From: Paolo Bonzini <pbonzini@redhat.com>
To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc: vkuznets@redhat.com, mlevitsk@redhat.com,
Sean Christopherson <sean.j.christopherson@intel.com>,
Jim Mattson <jmattson@google.com>
Subject: [PATCH 17/28] KVM: nSVM: synchronize VMCB controls updated by the processor on every vmexit
Date: Tue, 26 May 2020 13:22:57 -0400 [thread overview]
Message-ID: <20200526172308.111575-18-pbonzini@redhat.com> (raw)
In-Reply-To: <20200526172308.111575-1-pbonzini@redhat.com>
The control state changes on every L2->L0 vmexit, and we will have to
serialize it in the nested state. So keep it up to date in svm->nested.ctl
and just copy them back to the nested VMCB in nested_svm_vmexit.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
arch/x86/kvm/svm/nested.c | 57 ++++++++++++++++++++++-----------------
arch/x86/kvm/svm/svm.c | 5 +++-
arch/x86/kvm/svm/svm.h | 1 +
3 files changed, 38 insertions(+), 25 deletions(-)
diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 7f739f9a797c..4355286b2726 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -234,6 +234,34 @@ static void load_nested_vmcb_control(struct vcpu_svm *svm,
svm->nested.ctl.iopm_base_pa &= ~0x0fffULL;
}
+/*
+ * Synchronize fields that are written by the processor, so that
+ * they can be copied back into the nested_vmcb.
+ */
+void sync_nested_vmcb_control(struct vcpu_svm *svm)
+{
+ u32 mask;
+ svm->nested.ctl.event_inj = svm->vmcb->control.event_inj;
+ svm->nested.ctl.event_inj_err = svm->vmcb->control.event_inj_err;
+
+ /* Only a few fields of int_ctl are written by the processor. */
+ mask = V_IRQ_MASK | V_TPR_MASK;
+ if (!(svm->nested.ctl.int_ctl & V_INTR_MASKING_MASK) &&
+ is_intercept(svm, SVM_EXIT_VINTR)) {
+ /*
+ * In order to request an interrupt window, L0 is usurping
+ * svm->vmcb->control.int_ctl and possibly setting V_IRQ
+ * even if it was clear in L1's VMCB. Restoring it would be
+ * wrong. However, in this case V_IRQ will remain true until
+ * interrupt_window_interception calls svm_clear_vintr and
+ * restores int_ctl. We can just leave it aside.
+ */
+ mask &= ~V_IRQ_MASK;
+ }
+ svm->nested.ctl.int_ctl &= ~mask;
+ svm->nested.ctl.int_ctl |= svm->vmcb->control.int_ctl & mask;
+}
+
static void nested_prepare_vmcb_save(struct vcpu_svm *svm, struct vmcb *nested_vmcb)
{
/* Load the nested guest state */
@@ -471,6 +499,7 @@ int nested_svm_vmexit(struct vcpu_svm *svm)
/* Exit Guest-Mode */
leave_guest_mode(&svm->vcpu);
svm->nested.vmcb = 0;
+ WARN_ON_ONCE(svm->nested.nested_run_pending);
/* in case we halted in L2 */
svm->vcpu.arch.mp_state = KVM_MP_STATE_RUNNABLE;
@@ -497,8 +526,6 @@ int nested_svm_vmexit(struct vcpu_svm *svm)
nested_vmcb->save.dr6 = svm->vcpu.arch.dr6;
nested_vmcb->save.cpl = vmcb->save.cpl;
- nested_vmcb->control.int_ctl = vmcb->control.int_ctl;
- nested_vmcb->control.int_vector = vmcb->control.int_vector;
nested_vmcb->control.int_state = vmcb->control.int_state;
nested_vmcb->control.exit_code = vmcb->control.exit_code;
nested_vmcb->control.exit_code_hi = vmcb->control.exit_code_hi;
@@ -510,34 +537,16 @@ int nested_svm_vmexit(struct vcpu_svm *svm)
if (svm->nrips_enabled)
nested_vmcb->control.next_rip = vmcb->control.next_rip;
- /*
- * If we emulate a VMRUN/#VMEXIT in the same host #vmexit cycle we have
- * to make sure that we do not lose injected events. So check event_inj
- * here and copy it to exit_int_info if it is valid.
- * Exit_int_info and event_inj can't be both valid because the case
- * below only happens on a VMRUN instruction intercept which has
- * no valid exit_int_info set.
- */
- if (vmcb->control.event_inj & SVM_EVTINJ_VALID) {
- struct vmcb_control_area *nc = &nested_vmcb->control;
-
- nc->exit_int_info = vmcb->control.event_inj;
- nc->exit_int_info_err = vmcb->control.event_inj_err;
- }
-
- nested_vmcb->control.tlb_ctl = 0;
- nested_vmcb->control.event_inj = 0;
- nested_vmcb->control.event_inj_err = 0;
+ nested_vmcb->control.int_ctl = svm->nested.ctl.int_ctl;
+ nested_vmcb->control.tlb_ctl = svm->nested.ctl.tlb_ctl;
+ nested_vmcb->control.event_inj = svm->nested.ctl.event_inj;
+ nested_vmcb->control.event_inj_err = svm->nested.ctl.event_inj_err;
nested_vmcb->control.pause_filter_count =
svm->vmcb->control.pause_filter_count;
nested_vmcb->control.pause_filter_thresh =
svm->vmcb->control.pause_filter_thresh;
- /* We always set V_INTR_MASKING and remember the old value in hflags */
- if (!(svm->vcpu.arch.hflags & HF_VINTR_MASK))
- nested_vmcb->control.int_ctl &= ~V_INTR_MASKING_MASK;
-
/* Restore the original control entries */
copy_vmcb_control_area(&vmcb->control, &hsave->control);
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index c213011a82e3..97dbd6f65831 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -3427,7 +3427,10 @@ static fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu)
sync_cr8_to_lapic(vcpu);
svm->next_rip = 0;
- svm->nested.nested_run_pending = 0;
+ if (is_guest_mode(&svm->vcpu)) {
+ sync_nested_vmcb_control(svm);
+ svm->nested.nested_run_pending = 0;
+ }
svm->vmcb->control.tlb_ctl = TLB_CONTROL_DO_NOTHING;
diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h
index dd5418f20256..7e79f0af1204 100644
--- a/arch/x86/kvm/svm/svm.h
+++ b/arch/x86/kvm/svm/svm.h
@@ -394,6 +394,7 @@ int nested_svm_check_permissions(struct vcpu_svm *svm);
int nested_svm_check_exception(struct vcpu_svm *svm, unsigned nr,
bool has_error_code, u32 error_code);
int nested_svm_exit_special(struct vcpu_svm *svm);
+void sync_nested_vmcb_control(struct vcpu_svm *svm);
extern struct kvm_x86_nested_ops svm_nested_ops;
--
2.26.2
next prev parent reply other threads:[~2020-05-26 17:23 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-26 17:22 [PATCH v2 00/28] KVM: nSVM: event fixes and migration support Paolo Bonzini
2020-05-26 17:22 ` [PATCH 01/28] KVM: x86: track manually whether an event has been injected Paolo Bonzini
2020-05-26 17:22 ` [PATCH 02/28] KVM: x86: enable event window in inject_pending_event Paolo Bonzini
2020-05-29 2:16 ` Krish Sadhukhan
2020-05-29 8:47 ` Paolo Bonzini
2020-05-26 17:22 ` [PATCH 03/28] KVM: nSVM: inject exceptions via svm_check_nested_events Paolo Bonzini
2021-03-06 1:39 ` Sean Christopherson
2021-03-06 9:26 ` Paolo Bonzini
2021-03-08 16:44 ` Sean Christopherson
2021-03-08 17:28 ` Paolo Bonzini
2021-03-08 20:43 ` Sean Christopherson
2021-03-08 22:51 ` Paolo Bonzini
2020-05-26 17:22 ` [PATCH 04/28] KVM: nSVM: remove exit_required Paolo Bonzini
2020-05-26 17:22 ` [PATCH 05/28] KVM: nSVM: correctly inject INIT vmexits Paolo Bonzini
2020-05-29 6:46 ` Krish Sadhukhan
2020-05-29 8:47 ` Paolo Bonzini
2020-05-26 17:22 ` [PATCH 06/28] KVM: SVM: always update CR3 in VMCB Paolo Bonzini
2020-05-26 17:22 ` [PATCH 07/28] KVM: nVMX: always update CR3 in VMCS Paolo Bonzini
2020-05-26 17:22 ` [PATCH 08/28] KVM: nSVM: move map argument out of enter_svm_guest_mode Paolo Bonzini
2020-05-26 17:22 ` [PATCH 09/28] KVM: nSVM: extract load_nested_vmcb_control Paolo Bonzini
2020-05-26 17:22 ` [PATCH 10/28] KVM: nSVM: extract preparation of VMCB for nested run Paolo Bonzini
2020-05-26 17:22 ` [PATCH 11/28] KVM: nSVM: move MMU setup to nested_prepare_vmcb_control Paolo Bonzini
2020-05-26 17:22 ` [PATCH 12/28] KVM: nSVM: clean up tsc_offset update Paolo Bonzini
2020-05-26 17:22 ` [PATCH 13/28] KVM: nSVM: pass vmcb_control_area to copy_vmcb_control_area Paolo Bonzini
2020-05-26 17:22 ` [PATCH 14/28] KVM: nSVM: remove trailing padding for struct vmcb_control_area Paolo Bonzini
2020-05-26 17:22 ` [PATCH 15/28] KVM: nSVM: save all control fields in svm->nested Paolo Bonzini
2020-05-26 17:22 ` [PATCH 16/28] KVM: nSVM: restore clobbered INT_CTL fields after clearing VINTR Paolo Bonzini
2020-05-26 17:22 ` Paolo Bonzini [this message]
2020-05-26 17:22 ` [PATCH 18/28] KVM: nSVM: remove unnecessary if Paolo Bonzini
2020-05-26 17:22 ` [PATCH 19/28] KVM: nSVM: extract svm_set_gif Paolo Bonzini
2020-05-26 17:23 ` [PATCH 20/28] KVM: SVM: preserve VGIF across VMCB switch Paolo Bonzini
2020-05-26 17:23 ` [PATCH 21/28] KVM: nSVM: synthesize correct EXITINTINFO on vmexit Paolo Bonzini
2020-05-26 17:23 ` [PATCH 22/28] KVM: nSVM: remove HF_VINTR_MASK Paolo Bonzini
2020-05-26 17:23 ` [PATCH 23/28] KVM: nSVM: remove HF_HIF_MASK Paolo Bonzini
2020-05-26 17:23 ` [PATCH 24/28] KVM: nSVM: split nested_vmcb_check_controls Paolo Bonzini
2020-05-26 17:23 ` [PATCH 25/28] KVM: nSVM: leave guest mode when clearing EFER.SVME Paolo Bonzini
2020-05-26 17:23 ` [PATCH 26/28] KVM: MMU: pass arbitrary CR0/CR4/EFER to kvm_init_shadow_mmu Paolo Bonzini
2020-05-26 17:23 ` [PATCH 27/28] selftests: kvm: add a SVM version of state-test Paolo Bonzini
2020-05-26 17:23 ` [PATCH 28/28] KVM: nSVM: implement KVM_GET_NESTED_STATE and KVM_SET_NESTED_STATE Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200526172308.111575-18-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mlevitsk@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=vkuznets@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).