From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ed White Subject: [PATCH v7 12/15] x86/altp2m: Add altp2mhvm HVM domain parameter. Date: Wed, 22 Jul 2015 16:01:18 -0700 Message-ID: <1437606081-6964-13-git-send-email-edmund.h.white@intel.com> References: <1437606081-6964-1-git-send-email-edmund.h.white@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1437606081-6964-1-git-send-email-edmund.h.white@intel.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: xen-devel@lists.xen.org Cc: Ravi Sahita , Wei Liu , Jun Nakajima , George Dunlap , Ian Jackson , Tim Deegan , Ed White , Jan Beulich , Andrew Cooper , tlengyel@novetta.com, Daniel De Graaf List-Id: xen-devel@lists.xenproject.org The altp2mhvm and nestedhvm parameters are mutually exclusive and cannot be set together. Signed-off-by: Ed White Reviewed-by: Andrew Cooper Acked-by: Wei Liu --- Changes since v6: no changes docs/man/xl.cfg.pod.5 | 12 ++++++++++++ tools/libxl/libxl.h | 6 ++++++ tools/libxl/libxl_create.c | 1 + tools/libxl/libxl_dom.c | 2 ++ tools/libxl/libxl_types.idl | 1 + tools/libxl/xl_cmdimpl.c | 10 ++++++++++ xen/arch/x86/hvm/hvm.c | 21 ++++++++++++++++++++- xen/include/public/hvm/params.h | 5 ++++- 8 files changed, 56 insertions(+), 2 deletions(-) diff --git a/docs/man/xl.cfg.pod.5 b/docs/man/xl.cfg.pod.5 index 382f30b..e53fd45 100644 --- a/docs/man/xl.cfg.pod.5 +++ b/docs/man/xl.cfg.pod.5 @@ -1027,6 +1027,18 @@ enabled by default and you should usually omit it. It may be necessary to disable the HPET in order to improve compatibility with guest Operating Systems (X86 only) +=item B + +Enables or disables hvm guest access to alternate-p2m capability. +Alternate-p2m allows a guest to manage multiple p2m guest physical +"memory views" (as opposed to a single p2m). This option is +disabled by default and is available only to hvm domains. +You may want this option if you want to access-control/isolate +access to specific guest physical memory pages accessed by +the guest, e.g. for HVM domain memory introspection or +for isolation/access-control of memory between components within +a single guest hvm domain. + =item B Enable or disables guest access to hardware virtualisation features, diff --git a/tools/libxl/libxl.h b/tools/libxl/libxl.h index 5a7308d..6f86b21 100644 --- a/tools/libxl/libxl.h +++ b/tools/libxl/libxl.h @@ -758,6 +758,12 @@ typedef struct libxl__ctx libxl_ctx; #define LIBXL_HAVE_BUILDINFO_SERIAL_LIST 1 /* + * LIBXL_HAVE_ALTP2M + * If this is defined, then libxl supports alternate p2m functionality. + */ +#define LIBXL_HAVE_ALTP2M 1 + +/* * LIBXL_HAVE_REMUS * If this is defined, then libxl supports remus. */ diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c index a32e3df..b1614b2 100644 --- a/tools/libxl/libxl_create.c +++ b/tools/libxl/libxl_create.c @@ -277,6 +277,7 @@ int libxl__domain_build_info_setdefault(libxl__gc *gc, libxl_defbool_setdefault(&b_info->u.hvm.hpet, true); libxl_defbool_setdefault(&b_info->u.hvm.vpt_align, true); libxl_defbool_setdefault(&b_info->u.hvm.nested_hvm, false); + libxl_defbool_setdefault(&b_info->u.hvm.altp2m, false); libxl_defbool_setdefault(&b_info->u.hvm.usb, false); libxl_defbool_setdefault(&b_info->u.hvm.xen_platform_pci, true); diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c index edd7f3f..813c4a7 100644 --- a/tools/libxl/libxl_dom.c +++ b/tools/libxl/libxl_dom.c @@ -301,6 +301,8 @@ static void hvm_set_conf_params(xc_interface *handle, uint32_t domid, libxl_defbool_val(info->u.hvm.vpt_align)); xc_hvm_param_set(handle, domid, HVM_PARAM_NESTEDHVM, libxl_defbool_val(info->u.hvm.nested_hvm)); + xc_hvm_param_set(handle, domid, HVM_PARAM_ALTP2M, + libxl_defbool_val(info->u.hvm.altp2m)); } int libxl__build_pre(libxl__gc *gc, uint32_t domid, diff --git a/tools/libxl/libxl_types.idl b/tools/libxl/libxl_types.idl index bc0c4ef..b9dab54 100644 --- a/tools/libxl/libxl_types.idl +++ b/tools/libxl/libxl_types.idl @@ -458,6 +458,7 @@ libxl_domain_build_info = Struct("domain_build_info",[ ("mmio_hole_memkb", MemKB), ("timer_mode", libxl_timer_mode), ("nested_hvm", libxl_defbool), + ("altp2m", libxl_defbool), ("smbios_firmware", string), ("acpi_firmware", string), ("hdtype", libxl_hdtype), diff --git a/tools/libxl/xl_cmdimpl.c b/tools/libxl/xl_cmdimpl.c index 1d45dd5..24b9808 100644 --- a/tools/libxl/xl_cmdimpl.c +++ b/tools/libxl/xl_cmdimpl.c @@ -1564,6 +1564,16 @@ static void parse_config_data(const char *config_source, xlu_cfg_get_defbool(config, "nestedhvm", &b_info->u.hvm.nested_hvm, 0); + xlu_cfg_get_defbool(config, "altp2mhvm", &b_info->u.hvm.altp2m, 0); + + if (!libxl_defbool_is_default(b_info->u.hvm.nested_hvm) && + libxl_defbool_val(b_info->u.hvm.nested_hvm) && + !libxl_defbool_is_default(b_info->u.hvm.altp2m) && + libxl_defbool_val(b_info->u.hvm.altp2m)) { + fprintf(stderr, "ERROR: nestedhvm and altp2mhvm cannot be used together\n"); + exit(1); + } + xlu_cfg_replace_string(config, "smbios_firmware", &b_info->u.hvm.smbios_firmware, 0); xlu_cfg_replace_string(config, "acpi_firmware", diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 4f4cccb..55e70f0 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -5868,6 +5868,7 @@ static int hvm_allow_set_param(struct domain *d, case HVM_PARAM_VIRIDIAN: case HVM_PARAM_IOREQ_SERVER_PFN: case HVM_PARAM_NR_IOREQ_SERVER_PAGES: + case HVM_PARAM_ALTP2M: if ( value != 0 && a->value != value ) rc = -EEXIST; break; @@ -5990,6 +5991,9 @@ static int hvmop_set_param( */ if ( cpu_has_svm && !paging_mode_hap(d) && a.value ) rc = -EINVAL; + if ( a.value && + d->arch.hvm_domain.params[HVM_PARAM_ALTP2M] ) + rc = -EINVAL; /* Set up NHVM state for any vcpus that are already up. */ if ( a.value && !d->arch.hvm_domain.params[HVM_PARAM_NESTEDHVM] ) @@ -6000,6 +6004,13 @@ static int hvmop_set_param( for_each_vcpu(d, v) nestedhvm_vcpu_destroy(v); break; + case HVM_PARAM_ALTP2M: + if ( a.value > 1 ) + rc = -EINVAL; + if ( a.value && + d->arch.hvm_domain.params[HVM_PARAM_NESTEDHVM] ) + rc = -EINVAL; + break; case HVM_PARAM_BUFIOREQ_EVTCHN: rc = -EINVAL; break; @@ -6060,6 +6071,7 @@ static int hvm_allow_get_param(struct domain *d, case HVM_PARAM_STORE_EVTCHN: case HVM_PARAM_CONSOLE_PFN: case HVM_PARAM_CONSOLE_EVTCHN: + case HVM_PARAM_ALTP2M: break; /* * The following parameters must not be read by the guest @@ -6180,6 +6192,12 @@ static int do_altp2m_op( switch ( a.cmd ) { case HVMOP_altp2m_get_domain_state: + if ( !d->arch.hvm_domain.params[HVM_PARAM_ALTP2M] ) + { + rc = -EINVAL; + break; + } + a.u.domain_state.state = altp2m_active(d); rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0; break; @@ -6189,7 +6207,8 @@ static int do_altp2m_op( struct vcpu *v; bool_t ostate; - if ( nestedhvm_enabled(d) ) + if ( !d->arch.hvm_domain.params[HVM_PARAM_ALTP2M] || + nestedhvm_enabled(d) ) { rc = -EINVAL; break; diff --git a/xen/include/public/hvm/params.h b/xen/include/public/hvm/params.h index 7c73089..147d9b8 100644 --- a/xen/include/public/hvm/params.h +++ b/xen/include/public/hvm/params.h @@ -187,6 +187,9 @@ /* Location of the VM Generation ID in guest physical address space. */ #define HVM_PARAM_VM_GENERATION_ID_ADDR 34 -#define HVM_NR_PARAMS 35 +/* Boolean: Enable altp2m */ +#define HVM_PARAM_ALTP2M 35 + +#define HVM_NR_PARAMS 36 #endif /* __XEN_PUBLIC_HVM_PARAMS_H__ */ -- 1.9.1