[PATCH v2 00/15] KVM x86/VMX cleanups

[PATCH v2 00/15] KVM x86/VMX cleanups

[David Hildenbrand]

Some cleanups discovered while digging through the code.

v1 -> v2:
- dropped "KVM: x86: mmu: use for_each_shadow_entry_lockless()"
- added "KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting"
- added "KVM: nVMX: no need to set ept/vpid caps to 0"
- added "KVM: VMX: drop enable_ept check from ept_sync_context()"

David Hildenbrand (15):
  KVM: x86: mmu: returning void in a void function is strange
  KVM: x86: mmu: free_page can handle NULL
  KVM: x86: drop BUG_ON(vcpu->kvm)
  KVM: VMX: vmx_vcpu_setup() cannot fail
  KVM: x86: no need to inititalize vcpu members to 0
  KVM: VMX: drop enable_ept check from ept_sync_context()
  KVM: VMX: call ept_sync_global() with enable_ept only
  KVM: VMX: require INVEPT GLOBAL for EPT
  KVM: VMX: drop unnecessary function declarations
  KVM: nVMX: no need to set vcpu->cpu when switching vmcs
  KVM: nVMX: no need to set ept/vpid caps to 0
  KVM: VMX: cleanup init_rmode_identity_map()
  KVM: x86: document special identity map address value
  KVM: x86: allow setting identity map addr with no vcpus only
  KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting

 Documentation/virtual/kvm/api.txt |  4 ++
 arch/x86/include/asm/vmx.h        |  4 +-
 arch/x86/kvm/mmu.c                |  5 +-
 arch/x86/kvm/vmx.c                | 96 ++++++++++++++-------------------------
 arch/x86/kvm/x86.c                | 21 ++++-----
 5 files changed, 51 insertions(+), 79 deletions(-)

-- 
2.13.5

[PATCH v2 01/15] KVM: x86: mmu: returning void in a void function is strange

[David Hildenbrand]

Let's just drop the return.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/mmu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 2dafd36368cc..e29ab2e762bb 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -2422,7 +2422,7 @@ static void __shadow_walk_next(struct kvm_shadow_walk_iterator *iterator,
 
 static void shadow_walk_next(struct kvm_shadow_walk_iterator *iterator)
 {
-	return __shadow_walk_next(iterator, *iterator->sptep);
+	__shadow_walk_next(iterator, *iterator->sptep);
 }
 
 static void link_shadow_page(struct kvm_vcpu *vcpu, u64 *sptep,
-- 
2.13.5

[PATCH v2 02/15] KVM: x86: mmu: free_page can handle NULL

[David Hildenbrand]

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/mmu.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index e29ab2e762bb..26ae7d9a6314 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -4931,8 +4931,7 @@ EXPORT_SYMBOL_GPL(kvm_disable_tdp);
 static void free_mmu_pages(struct kvm_vcpu *vcpu)
 {
 	free_page((unsigned long)vcpu->arch.mmu.pae_root);
-	if (vcpu->arch.mmu.lm_root != NULL)
-		free_page((unsigned long)vcpu->arch.mmu.lm_root);
+	free_page((unsigned long)vcpu->arch.mmu.lm_root);
 }
 
 static int alloc_mmu_pages(struct kvm_vcpu *vcpu)
-- 
2.13.5

[PATCH v2 03/15] KVM: x86: drop BUG_ON(vcpu->kvm)

[David Hildenbrand]

And also get rid of that superfluous local variable "kvm".

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/x86.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 8f41b88f592c..3dbcfd0abe52 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -7934,16 +7934,12 @@ EXPORT_SYMBOL_GPL(kvm_no_apic_vcpu);
 int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu)
 {
 	struct page *page;
-	struct kvm *kvm;
 	int r;
 
-	BUG_ON(vcpu->kvm == NULL);
-	kvm = vcpu->kvm;
-
 	vcpu->arch.apicv_active = kvm_x86_ops->get_enable_apicv();
 	vcpu->arch.pv.pv_unhalted = false;
 	vcpu->arch.emulate_ctxt.ops = &emulate_ops;
-	if (!irqchip_in_kernel(kvm) || kvm_vcpu_is_reset_bsp(vcpu))
+	if (!irqchip_in_kernel(vcpu->kvm) || kvm_vcpu_is_reset_bsp(vcpu))
 		vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;
 	else
 		vcpu->arch.mp_state = KVM_MP_STATE_UNINITIALIZED;
@@ -7961,7 +7957,7 @@ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu)
 	if (r < 0)
 		goto fail_free_pio_data;
 
-	if (irqchip_in_kernel(kvm)) {
+	if (irqchip_in_kernel(vcpu->kvm)) {
 		r = kvm_create_lapic(vcpu);
 		if (r < 0)
 			goto fail_mmu_destroy;
-- 
2.13.5

[PATCH v2 04/15] KVM: VMX: vmx_vcpu_setup() cannot fail

[David Hildenbrand]

Make it a void and drop error handling code.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index dd710d313d09..708e6cfb707d 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -5318,7 +5318,7 @@ static void ept_set_mmio_spte_mask(void)
 /*
  * Sets up the vmcs for emulated real mode.
  */
-static int vmx_vcpu_setup(struct vcpu_vmx *vmx)
+static void vmx_vcpu_setup(struct vcpu_vmx *vmx)
 {
 #ifdef CONFIG_X86_64
 	unsigned long a;
@@ -5430,8 +5430,6 @@ static int vmx_vcpu_setup(struct vcpu_vmx *vmx)
 		vmcs_write64(PML_ADDRESS, page_to_phys(vmx->pml_pg));
 		vmcs_write16(GUEST_PML_INDEX, PML_ENTITY_NUM - 1);
 	}
-
-	return 0;
 }
 
 static void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
@@ -9459,11 +9457,9 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
 	cpu = get_cpu();
 	vmx_vcpu_load(&vmx->vcpu, cpu);
 	vmx->vcpu.cpu = cpu;
-	err = vmx_vcpu_setup(vmx);
+	vmx_vcpu_setup(vmx);
 	vmx_vcpu_put(&vmx->vcpu);
 	put_cpu();
-	if (err)
-		goto free_vmcs;
 	if (cpu_need_virtualize_apic_accesses(&vmx->vcpu)) {
 		err = alloc_apic_access_page(kvm);
 		if (err)
-- 
2.13.5

[PATCH v2 05/15] KVM: x86: no need to inititalize vcpu members to 0

[David Hildenbrand]

vmx and svm use zalloc, so this is not necessary.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/x86.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 3dbcfd0abe52..757e1caa05ec 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -7937,7 +7937,6 @@ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu)
 	int r;
 
 	vcpu->arch.apicv_active = kvm_x86_ops->get_enable_apicv();
-	vcpu->arch.pv.pv_unhalted = false;
 	vcpu->arch.emulate_ctxt.ops = &emulate_ops;
 	if (!irqchip_in_kernel(vcpu->kvm) || kvm_vcpu_is_reset_bsp(vcpu))
 		vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;
@@ -7979,10 +7978,6 @@ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu)
 
 	fx_init(vcpu);
 
-	vcpu->arch.ia32_tsc_adjust_msr = 0x0;
-	vcpu->arch.pv_time_enabled = false;
-
-	vcpu->arch.guest_supported_xcr0 = 0;
 	vcpu->arch.guest_xstate_size = XSAVE_HDR_SIZE + XSAVE_HDR_OFFSET;
 
 	vcpu->arch.maxphyaddr = cpuid_query_maxphyaddr(vcpu);
-- 
2.13.5

[PATCH v2 06/15] KVM: VMX: drop enable_ept check from ept_sync_context()

[David Hildenbrand]

This function is only called with enable_ept.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 708e6cfb707d..767e5d777405 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1598,12 +1598,10 @@ static inline void ept_sync_global(void)
 
 static inline void ept_sync_context(u64 eptp)
 {
-	if (enable_ept) {
-		if (cpu_has_vmx_invept_context())
-			__invept(VMX_EPT_EXTENT_CONTEXT, eptp, 0);
-		else
-			ept_sync_global();
-	}
+	if (cpu_has_vmx_invept_context())
+		__invept(VMX_EPT_EXTENT_CONTEXT, eptp, 0);
+	else
+		ept_sync_global();
 }
 
 static __always_inline void vmcs_check16(unsigned long field)
-- 
2.13.5

[PATCH v2 07/15] KVM: VMX: call ept_sync_global() with enable_ept only

[David Hildenbrand]

ept_* function should only be called with enable_ept being set.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 767e5d777405..ad5775ca8349 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -3545,7 +3545,8 @@ static int hardware_enable(void)
 		wrmsrl(MSR_IA32_FEATURE_CONTROL, old | test_bits);
 	}
 	kvm_cpu_vmxon(phys_addr);
-	ept_sync_global();
+	if (enable_ept)
+		ept_sync_global();
 
 	return 0;
 }
-- 
2.13.5

[PATCH v2 08/15] KVM: VMX: require INVEPT GLOBAL for EPT

[David Hildenbrand]

Without this, we won't be able to do any flushes, so let's just require
it. Should be absent in very strange configurations.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index ad5775ca8349..a5a5e517cf65 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1592,8 +1592,7 @@ static inline void vpid_sync_context(int vpid)
 
 static inline void ept_sync_global(void)
 {
-	if (cpu_has_vmx_invept_global())
-		__invept(VMX_EPT_EXTENT_GLOBAL, 0, 0);
+	__invept(VMX_EPT_EXTENT_GLOBAL, 0, 0);
 }
 
 static inline void ept_sync_context(u64 eptp)
@@ -6638,7 +6637,8 @@ static __init int hardware_setup(void)
 
 	if (!cpu_has_vmx_ept() ||
 	    !cpu_has_vmx_ept_4levels() ||
-	    !cpu_has_vmx_ept_mt_wb()) {
+	    !cpu_has_vmx_ept_mt_wb() ||
+	    !cpu_has_vmx_invept_global()) {
 		enable_ept = 0;
 		enable_unrestricted_guest = 0;
 		enable_ept_ad_bits = 0;
-- 
2.13.5

[PATCH v2 09/15] KVM: VMX: drop unnecessary function declarations

[David Hildenbrand]

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index a5a5e517cf65..ca9b7b118c74 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -898,14 +898,12 @@ static bool nested_ept_ad_enabled(struct kvm_vcpu *vcpu);
 static unsigned long nested_ept_get_cr3(struct kvm_vcpu *vcpu);
 static u64 construct_eptp(struct kvm_vcpu *vcpu, unsigned long root_hpa);
 static bool vmx_xsaves_supported(void);
-static int vmx_set_tss_addr(struct kvm *kvm, unsigned int addr);
 static void vmx_set_segment(struct kvm_vcpu *vcpu,
 			    struct kvm_segment *var, int seg);
 static void vmx_get_segment(struct kvm_vcpu *vcpu,
 			    struct kvm_segment *var, int seg);
 static bool guest_state_valid(struct kvm_vcpu *vcpu);
 static u32 vmx_segment_access_rights(struct kvm_segment *var);
-static void copy_vmcs12_to_shadow(struct vcpu_vmx *vmx);
 static void copy_shadow_to_vmcs12(struct vcpu_vmx *vmx);
 static int alloc_identity_pagetable(struct kvm *kvm);
 static bool vmx_get_nmi_mask(struct kvm_vcpu *vcpu);
-- 
2.13.5

[PATCH v2 10/15] KVM: nVMX: no need to set vcpu->cpu when switching vmcs

[David Hildenbrand]

vcpu->cpu is not cleared when doing a vmx_vcpu_put/load, so this can be
dropped.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index ca9b7b118c74..8ade64dd78e9 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -9373,7 +9373,6 @@ static void vmx_switch_vmcs(struct kvm_vcpu *vcpu, struct loaded_vmcs *vmcs)
 	vmx->loaded_vmcs = vmcs;
 	vmx_vcpu_put(vcpu);
 	vmx_vcpu_load(vcpu, cpu);
-	vcpu->cpu = cpu;
 	put_cpu();
 }
 
-- 
2.13.5

[PATCH v2 11/15] KVM: nVMX: no need to set ept/vpid caps to 0

[David Hildenbrand]

They are inititally 0, so no need to reset them to 0.

Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 8ade64dd78e9..f96755762fcc 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2829,8 +2829,7 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx)
 				SECONDARY_EXEC_ENABLE_PML;
 			vmx->nested.nested_vmx_ept_caps |= VMX_EPT_AD_BIT;
 		}
-	} else
-		vmx->nested.nested_vmx_ept_caps = 0;
+	}
 
 	if (cpu_has_vmx_vmfunc()) {
 		vmx->nested.nested_vmx_secondary_ctls_high |=
@@ -2854,8 +2853,7 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx)
 			SECONDARY_EXEC_ENABLE_VPID;
 		vmx->nested.nested_vmx_vpid_caps = VMX_VPID_INVVPID_BIT |
 			VMX_VPID_EXTENT_SUPPORTED_MASK;
-	} else
-		vmx->nested.nested_vmx_vpid_caps = 0;
+	}
 
 	if (enable_unrestricted_guest)
 		vmx->nested.nested_vmx_secondary_ctls_high |=
-- 
2.13.5

[PATCH v2 12/15] KVM: VMX: cleanup init_rmode_identity_map()

[David Hildenbrand]

No need for another enable_ept check. kvm->arch.ept_identity_map_addr
only has to be inititalized once. Having alloc_identity_pagetable() is
overkill and dropping BUG_ONs is always nice.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 26 ++++----------------------
 1 file changed, 4 insertions(+), 22 deletions(-)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index f96755762fcc..5625a99aff7a 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -905,7 +905,6 @@ static void vmx_get_segment(struct kvm_vcpu *vcpu,
 static bool guest_state_valid(struct kvm_vcpu *vcpu);
 static u32 vmx_segment_access_rights(struct kvm_segment *var);
 static void copy_shadow_to_vmcs12(struct vcpu_vmx *vmx);
-static int alloc_identity_pagetable(struct kvm *kvm);
 static bool vmx_get_nmi_mask(struct kvm_vcpu *vcpu);
 static void vmx_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked);
 static bool nested_vmx_is_page_fault_vmexit(struct vmcs12 *vmcs12,
@@ -4769,18 +4768,18 @@ static int init_rmode_identity_map(struct kvm *kvm)
 	kvm_pfn_t identity_map_pfn;
 	u32 tmp;
 
-	if (!enable_ept)
-		return 0;
-
 	/* Protect kvm->arch.ept_identity_pagetable_done. */
 	mutex_lock(&kvm->slots_lock);
 
 	if (likely(kvm->arch.ept_identity_pagetable_done))
 		goto out2;
 
+	if (!kvm->arch.ept_identity_map_addr)
+		kvm->arch.ept_identity_map_addr = VMX_EPT_IDENTITY_PAGETABLE_ADDR;
 	identity_map_pfn = kvm->arch.ept_identity_map_addr >> PAGE_SHIFT;
 
-	r = alloc_identity_pagetable(kvm);
+	r = __x86_set_memory_region(kvm, IDENTITY_PAGETABLE_PRIVATE_MEMSLOT,
+				    kvm->arch.ept_identity_map_addr, PAGE_SIZE);
 	if (r < 0)
 		goto out2;
 
@@ -4852,20 +4851,6 @@ static int alloc_apic_access_page(struct kvm *kvm)
 	return r;
 }
 
-static int alloc_identity_pagetable(struct kvm *kvm)
-{
-	/* Called with kvm->slots_lock held. */
-
-	int r = 0;
-
-	BUG_ON(kvm->arch.ept_identity_pagetable_done);
-
-	r = __x86_set_memory_region(kvm, IDENTITY_PAGETABLE_PRIVATE_MEMSLOT,
-				    kvm->arch.ept_identity_map_addr, PAGE_SIZE);
-
-	return r;
-}
-
 static int allocate_vpid(void)
 {
 	int vpid;
@@ -9461,9 +9446,6 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
 	}
 
 	if (enable_ept) {
-		if (!kvm->arch.ept_identity_map_addr)
-			kvm->arch.ept_identity_map_addr =
-				VMX_EPT_IDENTITY_PAGETABLE_ADDR;
 		err = init_rmode_identity_map(kvm);
 		if (err)
 			goto free_vmcs;
-- 
2.13.5

[PATCH v2 13/15] KVM: x86: document special identity map address value

[David Hildenbrand]

Setting it to 0 leads to setting it to the default value, let's document
this.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 Documentation/virtual/kvm/api.txt | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt
index e63a35fafef0..22bc5a052a5d 100644
--- a/Documentation/virtual/kvm/api.txt
+++ b/Documentation/virtual/kvm/api.txt
@@ -1124,6 +1124,9 @@ guest physical address space and must not conflict with any memory slot
 or any mmio address.  The guest may malfunction if it accesses this memory
 region.
 
+Setting the address to 0 will result in resetting the address to its default
+(0xfffbc000).
+
 This ioctl is required on Intel-based hosts.  This is needed on Intel hardware
 because of a quirk in the virtualization implementation (see the internals
 documentation when it pops into existence).
-- 
2.13.5

[PATCH v2 14/15] KVM: x86: allow setting identity map addr with no vcpus only

[David Hildenbrand]

Changing it afterwards doesn't make too much sense and will only result
in inconsistencies.

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 Documentation/virtual/kvm/api.txt | 1 +
 arch/x86/kvm/x86.c                | 8 +++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt
index 22bc5a052a5d..dd2dd96927b8 100644
--- a/Documentation/virtual/kvm/api.txt
+++ b/Documentation/virtual/kvm/api.txt
@@ -1131,6 +1131,7 @@ This ioctl is required on Intel-based hosts.  This is needed on Intel hardware
 because of a quirk in the virtualization implementation (see the internals
 documentation when it pops into existence).
 
+Fails if any VCPU has already been created.
 
 4.41 KVM_SET_BOOT_CPU_ID
 
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 757e1caa05ec..ccb065608215 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -4005,10 +4005,16 @@ long kvm_arch_vm_ioctl(struct file *filp,
 	case KVM_SET_IDENTITY_MAP_ADDR: {
 		u64 ident_addr;
 
+		mutex_lock(&kvm->lock);
+		r = -EINVAL;
+		if (kvm->created_vcpus)
+			goto set_identity_unlock;
 		r = -EFAULT;
 		if (copy_from_user(&ident_addr, argp, sizeof ident_addr))
-			goto out;
+			goto set_identity_unlock;
 		r = kvm_vm_ioctl_set_identity_map_addr(kvm, ident_addr);
+set_identity_unlock:
+		mutex_unlock(&kvm->lock);
 		break;
 	}
 	case KVM_SET_NR_MMU_PAGES:
-- 
2.13.5

[PATCH v2 15/15] KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting

[David Hildenbrand]

Let's just name these according to the SDM. This should make it clearer
that the are used to enable exiting and not the feature itself.

Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/include/asm/vmx.h |  4 ++--
 arch/x86/kvm/vmx.c         | 34 +++++++++++++++++-----------------
 2 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
index 340007a9786e..8ec2b804effc 100644
--- a/arch/x86/include/asm/vmx.h
+++ b/arch/x86/include/asm/vmx.h
@@ -70,11 +70,11 @@
 #define SECONDARY_EXEC_APIC_REGISTER_VIRT       0x00000100
 #define SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY    0x00000200
 #define SECONDARY_EXEC_PAUSE_LOOP_EXITING	0x00000400
-#define SECONDARY_EXEC_RDRAND			0x00000800
+#define SECONDARY_EXEC_RDRAND_EXITING		0x00000800
 #define SECONDARY_EXEC_ENABLE_INVPCID		0x00001000
 #define SECONDARY_EXEC_ENABLE_VMFUNC            0x00002000
 #define SECONDARY_EXEC_SHADOW_VMCS              0x00004000
-#define SECONDARY_EXEC_RDSEED			0x00010000
+#define SECONDARY_EXEC_RDSEED_EXITING		0x00010000
 #define SECONDARY_EXEC_ENABLE_PML               0x00020000
 #define SECONDARY_EXEC_XSAVES			0x00100000
 #define SECONDARY_EXEC_TSC_SCALING              0x02000000
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 5625a99aff7a..8abd517165db 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2800,7 +2800,7 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx)
 		vmx->nested.nested_vmx_secondary_ctls_high);
 	vmx->nested.nested_vmx_secondary_ctls_low = 0;
 	vmx->nested.nested_vmx_secondary_ctls_high &=
-		SECONDARY_EXEC_RDRAND | SECONDARY_EXEC_RDSEED |
+		SECONDARY_EXEC_RDRAND_EXITING | SECONDARY_EXEC_RDSEED_EXITING |
 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
 		SECONDARY_EXEC_RDTSCP |
 		SECONDARY_EXEC_DESC |
@@ -3653,8 +3653,8 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf)
 			SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
 			SECONDARY_EXEC_SHADOW_VMCS |
 			SECONDARY_EXEC_XSAVES |
-			SECONDARY_EXEC_RDRAND |
-			SECONDARY_EXEC_RDSEED |
+			SECONDARY_EXEC_RDRAND_EXITING |
+			SECONDARY_EXEC_RDSEED_EXITING |
 			SECONDARY_EXEC_ENABLE_PML |
 			SECONDARY_EXEC_TSC_SCALING |
 			SECONDARY_EXEC_ENABLE_VMFUNC;
@@ -5275,10 +5275,10 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx *vmx)
 		exec_control &= ~SECONDARY_EXEC_ENABLE_PML;
 
 	if (guest_cpuid_has(&vmx->vcpu, X86_FEATURE_RDRAND))
-		exec_control &= ~SECONDARY_EXEC_RDRAND;
+		exec_control &= ~SECONDARY_EXEC_RDRAND_EXITING;
 
 	if (guest_cpuid_has(&vmx->vcpu, X86_FEATURE_RDSEED))
-		exec_control &= ~SECONDARY_EXEC_RDSEED;
+		exec_control &= ~SECONDARY_EXEC_RDSEED_EXITING;
 
 	return exec_control;
 }
@@ -8287,9 +8287,9 @@ static bool nested_vmx_exit_reflected(struct kvm_vcpu *vcpu, u32 exit_reason)
 	case EXIT_REASON_RDPMC:
 		return nested_cpu_has(vmcs12, CPU_BASED_RDPMC_EXITING);
 	case EXIT_REASON_RDRAND:
-		return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDRAND);
+		return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDRAND_EXITING);
 	case EXIT_REASON_RDSEED:
-		return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDSEED);
+		return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDSEED_EXITING);
 	case EXIT_REASON_RDTSC: case EXIT_REASON_RDTSCP:
 		return nested_cpu_has(vmcs12, CPU_BASED_RDTSC_EXITING);
 	case EXIT_REASON_VMCALL: case EXIT_REASON_VMCLEAR:
@@ -8965,13 +8965,13 @@ static bool vmx_mpx_supported(void)
 static bool vmx_rdrand_supported(void)
 {
 	return vmcs_config.cpu_based_2nd_exec_ctrl &
-		SECONDARY_EXEC_RDRAND;
+		SECONDARY_EXEC_RDRAND_EXITING;
 }
 
 static bool vmx_rdseed_supported(void)
 {
 	return vmcs_config.cpu_based_2nd_exec_ctrl &
-		SECONDARY_EXEC_RDSEED;
+		SECONDARY_EXEC_RDSEED_EXITING;
 }
 
 static bool vmx_xsaves_supported(void)
@@ -9656,17 +9656,17 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu)
 		bool rdrand_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDRAND);
 
 		if (rdrand_enabled)
-			secondary_exec_ctl &= ~SECONDARY_EXEC_RDRAND;
+			secondary_exec_ctl &= ~SECONDARY_EXEC_RDRAND_EXITING;
 		else
-			secondary_exec_ctl |= SECONDARY_EXEC_RDRAND;
+			secondary_exec_ctl |= SECONDARY_EXEC_RDRAND_EXITING;
 
 		if (nested) {
 			if (rdrand_enabled)
 				vmx->nested.nested_vmx_secondary_ctls_high |=
-					SECONDARY_EXEC_RDRAND;
+					SECONDARY_EXEC_RDRAND_EXITING;
 			else
 				vmx->nested.nested_vmx_secondary_ctls_high &=
-					~SECONDARY_EXEC_RDRAND;
+					~SECONDARY_EXEC_RDRAND_EXITING;
 		}
 	}
 
@@ -9674,17 +9674,17 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu)
 		bool rdseed_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDSEED);
 
 		if (rdseed_enabled)
-			secondary_exec_ctl &= ~SECONDARY_EXEC_RDSEED;
+			secondary_exec_ctl &= ~SECONDARY_EXEC_RDSEED_EXITING;
 		else
-			secondary_exec_ctl |= SECONDARY_EXEC_RDSEED;
+			secondary_exec_ctl |= SECONDARY_EXEC_RDSEED_EXITING;
 
 		if (nested) {
 			if (rdseed_enabled)
 				vmx->nested.nested_vmx_secondary_ctls_high |=
-					SECONDARY_EXEC_RDSEED;
+					SECONDARY_EXEC_RDSEED_EXITING;
 			else
 				vmx->nested.nested_vmx_secondary_ctls_high &=
-					~SECONDARY_EXEC_RDSEED;
+					~SECONDARY_EXEC_RDSEED_EXITING;
 		}
 	}
 
-- 
2.13.5

Re: [PATCH v2 15/15] KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting

[Jim Mattson]

Perhaps these as well?

SECONDARY_EXEC_DESC -> SECONDARY_EXEC_DT_EXITING
SECONDARY_EXEC_RDTSCP -> SECONDARY_EXEC_ENABLE_RDTSCP
SECONDARY_EXEC_XSAVES -> SECONDARY_EXEC_ENABLE_XSAVES
PIN_BASED_EXT_INTR_MASK -> PIN_BASED_EXT_INTR_EXITING


On Thu, Aug 24, 2017 at 11:51 AM, David Hildenbrand <david@redhat.com> wrote:
> Let's just name these according to the SDM. This should make it clearer
> that the are used to enable exiting and not the feature itself.
>
> Signed-off-by: David Hildenbrand <david@redhat.com>
> ---
>  arch/x86/include/asm/vmx.h |  4 ++--
>  arch/x86/kvm/vmx.c         | 34 +++++++++++++++++-----------------
>  2 files changed, 19 insertions(+), 19 deletions(-)
>
> diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
> index 340007a9786e..8ec2b804effc 100644
> --- a/arch/x86/include/asm/vmx.h
> +++ b/arch/x86/include/asm/vmx.h
> @@ -70,11 +70,11 @@
>  #define SECONDARY_EXEC_APIC_REGISTER_VIRT       0x00000100
>  #define SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY    0x00000200
>  #define SECONDARY_EXEC_PAUSE_LOOP_EXITING      0x00000400
> -#define SECONDARY_EXEC_RDRAND                  0x00000800
> +#define SECONDARY_EXEC_RDRAND_EXITING          0x00000800
>  #define SECONDARY_EXEC_ENABLE_INVPCID          0x00001000
>  #define SECONDARY_EXEC_ENABLE_VMFUNC            0x00002000
>  #define SECONDARY_EXEC_SHADOW_VMCS              0x00004000
> -#define SECONDARY_EXEC_RDSEED                  0x00010000
> +#define SECONDARY_EXEC_RDSEED_EXITING          0x00010000
>  #define SECONDARY_EXEC_ENABLE_PML               0x00020000
>  #define SECONDARY_EXEC_XSAVES                  0x00100000
>  #define SECONDARY_EXEC_TSC_SCALING              0x02000000
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 5625a99aff7a..8abd517165db 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -2800,7 +2800,7 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx)
>                 vmx->nested.nested_vmx_secondary_ctls_high);
>         vmx->nested.nested_vmx_secondary_ctls_low = 0;
>         vmx->nested.nested_vmx_secondary_ctls_high &=
> -               SECONDARY_EXEC_RDRAND | SECONDARY_EXEC_RDSEED |
> +               SECONDARY_EXEC_RDRAND_EXITING | SECONDARY_EXEC_RDSEED_EXITING |
>                 SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
>                 SECONDARY_EXEC_RDTSCP |
>                 SECONDARY_EXEC_DESC |
> @@ -3653,8 +3653,8 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf)
>                         SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
>                         SECONDARY_EXEC_SHADOW_VMCS |
>                         SECONDARY_EXEC_XSAVES |
> -                       SECONDARY_EXEC_RDRAND |
> -                       SECONDARY_EXEC_RDSEED |
> +                       SECONDARY_EXEC_RDRAND_EXITING |
> +                       SECONDARY_EXEC_RDSEED_EXITING |
>                         SECONDARY_EXEC_ENABLE_PML |
>                         SECONDARY_EXEC_TSC_SCALING |
>                         SECONDARY_EXEC_ENABLE_VMFUNC;
> @@ -5275,10 +5275,10 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx *vmx)
>                 exec_control &= ~SECONDARY_EXEC_ENABLE_PML;
>
>         if (guest_cpuid_has(&vmx->vcpu, X86_FEATURE_RDRAND))
> -               exec_control &= ~SECONDARY_EXEC_RDRAND;
> +               exec_control &= ~SECONDARY_EXEC_RDRAND_EXITING;
>
>         if (guest_cpuid_has(&vmx->vcpu, X86_FEATURE_RDSEED))
> -               exec_control &= ~SECONDARY_EXEC_RDSEED;
> +               exec_control &= ~SECONDARY_EXEC_RDSEED_EXITING;
>
>         return exec_control;
>  }
> @@ -8287,9 +8287,9 @@ static bool nested_vmx_exit_reflected(struct kvm_vcpu *vcpu, u32 exit_reason)
>         case EXIT_REASON_RDPMC:
>                 return nested_cpu_has(vmcs12, CPU_BASED_RDPMC_EXITING);
>         case EXIT_REASON_RDRAND:
> -               return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDRAND);
> +               return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDRAND_EXITING);
>         case EXIT_REASON_RDSEED:
> -               return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDSEED);
> +               return nested_cpu_has2(vmcs12, SECONDARY_EXEC_RDSEED_EXITING);
>         case EXIT_REASON_RDTSC: case EXIT_REASON_RDTSCP:
>                 return nested_cpu_has(vmcs12, CPU_BASED_RDTSC_EXITING);
>         case EXIT_REASON_VMCALL: case EXIT_REASON_VMCLEAR:
> @@ -8965,13 +8965,13 @@ static bool vmx_mpx_supported(void)
>  static bool vmx_rdrand_supported(void)
>  {
>         return vmcs_config.cpu_based_2nd_exec_ctrl &
> -               SECONDARY_EXEC_RDRAND;
> +               SECONDARY_EXEC_RDRAND_EXITING;
>  }
>
>  static bool vmx_rdseed_supported(void)
>  {
>         return vmcs_config.cpu_based_2nd_exec_ctrl &
> -               SECONDARY_EXEC_RDSEED;
> +               SECONDARY_EXEC_RDSEED_EXITING;
>  }
>
>  static bool vmx_xsaves_supported(void)
> @@ -9656,17 +9656,17 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu)
>                 bool rdrand_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDRAND);
>
>                 if (rdrand_enabled)
> -                       secondary_exec_ctl &= ~SECONDARY_EXEC_RDRAND;
> +                       secondary_exec_ctl &= ~SECONDARY_EXEC_RDRAND_EXITING;
>                 else
> -                       secondary_exec_ctl |= SECONDARY_EXEC_RDRAND;
> +                       secondary_exec_ctl |= SECONDARY_EXEC_RDRAND_EXITING;
>
>                 if (nested) {
>                         if (rdrand_enabled)
>                                 vmx->nested.nested_vmx_secondary_ctls_high |=
> -                                       SECONDARY_EXEC_RDRAND;
> +                                       SECONDARY_EXEC_RDRAND_EXITING;
>                         else
>                                 vmx->nested.nested_vmx_secondary_ctls_high &=
> -                                       ~SECONDARY_EXEC_RDRAND;
> +                                       ~SECONDARY_EXEC_RDRAND_EXITING;
>                 }
>         }
>
> @@ -9674,17 +9674,17 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu)
>                 bool rdseed_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDSEED);
>
>                 if (rdseed_enabled)
> -                       secondary_exec_ctl &= ~SECONDARY_EXEC_RDSEED;
> +                       secondary_exec_ctl &= ~SECONDARY_EXEC_RDSEED_EXITING;
>                 else
> -                       secondary_exec_ctl |= SECONDARY_EXEC_RDSEED;
> +                       secondary_exec_ctl |= SECONDARY_EXEC_RDSEED_EXITING;
>
>                 if (nested) {
>                         if (rdseed_enabled)
>                                 vmx->nested.nested_vmx_secondary_ctls_high |=
> -                                       SECONDARY_EXEC_RDSEED;
> +                                       SECONDARY_EXEC_RDSEED_EXITING;
>                         else
>                                 vmx->nested.nested_vmx_secondary_ctls_high &=
> -                                       ~SECONDARY_EXEC_RDSEED;
> +                                       ~SECONDARY_EXEC_RDSEED_EXITING;
>                 }
>         }
>
> --
> 2.13.5
>

Re: [PATCH v2 15/15] KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting

[David Hildenbrand]

On 24.08.2017 22:39, Jim Mattson wrote:
> Perhaps these as well?
> 
> SECONDARY_EXEC_DESC -> SECONDARY_EXEC_DT_EXITING
> SECONDARY_EXEC_RDTSCP -> SECONDARY_EXEC_ENABLE_RDTSCP
> SECONDARY_EXEC_XSAVES -> SECONDARY_EXEC_ENABLE_XSAVES
> PIN_BASED_EXT_INTR_MASK -> PIN_BASED_EXT_INTR_EXITING
> 

Indeed, separate patch or resend this one?


-- 

Thanks,

David

Re: [PATCH v2 15/15] KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting

[Jim Mattson]

A separate patch is fine.

Reviewed-by: Jim Mattson <jmattson@google.com>

On Mon, Aug 28, 2017 at 7:55 AM, David Hildenbrand <david@redhat.com> wrote:
> On 24.08.2017 22:39, Jim Mattson wrote:
>> Perhaps these as well?
>>
>> SECONDARY_EXEC_DESC -> SECONDARY_EXEC_DT_EXITING
>> SECONDARY_EXEC_RDTSCP -> SECONDARY_EXEC_ENABLE_RDTSCP
>> SECONDARY_EXEC_XSAVES -> SECONDARY_EXEC_ENABLE_XSAVES
>> PIN_BASED_EXT_INTR_MASK -> PIN_BASED_EXT_INTR_EXITING
>>
>
> Indeed, separate patch or resend this one?
>
>
> --
>
> Thanks,
>
> David

Re: [PATCH v2 00/15] KVM x86/VMX cleanups

[David Hildenbrand]

On 24.08.2017 20:51, David Hildenbrand wrote:

Ping :)

> Some cleanups discovered while digging through the code.
> 
> v1 -> v2:
> - dropped "KVM: x86: mmu: use for_each_shadow_entry_lockless()"
> - added "KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting"
> - added "KVM: nVMX: no need to set ept/vpid caps to 0"
> - added "KVM: VMX: drop enable_ept check from ept_sync_context()"
> 
> David Hildenbrand (15):
>   KVM: x86: mmu: returning void in a void function is strange
>   KVM: x86: mmu: free_page can handle NULL
>   KVM: x86: drop BUG_ON(vcpu->kvm)
>   KVM: VMX: vmx_vcpu_setup() cannot fail
>   KVM: x86: no need to inititalize vcpu members to 0
>   KVM: VMX: drop enable_ept check from ept_sync_context()
>   KVM: VMX: call ept_sync_global() with enable_ept only
>   KVM: VMX: require INVEPT GLOBAL for EPT
>   KVM: VMX: drop unnecessary function declarations
>   KVM: nVMX: no need to set vcpu->cpu when switching vmcs
>   KVM: nVMX: no need to set ept/vpid caps to 0
>   KVM: VMX: cleanup init_rmode_identity_map()
>   KVM: x86: document special identity map address value
>   KVM: x86: allow setting identity map addr with no vcpus only
>   KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting
> 
>  Documentation/virtual/kvm/api.txt |  4 ++
>  arch/x86/include/asm/vmx.h        |  4 +-
>  arch/x86/kvm/mmu.c                |  5 +-
>  arch/x86/kvm/vmx.c                | 96 ++++++++++++++-------------------------
>  arch/x86/kvm/x86.c                | 21 ++++-----
>  5 files changed, 51 insertions(+), 79 deletions(-)
> 


-- 

Thanks,

David

Re: [PATCH v2 00/15] KVM x86/VMX cleanups

[Paolo Bonzini]

On 19/09/2017 14:42, David Hildenbrand wrote:
> On 24.08.2017 20:51, David Hildenbrand wrote:
> 
> Ping :)

These have to wait until kvm/{next,queue} open for 4.15, sorry.

Paolo

>> Some cleanups discovered while digging through the code.
>>
>> v1 -> v2:
>> - dropped "KVM: x86: mmu: use for_each_shadow_entry_lockless()"
>> - added "KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting"
>> - added "KVM: nVMX: no need to set ept/vpid caps to 0"
>> - added "KVM: VMX: drop enable_ept check from ept_sync_context()"
>>
>> David Hildenbrand (15):
>>   KVM: x86: mmu: returning void in a void function is strange
>>   KVM: x86: mmu: free_page can handle NULL
>>   KVM: x86: drop BUG_ON(vcpu->kvm)
>>   KVM: VMX: vmx_vcpu_setup() cannot fail
>>   KVM: x86: no need to inititalize vcpu members to 0
>>   KVM: VMX: drop enable_ept check from ept_sync_context()
>>   KVM: VMX: call ept_sync_global() with enable_ept only
>>   KVM: VMX: require INVEPT GLOBAL for EPT
>>   KVM: VMX: drop unnecessary function declarations
>>   KVM: nVMX: no need to set vcpu->cpu when switching vmcs
>>   KVM: nVMX: no need to set ept/vpid caps to 0
>>   KVM: VMX: cleanup init_rmode_identity_map()
>>   KVM: x86: document special identity map address value
>>   KVM: x86: allow setting identity map addr with no vcpus only
>>   KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting
>>
>>  Documentation/virtual/kvm/api.txt |  4 ++
>>  arch/x86/include/asm/vmx.h        |  4 +-
>>  arch/x86/kvm/mmu.c                |  5 +-
>>  arch/x86/kvm/vmx.c                | 96 ++++++++++++++-------------------------
>>  arch/x86/kvm/x86.c                | 21 ++++-----
>>  5 files changed, 51 insertions(+), 79 deletions(-)
>>
> 
> 

Re: [PATCH v2 00/15] KVM x86/VMX cleanups

[Radim Krčmář]

2017-08-24 20:51+0200, David Hildenbrand:
> Some cleanups discovered while digging through the code.
> 
> v1 -> v2:
> - dropped "KVM: x86: mmu: use for_each_shadow_entry_lockless()"
> - added "KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting"
> - added "KVM: nVMX: no need to set ept/vpid caps to 0"
> - added "KVM: VMX: drop enable_ept check from ept_sync_context()"

Resolved few minor conflicts and queued, thanks.

> David Hildenbrand (15):
>   KVM: x86: mmu: returning void in a void function is strange
>   KVM: x86: mmu: free_page can handle NULL
>   KVM: x86: drop BUG_ON(vcpu->kvm)
>   KVM: VMX: vmx_vcpu_setup() cannot fail
>   KVM: x86: no need to inititalize vcpu members to 0
>   KVM: VMX: drop enable_ept check from ept_sync_context()
>   KVM: VMX: call ept_sync_global() with enable_ept only
>   KVM: VMX: require INVEPT GLOBAL for EPT
>   KVM: VMX: drop unnecessary function declarations
>   KVM: nVMX: no need to set vcpu->cpu when switching vmcs
>   KVM: nVMX: no need to set ept/vpid caps to 0
>   KVM: VMX: cleanup init_rmode_identity_map()
>   KVM: x86: document special identity map address value
>   KVM: x86: allow setting identity map addr with no vcpus only
>   KVM: VMX: rename RDSEED and RDRAND vmx ctrls to reflect exiting
> 
>  Documentation/virtual/kvm/api.txt |  4 ++
>  arch/x86/include/asm/vmx.h        |  4 +-
>  arch/x86/kvm/mmu.c                |  5 +-
>  arch/x86/kvm/vmx.c                | 96 ++++++++++++++-------------------------
>  arch/x86/kvm/x86.c                | 21 ++++-----
>  5 files changed, 51 insertions(+), 79 deletions(-)
> 
> -- 
> 2.13.5
>