From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ed White Subject: [PATCH v4 12/15] x86/altp2m: Add altp2mhvm HVM domain parameter. Date: Thu, 9 Jul 2015 17:52:30 -0700 Message-ID: <1436489553-6300-13-git-send-email-edmund.h.white@intel.com> References: <1436489553-6300-1-git-send-email-edmund.h.white@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1436489553-6300-1-git-send-email-edmund.h.white@intel.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: xen-devel@lists.xen.org Cc: Ravi Sahita , Wei Liu , George Dunlap , Ian Jackson , Tim Deegan , Ed White , Jan Beulich , Andrew Cooper , tlengyel@novetta.com, Daniel De Graaf List-Id: xen-devel@lists.xenproject.org The altp2mhvm and nestedhvm parameters are mutually exclusive and cannot be set together. Signed-off-by: Ed White Reviewed-by: Andrew Cooper for the hypervisor bits. --- docs/man/xl.cfg.pod.5 | 12 ++++++++++++ tools/libxl/libxl.h | 6 ++++++ tools/libxl/libxl_create.c | 1 + tools/libxl/libxl_dom.c | 2 ++ tools/libxl/libxl_types.idl | 1 + tools/libxl/xl_cmdimpl.c | 10 ++++++++++ xen/arch/x86/hvm/hvm.c | 23 +++++++++++++++++++++-- xen/include/public/hvm/params.h | 5 ++++- 8 files changed, 57 insertions(+), 3 deletions(-) diff --git a/docs/man/xl.cfg.pod.5 b/docs/man/xl.cfg.pod.5 index a3e0e2e..18afd46 100644 --- a/docs/man/xl.cfg.pod.5 +++ b/docs/man/xl.cfg.pod.5 @@ -1035,6 +1035,18 @@ enabled by default and you should usually omit it. It may be necessary to disable the HPET in order to improve compatibility with guest Operating Systems (X86 only) +=item B + +Enables or disables hvm guest access to alternate-p2m capability. +Alternate-p2m allows a guest to manage multiple p2m guest physical +"memory views" (as opposed to a single p2m). This option is +disabled by default and is available only to hvm domains. +You may want this option if you want to access-control/isolate +access to specific guest physical memory pages accessed by +the guest, e.g. for HVM domain memory introspection or +for isolation/access-control of memory between components within +a single guest hvm domain. + =item B Enable or disables guest access to hardware virtualisation features, diff --git a/tools/libxl/libxl.h b/tools/libxl/libxl.h index a1c5d15..17222e7 100644 --- a/tools/libxl/libxl.h +++ b/tools/libxl/libxl.h @@ -745,6 +745,12 @@ typedef struct libxl__ctx libxl_ctx; #define LIBXL_HAVE_BUILDINFO_SERIAL_LIST 1 /* + * LIBXL_HAVE_ALTP2M + * If this is defined, then libxl supports alternate p2m functionality. + */ +#define LIBXL_HAVE_ALTP2M 1 + +/* * LIBXL_HAVE_REMUS * If this is defined, then libxl supports remus. */ diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c index f366a09..418deee 100644 --- a/tools/libxl/libxl_create.c +++ b/tools/libxl/libxl_create.c @@ -329,6 +329,7 @@ int libxl__domain_build_info_setdefault(libxl__gc *gc, libxl_defbool_setdefault(&b_info->u.hvm.hpet, true); libxl_defbool_setdefault(&b_info->u.hvm.vpt_align, true); libxl_defbool_setdefault(&b_info->u.hvm.nested_hvm, false); + libxl_defbool_setdefault(&b_info->u.hvm.altp2m, false); libxl_defbool_setdefault(&b_info->u.hvm.usb, false); libxl_defbool_setdefault(&b_info->u.hvm.xen_platform_pci, true); diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c index bdc0465..2f1200e 100644 --- a/tools/libxl/libxl_dom.c +++ b/tools/libxl/libxl_dom.c @@ -300,6 +300,8 @@ static void hvm_set_conf_params(xc_interface *handle, uint32_t domid, libxl_defbool_val(info->u.hvm.vpt_align)); xc_hvm_param_set(handle, domid, HVM_PARAM_NESTEDHVM, libxl_defbool_val(info->u.hvm.nested_hvm)); + xc_hvm_param_set(handle, domid, HVM_PARAM_ALTP2MHVM, + libxl_defbool_val(info->u.hvm.altp2m)); } int libxl__build_pre(libxl__gc *gc, uint32_t domid, diff --git a/tools/libxl/libxl_types.idl b/tools/libxl/libxl_types.idl index e1632fa..fb641fe 100644 --- a/tools/libxl/libxl_types.idl +++ b/tools/libxl/libxl_types.idl @@ -440,6 +440,7 @@ libxl_domain_build_info = Struct("domain_build_info",[ ("mmio_hole_memkb", MemKB), ("timer_mode", libxl_timer_mode), ("nested_hvm", libxl_defbool), + ("altp2m", libxl_defbool), ("smbios_firmware", string), ("acpi_firmware", string), ("nographic", libxl_defbool), diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c index c858068..43cf6bf 100644 --- a/tools/libxl/xl_cmdimpl.c +++ b/tools/libxl/xl_cmdimpl.c @@ -1500,6 +1500,16 @@ static void parse_config_data(const char *config_source, xlu_cfg_get_defbool(config, "nestedhvm", &b_info->u.hvm.nested_hvm, 0); + xlu_cfg_get_defbool(config, "altp2mhvm", &b_info->u.hvm.altp2m, 0); + + if (!libxl_defbool_is_default(b_info->u.hvm.nested_hvm) && + libxl_defbool_val(b_info->u.hvm.nested_hvm) && + !libxl_defbool_is_default(b_info->u.hvm.altp2m) && + libxl_defbool_val(b_info->u.hvm.altp2m)) { + fprintf(stderr, "ERROR: nestedhvm and altp2mhvm cannot be used together\n"); + exit(1); + } + xlu_cfg_replace_string(config, "smbios_firmware", &b_info->u.hvm.smbios_firmware, 0); xlu_cfg_replace_string(config, "acpi_firmware", diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 23cd507..6e59e68 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -5750,6 +5750,7 @@ static int hvm_allow_set_param(struct domain *d, case HVM_PARAM_VIRIDIAN: case HVM_PARAM_IOREQ_SERVER_PFN: case HVM_PARAM_NR_IOREQ_SERVER_PAGES: + case HVM_PARAM_ALTP2MHVM: if ( value != 0 && a->value != value ) rc = -EEXIST; break; @@ -5872,6 +5873,9 @@ static int hvmop_set_param( */ if ( cpu_has_svm && !paging_mode_hap(d) && a.value ) rc = -EINVAL; + if ( a.value && + d->arch.hvm_domain.params[HVM_PARAM_ALTP2MHVM] ) + rc = -EINVAL; /* Set up NHVM state for any vcpus that are already up. */ if ( a.value && !d->arch.hvm_domain.params[HVM_PARAM_NESTEDHVM] ) @@ -5882,6 +5886,13 @@ static int hvmop_set_param( for_each_vcpu(d, v) nestedhvm_vcpu_destroy(v); break; + case HVM_PARAM_ALTP2MHVM: + if ( a.value > 1 ) + rc = -EINVAL; + if ( a.value && + d->arch.hvm_domain.params[HVM_PARAM_NESTEDHVM] ) + rc = -EINVAL; + break; case HVM_PARAM_BUFIOREQ_EVTCHN: rc = -EINVAL; break; @@ -5942,6 +5953,7 @@ static int hvm_allow_get_param(struct domain *d, case HVM_PARAM_STORE_EVTCHN: case HVM_PARAM_CONSOLE_PFN: case HVM_PARAM_CONSOLE_EVTCHN: + case HVM_PARAM_ALTP2MHVM: break; /* * The following parameters must not be read by the guest @@ -6482,6 +6494,12 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) switch ( a.cmd ) { case HVMOP_altp2m_get_domain_state: + if ( !d->arch.hvm_domain.params[HVM_PARAM_ALTP2MHVM] ) + { + rc = -EINVAL; + break; + } + a.u.domain_state.state = altp2m_active(d); rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0; @@ -6490,8 +6508,9 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) { struct vcpu *v; bool_t ostate; - - if ( nestedhvm_enabled(d) ) + + if ( !d->arch.hvm_domain.params[HVM_PARAM_ALTP2MHVM] || + nestedhvm_enabled(d) ) { rc = -EINVAL; break; diff --git a/xen/include/public/hvm/params.h b/xen/include/public/hvm/params.h index 7c73089..51daad1 100644 --- a/xen/include/public/hvm/params.h +++ b/xen/include/public/hvm/params.h @@ -187,6 +187,9 @@ /* Location of the VM Generation ID in guest physical address space. */ #define HVM_PARAM_VM_GENERATION_ID_ADDR 34 -#define HVM_NR_PARAMS 35 +/* Boolean: Enable altp2m */ +#define HVM_PARAM_ALTP2MHVM 35 + +#define HVM_NR_PARAMS 36 #endif /* __XEN_PUBLIC_HVM_PARAMS_H__ */ -- 1.9.1