~(GUEST_INTR_STATE_STI | GUEST_INTR_STATE_MOV_SS); |
| |
| if (mask & KVM_X86_SHADOW_INT_MOV_SS) |
| interruptibility |= GUEST_INTR_STATE_MOV_SS; |
| else if (mask & KVM_X86_SHADOW_INT_STI) |
| interruptibility |= GUEST_INTR_STATE_STI; |
| |
| if ((interruptibility != interruptibility_old)) |
| vmcs_write32(GUEST_INTERRUPTIBILITY_INFO, interruptibility); |
| } |
| |
| static void skip_emulated_instruction(struct kvm_vcpu *vcpu) |
| { |
| unsigned long rip; |
| |
| rip = kvm_rip_read(vcpu); |
| rip += vmcs_read32(VM_EXIT_INSTRUCTION_LEN); |
| kvm_rip_write(vcpu, rip); |
| |
| /* skipping an emulated instruction also counts */ |
| vmx_set_interrupt_shadow(vcpu, 0); |
| } |
| |
| /* |
| * KVM wants to inject page-faults which it got to the guest. This function |
| * checks whether in a nested guest, we need to inject them to L1 or L2. |
| */ |
| static int nested_vmx_check_exception(struct kvm_vcpu *vcpu, unsigned nr) |
| { |
| struct vmcs12 *vmcs12 = get_vmcs12(vcpu); |
| |
| if (!(vmcs12->exception_bitmap & (1u << nr))) |
| return 0; |
| |
| nested_vmx_vmexit(vcpu, EXIT_REASON_EXCEPTION_NMI, |
| vmcs_read32(VM_EXIT_INTR_INFO), |
| vmcs_readl(EXIT_QUALIFICATION)); |
| return 1; |
| } |
| |
| static void vmx_queue_exception(struct kvm_vcpu *vcpu, unsigned nr, |
| bool has_error_code, u32 error_code, |
| bool reinject) |
| { |
| struct vcpu_vmx *vmx = to_vmx(vcpu); |
| u32 intr_info = nr | INTR_INFO_VALID_MASK; |
| |
| if (!reinject && is_guest_mode(vcpu) && |
| nested_vmx_check_exception(vcpu, nr)) |
| return; |
| |
| if (has_error_code) { |
| vmcs_write32(VM_ENTRY_EXCEPTION_ERROR_CODE, error_code); |
| intr_info |= INTR_INFO_DELIVER_CODE_MASK; |
| } |
| |
| if (vmx->rmode.vm86_active) { |
| int inc_eip = 0; |
| if (kvm_exception_is_soft(nr)) |
| inc_eip = vcpu->arch.event_exit_inst_len; |
| if (kvm_inject_realmode_interrupt(vcpu, nr, inc_eip) != EMULATE_DONE) |
| kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu); |
| return; |
| } |
| |
| if (kvm_exception_is_soft(nr)) { |
| vmcs_write32(VM_ENTRY_INSTRUCTION_LEN, |
| vmx->vcpu.arch.event_exit_inst_len); |
| intr_info |= INTR_TYPE_SOFT_EXCEPTION; |
| } else |
| intr_info |= INTR_TYPE_HARD_EXCEPTION; |
| |
| vmcs_write32(VM_ENTRY_INTR_INFO_FIELD, intr_info); |
| } |
| |
| static bool vmx_rdtscp_supported(void) |
| { |
| return cpu_has_vmx_rdtscp(); |
| } |
| |
| static bool vmx_invpcid_supported(void) |
| { |
| return cpu_has_vmx_invpcid() && enable_ept; |
| } |
| |
| /* |
| * Swap MSR entry in host/guest MSR entry array. |
| */ |
| static void move_msr_up(struct vcpu_vmx *vmx, int from, int to) |
| { |
| struct shared_msr_entry tmp; |
| |
| tmp = vmx->guest_msrs[to]; |
| vmx->guest_msrs[to] = vmx->guest_msrs[from]; |
| vmx->guest_msrs[from] = tmp; |
| } |
| |
| static void vmx_set_msr_bitmap(struct kvm_vcpu *vcpu) |
| { |
| unsigned long *msr_bitmap; |
| |
| if (is_guest_mode(vcpu)) |
| msr_bitmap = to_vmx(vcpu)->nested.msr_bitmap; |
| else if (cpu_has_secondary_exec_ctrls() && |
| (vmcs_read32(SECONDARY_VM_EXEC_CONTROL) & |
| SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE)) { |
| if (enable_apicv && kvm_vcpu_apicv_active(vcpu)) { |
| if (is_long_mode(vcpu)) |
| msr_bitmap = vmx_msr_bitmap_longmode_x2apic_apicv; |
| else |
| msr_bitmap = vmx_msr_bitmap_legacy_x2apic_apicv; |
| } else { |
| if (is_long_mode(vcpu)) |
| msr_bitmap = vmx_msr_bitmap_longmode_x2apic; |
| else |
| msr_bitmap = vmx_msr_bitmap_legacy_x2apic; |
| } |
| } else { |
| if (is_long_mode(vcpu)) |
| msr_bitmap = vmx_msr_bitmap_longmode; |
| else |
| msr_bitmap = vmx_msr_bitmap_legacy; |
| } |
| |
| vmcs_write64(MSR_BITMAP, __pa(msr_bitmap)); |
| } |
| |
| /* |
| * Set up the vmcs to automatically save and restore system |
| * msrs. Don't touch the 64-bit msrs if the guest is in legacy |
| * mode, as fiddling with msrs is very expensive. |
| */ |
| static void setup_msrs(struct vcpu_vmx *vmx) |
| { |
| int save_nmsrs, index; |
| |
| save_nmsrs = 0; |
| #ifdef CONFIG_X86_64 |
| if (is_long_mode(&vmx->vcpu)) { |
| index = __find_msr_index(vmx, MSR_SYSCALL_MASK); |
| if (index >= 0) |
| move_msr_up(vmx, index, save_nmsrs++); |
| index = __find_msr_index(vmx, MSR_LSTAR); |
| if (index >= 0) |
| move_msr_up(vmx, index, save_nmsrs++); |
| index = __find_msr_index(vmx, MSR_CSTAR); |
| if (index >= 0) |
| move_msr_up(vmx, index, save_nmsrs++); |
| index = __find_msr_index(vmx, MSR_TSC_AUX); |
| if (index >= 0 && guest_cpuid_has_rdtscp(&vmx->vcpu)) |
| move_msr_up(vmx, index, save_nmsrs++); |
| /* |
| * MSR_STAR is only needed on long mode guests, and only |
| * if efer.sce is enabled. |
| */ |
| index = __find_msr_index(vmx, MSR_STAR); |
| if ((index >= 0) && (vmx->vcpu.arch.efer & EFER_SCE)) |
| move_msr_up(vmx, index, save_nmsrs++); |
| } |
| #endif |
| index = __find_msr_index(vmx, MSR_EFER); |
| if (index >= 0 && update_transition_efer(vmx, index)) |
| move_msr_up(vmx, index, save_nmsrs++); |
| |
| vmx->save_nmsrs = save_nmsrs; |
| |
| if (cpu_has_vmx_msr_bitmap()) |
| vmx_set_msr_bitmap(&vmx->vcpu); |
| } |
| |
| /* |
| * reads and returns guest's timestamp counter "register" |
| * guest_tsc = (host_tsc * tsc multiplier) >> 48 + tsc_offset |
| * -- Intel TSC Scaling for Virtualization White Paper, sec 1.3 |
| */ |
| static u64 guest_read_tsc(struct kvm_vcpu *vcpu) |
| { |
| u64 host_tsc, tsc_offset; |
| |
| host_tsc = rdtsc(); |
| tsc_offset = vmcs_read64(TSC_OFFSET); |
| return kvm_scale_tsc(vcpu, host_tsc) + tsc_offset; |
| } |
| |
| /* |
| * writes 'offset' into guest's timestamp counter offset register |
| */ |
| static void vmx_write_tsc_offset(struct kvm_vcpu *vcpu, u64 offset) |
| { |
| if (is_guest_mode(vcpu)) { |
| /* |
| * We're here if L1 chose not to trap WRMSR to TSC. According |
| * to the spec, this should set L1's TSC; The offset that L1 |
| * set for L2 remains unchanged, and still needs to be added |
| * to the newly set TSC to get L2's TSC. |
| */ |
| struct vmcs12 *vmcs12; |
| /* recalculate vmcs02.TSC_OFFSET: */ |
| vmcs12 = get_vmcs12(vcpu); |
| vmcs_write64(TSC_OFFSET, offset + |
| (nested_cpu_has(vmcs12, CPU_BASED_USE_TSC_OFFSETING) ? |
| vmcs12->tsc_offset : 0)); |
| } else { |
| trace_kvm_write_tsc_offset(vcpu->vcpu_id, |
| vmcs_read64(TSC_OFFSET), offset); |
| vmcs_write64(TSC_OFFSET, offset); |
| } |
| } |
| |
| static bool guest_cpuid_has_vmx(struct kvm_vcpu *vcpu) |
| { |
| struct kvm_cpuid_entry2 *best = kvm_find_cpuid_entry(vcpu, 1, 0); |
| return best && (best->ecx & (1 << (X86_FEATURE_VMX & 31))); |
| } |
| |
| /* |
| * nested_vmx_allowed() checks whether a guest should be allowed to use VMX |
| * instructions and MSRs (i.e., nested VMX). Nested VMX is disabled for |
| * all guests if the "nested" module option is off, and can also be disabled |
| * for a single guest by disabling its VMX cpuid bit. |
| */ |
| static inline bool nested_vmx_allowed(struct kvm_vcpu *vcpu) |
| { |
| return nested && guest_cpuid_has_vmx(vcpu); |
| } |
| |
| /* |
| * nested_vmx_setup_ctls_msrs() sets up variables containing the values to be |
| * returned for the various VMX controls MSRs when nested VMX is enabled. |
| * The same values should also be used to verify that vmcs12 control fields are |
| * valid during nested entry from L1 to L2. |
| * Each of these control msrs has a low and high 32-bit half: A low bit is on |
| * if the corresponding bit in the (32-bit) control field *must* be on, and a |
| * bit in the high half is on if the corresponding bit in the control field |
| * may be on. See also vmx_control_verify(). |
| */ |
| static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx) |
| { |
| /* |
| * Note that as a general rule, the high half of the MSRs (bits in |
| * the control fields which may be 1) should be initialized by the |
| * intersection of the underlying hardware's MSR (i.e., features which |
| * can be supported) and the list of features we want to expose - |
| * because they are known to be properly supported in our code. |
| * Also, usually, the low half of the MSRs (bits which must be 1) can |
| * be set to 0, meaning that L1 may turn off any of these bits. The |
| * reason is that if one of these bits is necessary, it will appear |
| * in vmcs01 and prepare_vmcs02, when it bitwise-or's the control |
| * fields of vmcs01 and vmcs02, will turn these bits off - and |
| * nested_vmx_exit_handled() will not pass related exits to L1. |
| * These rules have exceptions below. |
| */ |
| |
| /* pin-based controls */ |
| rdmsr(MSR_IA32_VMX_PINBASED_CTLS, |
| vmx->nested.nested_vmx_pinbased_ctls_low, |
| vmx->nested.nested_vmx_pinbased_ctls_high); |
| vmx->nested.nested_vmx_pinbased_ctls_low |= |
| PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR; |
| vmx->nested.nested_vmx_pinbased_ctls_high &= |
| PIN_BASED_EXT_INTR_MASK | |
| PIN_BASED_NMI_EXITING | |
| PIN_BASED_VIRTUAL_NMIS; |
| vmx->nested.nested_vmx_pinbased_ctls_high |= |
| PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR | |
| PIN_BASED_VMX_PREEMPTION_TIMER; |
| if (kvm_vcpu_apicv_active(&vmx->vcpu)) |
| vmx->nested.nested_vmx_pinbased_ctls_high |= |
| PIN_BASED_POSTED_INTR; |
| |
| /* exit controls */ |
| rdmsr(MSR_IA32_VMX_EXIT_CTLS, |
| vmx->nested.nested_vmx_exit_ctls_low, |
| vmx->nested.nested_vmx_exit_ctls_high); |
| vmx->nested.nested_vmx_exit_ctls_low = |
| VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR; |
| |
| vmx->nested.nested_vmx_exit_ctls_high &= |
| #ifdef CONFIG_X86_64 |
| VM_EXIT_HOST_ADDR_SPACE_SIZE | |
| #endif |
| VM_EXIT_LOAD_IA32_PAT | VM_EXIT_SAVE_IA32_PAT; |
| vmx->nested.nested_vmx_exit_ctls_high |= |
| VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR | |
| VM_EXIT_LOAD_IA32_EFER | VM_EXIT_SAVE_IA32_EFER | |
| VM_EXIT_SAVE_VMX_PREEMPTION_TIMER | VM_EXIT_ACK_INTR_ON_EXIT; |
| |
| if (kvm_mpx_supported()) |
| vmx->nested.nested_vmx_exit_ctls_high |= VM_EXIT_CLEAR_BNDCFGS; |
| |
| /* We support free control of debug control saving. */ |
| vmx->nested.nested_vmx_exit_ctls_low &= ~VM_EXIT_SAVE_DEBUG_CONTROLS; |
| |
| /* entry controls */ |
| rdmsr(MSR_IA32_VMX_ENTRY_CTLS, |
| vmx->nested.nested_vmx_entry_ctls_low, |
| vmx->nested.nested_vmx_entry_ctls_high); |
| vmx->nested.nested_vmx_entry_ctls_low = |
| VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR; |
| vmx->nested.nested_vmx_entry_ctls_high &= |
| #ifdef CONFIG_X86_64 |
| VM_ENTRY_IA32E_MODE | |
| #endif |
| VM_ENTRY_LOAD_IA32_PAT; |
| vmx->nested.nested_vmx_entry_ctls_high |= |
| (VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR | VM_ENTRY_LOAD_IA32_EFER); |
| if (kvm_mpx_supported()) |
| vmx->nested.nested_vmx_entry_ctls_high |= VM_ENTRY_LOAD_BNDCFGS; |
| |
| /* We support free control of debug control loading. */ |
| vmx->nested.nested_vmx_entry_ctls_low &= ~VM_ENTRY_LOAD_DEBUG_CONTROLS; |
| |
| /* cpu-based controls */ |
| rdmsr(MSR_IA32_VMX_PROCBASED_CTLS, |
| vmx->nested.nested_vmx_procbased_ctls_low, |
| vmx->nested.nested_vmx_procbased_ctls_high); |
| vmx->nested.nested_vmx_procbased_ctls_low = |
| CPU_BASED_ALWAYSON_WITHOUT_TRUE_MSR; |
| vmx->nested.nested_vmx_procbased_ctls_high &= |
| CPU_BASED_VIRTUAL_INTR_PENDING | |
| CPU_BASED_VIRTUAL_NMI_PENDING | CPU_BASED_USE_TSC_OFFSETING | |
| CPU_BASED_HLT_EXITING | CPU_BASED_INVLPG_EXITING | |
| CPU_BASED_MWAIT_EXITING | CPU_BASED_CR3_LOAD_EXITING | |
| CPU_BASED_CR3_STORE_EXITING | |
| #ifdef CONFIG_X86_64 |
| CPU_BASED_CR8_LOAD_EXITING | CPU_BASED_CR8_STORE_EXITING | |
| #endif |
| CPU_BASED_MOV_DR_EXITING | CPU_BASED_UNCOND_IO_EXITING | |
| CPU_BASED_USE_IO_BITMAPS | CPU_BASED_MONITOR_TRAP_FLAG | |
| CPU_BASED_MONITOR_EXITING | CPU_BASED_RDPMC_EXITING | |
| CPU_BASED_RDTSC_EXITING | CPU_BASED_PAUSE_EXITING | |
| CPU_BASED_TPR_SHADOW | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; |
| /* |
| * We can allow some features even when not supported by the |
| * hardware. For example, L1 can specify an MSR bitmap - and we |
| * can use it to avoid exits to L1 - even when L0 runs L2 |
| * without MSR bitmaps. |
| */ |
| vmx->nested.nested_vmx_procbased_ctls_high |= |
| CPU_BASED_ALWAYSON_WITHOUT_TRUE_MSR | |
| CPU_BASED_USE_MSR_BITMAPS; |
| |
| /* We support free control of CR3 access interception. */ |
| vmx->nested.nested_vmx_procbased_ctls_low &= |
| ~(CPU_BASED_CR3_LOAD_EXITING | CPU_BASED_CR3_STORE_EXITING); |
| |
| /* secondary cpu-based controls */ |
| rdmsr(MSR_IA32_VMX_PROCBASED_CTLS2, |
| vmx->nested.nested_vmx_secondary_ctls_low, |
| vmx->nested.nested_vmx_secondary_ctls_high); |
| vmx->nested.nested_vmx_secondary_ctls_low = 0; |
| vmx->nested.nested_vmx_secondary_ctls_high &= |
| SECONDARY_EXEC_RDRAND | SECONDARY_EXEC_RDSEED | |
| SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | |
| SECONDARY_EXEC_RDTSCP | |
| SECONDARY_EXEC_DESC | |
| SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | |
| SECONDARY_EXEC_APIC_REGISTER_VIRT | |
| SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | |
| SECONDARY_EXEC_WBINVD_EXITING | |
| SECONDARY_EXEC_XSAVES; |
| |
| if (enable_ept) { |
| /* nested EPT: emulate EPT also to L1 */ |
| vmx->nested.nested_vmx_secondary_ctls_high |= |
| SECONDARY_EXEC_ENABLE_EPT; |
| vmx->nested.nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT | |
| VMX_EPTP_WB_BIT | VMX_EPT_INVEPT_BIT; |
| if (cpu_has_vmx_ept_execute_only()) |
| vmx->nested.nested_vmx_ept_caps |= |
| VMX_EPT_EXECUTE_ONLY_BIT; |
| vmx->nested.nested_vmx_ept_caps &= vmx_capability.ept; |
| vmx->nested.nested_vmx_ept_caps |= VMX_EPT_EXTENT_GLOBAL_BIT | |
| VMX_EPT_EXTENT_CONTEXT_BIT | VMX_EPT_2MB_PAGE_BIT | |
| VMX_EPT_1GB_PAGE_BIT; |
| if (enable_ept_ad_bits) { |
| vmx->nested.nested_vmx_secondary_ctls_high |= |
| SECONDARY_EXEC_ENABLE_PML; |
| vmx->nested.nested_vmx_ept_caps |= VMX_EPT_AD_BIT; |
| } |
| } else |
| vmx->nested.nested_vmx_ept_caps = 0; |
| |
| /* |
| * Old versions of KVM use the single-context version without |
| * checking for support, so declare that it is supported even |
| * though it is treated as global context. The alternative is |
| * not failing the single-context invvpid, and it is worse. |
| */ |
| if (enable_vpid) { |
| vmx->nested.nested_vmx_secondary_ctls_high |= |
| SECONDARY_EXEC_ENABLE_VPID; |
| vmx->nested.nested_vmx_vpid_caps = VMX_VPID_INVVPID_BIT | |
| VMX_VPID_EXTENT_SUPPORTED_MASK; |
| } else |
| vmx->nested.nested_vmx_vpid_caps = 0; |
| |
| if (enable_unrestricted_guest) |
| vmx->nested.nested_vmx_secondary_ctls_high |= |
| SECONDARY_EXEC_UNRESTRICTED_GUEST; |
| |
| /* miscellaneous data */ |
| rdmsr(MSR_IA32_VMX_MISC, |
| vmx->nested.nested_vmx_misc_low, |
| vmx->nested.nested_vmx_misc_high); |
| vmx->nested.nested_vmx_misc_low &= VMX_MISC_SAVE_EFER_LMA; |
| vmx->nested.nested_vmx_misc_low |= |
| VMX_MISC_EMULATED_PREEMPTION_TIMER_RATE | |
| VMX_MISC_ACTIVITY_HLT; |
| vmx->nested.nested_vmx_misc_high = 0; |
| |
| /* |
| * This MSR reports some information about VMX support. We |
| * should return information about the VMX we emulate for the |
| * guest, and the VMCS structure we give it - not about the |
| * VMX support of the underlying hardware. |
| */ |
| vmx->nested.nested_vmx_basic = |
| VMCS12_REVISION | |
| VMX_BASIC_TRUE_CTLS | |
| ((u64)VMCS12_SIZE << VMX_BASIC_VMCS_SIZE_SHIFT) | |
| (VMX_BASIC_MEM_TYPE_WB << VMX_BASIC_MEM_TYPE_SHIFT); |
| |
| if (cpu_has_vmx_basic_inout()) |
| vmx->nested.nested_vmx_basic |= VMX_BASIC_INOUT; |
| |
| /* |
| * These MSRs specify bits which the guest must keep fixed on |
| * while L1 is in VMXON mode (in L1's root mode, or running an L2). |
| * We picked the standard core2 setting. |
| */ |
| #define VMXON_CR0_ALWAYSON (X86_CR0_PE | X86_CR0_PG | X86_CR0_NE) |
| #define VMXON_CR4_ALWAYSON X86_CR4_VMXE |
| vmx->nested.nested_vmx_cr0_fixed0 = VMXON_CR0_ALWAYSON; |
| vmx->nested.nested_vmx_cr4_fixed0 = VMXON_CR4_ALWAYSON; |
| |
| /* These MSRs specify bits which the guest must keep fixed off. */ |
| rdmsrl(MSR_IA32_VMX_CR0_FIXED1, vmx->nested.nested_vmx_cr0_fixed1); |
| rdmsrl(MSR_IA32_VMX_CR4_FIXED1, vmx->nested.nested_vmx_cr4_fixed1); |
| |
| /* highest index: VMX_PREEMPTION_TIMER_VALUE */ |
| vmx->nested.nested_vmx_vmcs_enum = 0x2e; |
| } |
| |
| /* |
| * if fixed0[i] == 1: val[i] must be 1 |
| * if fixed1[i] == 0: val[i] must be 0 |
| */ |
| static inline bool fixed_bits_valid(u64 val, u64 fixed0, u64 fixed1) |
| { |
| return ((val & fixed1) | fixed0) == val; |
| } |
| |
| static inline bool vmx_control_verify(u32 control, u32 low, u32 high) |
| { |
| return fixed_bits_valid(control, low, high); |
| } |
| |
| static inline u64 vmx_control_msr(u32 low, u32 high) |
| { |
| return low | ((u64)high << 32); |
| } |
| |
| static bool is_bitwise_subset(u64 superset, u64 subset, u64 mask) |
| { |
| superset &= mask; |
| subset &= mask; |
| |
| return (superset | subset) == superset; |
| } |
| |
| static int vmx_restore_vmx_basic(struct vcpu_vmx *vmx, u64 data) |
| { |
| const u64 feature_and_reserved = |
| /* feature (except bit 48; see below) */ |
| BIT_ULL(49) | BIT_ULL(54) | BIT_ULL(55) | |
| /* reserved */ |
| BIT_ULL(31) | GENMASK_ULL(47, 45) | GENMASK_ULL(63, 56); |
| u64 vmx_basic = vmx->nested.nested_vmx_basic; |
| |
| if (!is_bitwise_subset(vmx_basic, data, feature_and_reserved)) |
| return -EINVAL; |
| |
| /* |
| * KVM does not emulate a version of VMX that constrains physical |
| * addresses of VMX structures (e.g. VMCS) to 32-bits. |
| */ |
| if (data & BIT_ULL(48)) |
| return -EINVAL; |
| |
| if (vmx_basic_vmcs_revision_id(vmx_basic) != |
| vmx_basic_vmcs_revision_id(data)) |
| return -EINVAL; |
| |
| if (vmx_basic_vmcs_size(vmx_basic) > vmx_basic_vmcs_size(data)) |
| return -EINVAL; |
| |
| vmx->nested.nested_vmx_basic = data; |
| return 0; |
| } |
| |
| static int |
| vmx_restore_control_msr(struct vcpu_vmx *vmx, u32 msr_index, u64 data) |
| { |
| u64 supported; |
| u32 *lowp, *highp; |
| |
| switch (msr_index) { |
| case MSR_IA32_VMX_TRUE_PINBASED_CTLS: |
| lowp = &vmx->nested.nested_vmx_pinbased_ctls_low; |
| highp = &vmx->nested.nested_vmx_pinbased_ctls_high; |
| break; |
| case MSR_IA32_VMX_TRUE_PROCBASED_CTLS: |
| lowp = &vmx->nested.nested_vmx_procbased_ctls_low; |
| highp = &vmx->nested.nested_vmx_procbased_ctls_high; |
| break; |
| case MSR_IA32_VMX_TRUE_EXIT_CTLS: |
| lowp = &vmx->nested.nested_vmx_exit_ctls_low; |
| highp = &vmx->nested.nested_vmx_exit_ctls_high; |
| break; |
| case MSR_IA32_VMX_TRUE_ENTRY_CTLS: |
| lowp = &vmx->nested.nested_vmx_entry_ctls_low; |
| highp = &vmx->nested.nested_vmx_entry_ctls_high; |
| break; |
| case MSR_IA32_VMX_PROCBASED_CTLS2: |
| lowp = &vmx->nested.nested_vmx_secondary_ctls_low; |
| highp = &vmx->nested.nested_vmx_secondary_ctls_high; |
| break; |
| default: |
| BUG(); |
| } |
| |
| supported = vmx_control_msr(*lowp, *highp); |
| |
| /* Check must-be-1 bits are still 1. */ |
| if (!is_bitwise_subset(data, supported, GENMASK_ULL(31, 0))) |
| return -EINVAL; |
| |
| /* Check must-be-0 bits are still 0. */ |
| if (!is_bitwise_subset(supported, data, GENMASK_ULL(63, 32))) |
| return -EINVAL; |
| |
| *lowp = data; |
| *highp = data >> 32; |
| return 0; |
| } |
| |
| static int vmx_restore_vmx_misc(struct vcpu_vmx *vmx, u64 data) |
| { |
| const u64 feature_and_reserved_bits = |
| /* feature */ |
| BIT_ULL(5) | GENMASK_ULL(8, 6) | BIT_ULL(14) | BIT_ULL(15) | |
| BIT_ULL(28) | BIT_ULL(29) | BIT_ULL(30) | |
| /* reserved */ |
| GENMASK_ULL(13, 9) | BIT_ULL(31); |
| u64 vmx_misc; |
| |
| vmx_misc = vmx_control_msr(vmx->nested.nested_vmx_misc_low, |
| vmx->nested.nested_vmx_misc_high); |
| |
| if (!is_bitwise_subset(vmx_misc, data, feature_and_reserved_bits)) |
| return -EINVAL; |
| |
| if ((vmx->nested.nested_vmx_pinbased_ctls_high & |
| PIN_BASED_VMX_PREEMPTION_TIMER) && |
| vmx_misc_preemption_timer_rate(data) != |
| vmx_misc_preemption_timer_rate(vmx_misc)) |
| return -EINVAL; |
| |
| if (vmx_misc_cr3_count(data) > vmx_misc_cr3_count(vmx_misc)) |
| return -EINVAL; |
| |
| if (vmx_misc_max_msr(data) > vmx_misc_max_msr(vmx_misc)) |
| return -EINVAL; |
| |
| if (vmx_misc_mseg_revid(data) != vmx_misc_mseg_revid(vmx_misc)) |
| return -EINVAL; |
| |
| vmx->nested.nested_vmx_misc_low = data; |
| vmx->nested.nested_vmx_misc_high = data >> 32; |
| return 0; |
| } |
| |
| static int vmx_restore_vmx_ept_vpid_cap(struct vcpu_vmx *vmx, u64 data) |
| { |
| u64 vmx_ept_vpid_cap; |
| |
| vmx_ept_vpid_cap = vmx_control_msr(vmx->nested.nested_vmx_ept_caps, |
| vmx->nested.nested_vmx_vpid_caps); |
| |
| /* Every bit is either reserved or a feature bit. */ |
| if (!is_bitwise_subset(vmx_ept_vpid_cap, data, -1ULL)) |
| return -EINVAL; |
| |
| vmx->nested.nested_vmx_ept_caps = data; |
| vmx->nested.nested_vmx_vpid_caps = data >> 32; |
| return 0; |
| } |
| |
| static int vmx_restore_fixed0_msr(struct vcpu_vmx *vmx, u32 msr_index, u64 data) |
| { |
| u64 *msr; |
| |
| switch (msr_index) { |
| case MSR_IA32_VMX_CR0_FIXED0: |
| msr = &vmx->nested.nested_vmx_cr0_fixed0; |
| break; |
| case MSR_IA32_VMX_CR4_FIXED0: |
| msr = &vmx->nested.nested_vmx_cr4_fixed0; |
| break; |
| default: |
| BUG(); |
| } |
| |
| /* |
| * 1 bits (which indicates bits which "must-be-1" during VMX operation) |
| * must be 1 in the restored value. |
| */ |
| if (!is_bitwise_subset(data, *msr, -1ULL)) |
| return -EINVAL; |
| |
| *msr = data; |
| return 0; |
| } |
| |
| /* |
| * Called when userspace is restoring VMX MSRs. |
| * |
| * Returns 0 on success, non-0 otherwise. |
| */ |
| static int vmx_set_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 data) |
| { |
| struct vcpu_vmx *vmx = to_vmx(vcpu); |
| |
| switch (msr_index) { |
| case MSR_IA32_VMX_BASIC: |
| return vmx_restore_vmx_basic(vmx, data); |
| case MSR_IA32_VMX_PINBASED_CTLS: |
| case MSR_IA32_VMX_PROCBASED_CTLS: |
| case MSR_IA32_VMX_EXIT_CTLS: |
| case MSR_IA32_VMX_ENTRY_CTLS: |
| /* |
| * The "non-true" VMX capability MSRs are generated from the |
| * "true" MSRs, so we do not support restoring them directly. |
| * |
| * If userspace wants to emulate VMX_BASIC[55]=0, userspace |
| * should restore the "true" MSRs with the must-be-1 bits |
| * set according to the SDM Vol 3. A.2 "RESERVED CONTROLS AND |
| * DEFAULT SETTINGS". |
| */ |
| return -EINVAL; |
| case MSR_IA32_VMX_TRUE_PINBASED_CTLS: |
| case MSR_IA32_VMX_TRUE_PROCBASED_CTLS: |
| case MSR_IA32_VMX_TRUE_EXIT_CTLS: |
| case MSR_IA32_VMX_TRUE_ENTRY_CTLS: |
| case MSR_IA32_VMX_PROCBASED_CTLS2: |
| return vmx_restore_control_msr(vmx, msr_index, data); |
| case MSR_IA32_VMX_MISC: |
| return vmx_restore_vmx_misc(vmx, data); |
| case MSR_IA32_VMX_CR0_FIXED0: |
| case MSR_IA32_VMX_CR4_FIXED0: |
| return vmx_restore_fixed0_msr(vmx, msr_index, data); |
| case MSR_IA32_VMX_CR0_FIXED1: |
| case MSR_IA32_VMX_CR4_FIXED1: |
| /* |
| * These MSRs are generated based on the vCPU's CPUID, so we |
| * do not support restoring them directly. |
| */ |
| return -EINVAL; |
| case MSR_IA32_VMX_EPT_VPID_CAP: |
| return vmx_restore_vmx_ept_vpid_cap(vmx, data); |
| case MSR_IA32_VMX_VMCS_ENUM: |
| vmx->nested.nested_vmx_vmcs_enum = data; |
| return 0; |
| default: |
| /* |
| * The rest of the VMX capability MSRs do not support restore. |
| */ |
| return -EINVAL; |
| } |
| } |
| |
| /* Returns 0 on success, non-0 otherwise. */ |
| static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata) |
| { |
| struct vcpu_vmx *vmx = to_vmx(vcpu); |
| |
| switch (msr_index) { |
| case MSR_IA32_VMX_BASIC: |
| *pdata = vmx->nested.nested_vmx_basic; |
| break; |
| case MSR_IA32_VMX_TRUE_PINBASED_CTLS: |
| case MSR_IA32_VMX_PINBASED_CTLS: |
| *pdata = vmx_control_msr( |
| vmx->nested.nested_vmx_pinbased_ctls_low, |
| vmx->nested.nested_vmx_pinbased_ctls_high); |
| if (msr_index == MSR_IA32_VMX_PINBASED_CTLS) |
| *pdata |= PIN_BASED_ALWAYSON_WITHOUT_TRUE_MSR; |
| break; |
| case MSR_IA32_VMX_TRUE_PROCBASED_CTLS: |
| case MSR_IA32_VMX_PROCBASED_CTLS: |
| *pdata = vmx_control_msr( |
| vmx->nested.nested_vmx_procbased_ctls_low, |
| vmx->nested.nested_vmx_procbased_ctls_high); |
| if (msr_index == MSR_IA32_VMX_PROCBASED_CTLS) |
| *pdata |= CPU_BASED_ALWAYSON_WITHOUT_TRUE_MSR; |
| break; |
| case MSR_IA32_VMX_TRUE_EXIT_CTLS: |
| case MSR_IA32_VMX_EXIT_CTLS: |
| *pdata = vmx_control_msr( |
| vmx->nested.nested_vmx_exit_ctls_low, |
| vmx->nested.nested_vmx_exit_ctls_high); |
| if (msr_index == MSR_IA32_VMX_EXIT_CTLS) |
| *pdata |= VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR; |
| break; |
| case MSR_IA32_VMX_TRUE_ENTRY_CTLS: |
| case MSR_IA32_VMX_ENTRY_CTLS: |
| *pdata = vmx_control_msr( |
| vmx->nested.nested_vmx_entry_ctls_low, |
| vmx->nested.nested_vmx_entry_ctls_high); |
| if (msr_index == MSR_IA32_VMX_ENTRY_CTLS) |
| *pdata |= VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR; |
| break; |
| case MSR_IA32_VMX_MISC: |
| *pdata = vmx_control_msr( |
| vmx->nested.nested_vmx_misc_low, |
| vmx->nested.nested_vmx_misc_high); |
| break; |
| case MSR_IA32_VMX_CR0_FIXED0: |
| *pdata = vmx->nested.nested_vmx_cr0_fixed0; |
| break; |
| case MSR_IA32_VMX_CR0_FIXED1: |
| *pdata = vmx->nested.nested_vmx_cr0_fixed1; |
| break; |
| case MSR_IA32_VMX_CR4_FIXED0: |
| *pdata = vmx->nested.nested_vmx_cr4_fixed0; |
| break; |
| case MSR_IA32_VMX_CR4_FIXED1: |
| *pdata = vmx->nested.nested_vmx_cr4_fixed1; |
| break; |
| case MSR_IA32_VMX_VMCS_ENUM: |
| *pdata = vmx->nested.nested_vmx_vmcs_enum; |
| break; |
| case MSR_IA32_VMX_PROCBASED_CTLS2: |
| *pdata = vmx_control_msr( |
| vmx->nested.nested_vmx_secondary_ctls_low, |
| vmx->nested.nested_vmx_secondary_ctls_high); |
| break; |
| case MSR_IA32_VMX_EPT_VPID_CAP: |
| *pdata = vmx->nested.nested_vmx_ept_caps | |
| ((u64)vmx->nested.nested_vmx_vpid_caps << 32); |
| break; |
| default: |
| return 1; |
| } |
| |
| return 0; |
| } |
| |
| static inline bool vmx_feature_control_msr_valid(struct kvm_vcpu *vcpu, |
| uint64_t val) |
| { |
| uint64_t valid_bits = to_vmx(vcpu)->msr_ia32_feature_control_valid_bits; |
| |
| return !(val & ~valid_bits); |
| } |
| |
| /* |
| * Reads an msr value (of 'msr_index') into 'pdata'. |
| * Returns 0 on success, non-0 otherwise. |
| * Assumes vcpu_load() was already called. |
| */ |
| static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) |
| { |
| struct shared_msr_entry *msr; |
| |
| switch (msr_info->index) { |
| #ifdef CONFIG_X86_64 |
| case MSR_FS_BASE: |
| msr_info->data = vmcs_readl(GUEST_FS_BASE); |
| break; |
| case MSR_GS_BASE: |
| msr_info->data = vmcs_readl(GUEST_GS_BASE); |
| break; |
| case MSR_KERNEL_GS_BASE: |
| vmx_load_host_state(to_vmx(vcpu)); |
| msr_info->data = to_vmx(vcpu)->msr_guest_kernel_gs_base; |
| break; |
| #endif |
| case MSR_EFER: |
| return kvm_get_msr_common(vcpu, msr_info); |
| case MSR_IA32_TSC: |
| msr_info->data = guest_read_tsc(vcpu); |
| break; |
| case MSR_IA32_SYSENTER_CS: |
| msr_info->data = vmcs_read32(GUEST_SYSENTER_CS); |
| break; |
| case MSR_IA32_SYSENTER_EIP: |
| msr_info->data = vmcs_readl(GUEST_SYSENTER_EIP); |
| break; |
| case MSR_IA32_SYSENTER_ESP: |
| msr_info->data = vmcs_readl(GUEST_SYSENTER_ESP); |
| break; |
| case MSR_IA32_BNDCFGS: |
| if (!kvm_mpx_supported()) |
| return 1; |
| msr_info->data = vmcs_read64(GUEST_BNDCFGS); |
| break; |
| case MSR_IA32_MCG_EXT_CTL: |
| if (!msr_info->host_initiated && |
| !(to_vmx(vcpu)->msr_ia32_feature_control & |
| FEATURE_CONTROL_LMCE)) |
| return 1; |
| msr_info->data = vcpu->arch.mcg_ext_ctl; |
| break; |
| case MSR_IA32_FEATURE_CONTROL: |
| msr_info->data = to_vmx(vcpu)->msr_ia32_feature_control; |
| break; |
| case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC: |
| if (!nested_vmx_allowed(vcpu)) |
| return 1; |
| return vmx_get_vmx_msr(vcpu, msr_info->index, &msr_info->data); |
| case MSR_IA32_XSS: |
| if (!vmx_xsaves_supported()) |
|