| Message ID | 1368939152-11406-9-git-send-email-jun.nakajima@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Il 19/05/2013 06:52, Jun Nakajima ha scritto: > From: Nadav Har'El <nyh@il.ibm.com> > > Advertise the support of EPT to the L1 guest, through the appropriate MSR. > > This is the last patch of the basic Nested EPT feature, so as to allow > bisection through this patch series: The guest will not see EPT support until > this last patch, and will not attempt to use the half-applied feature. > > Signed-off-by: Nadav Har'El <nyh@il.ibm.com> > Signed-off-by: Jun Nakajima <jun.nakajima@intel.com> > Signed-off-by: Xinhao Xu <xinhao.xu@intel.com> > --- > arch/x86/include/asm/vmx.h | 2 ++ > arch/x86/kvm/vmx.c | 17 +++++++++++++++-- > 2 files changed, 17 insertions(+), 2 deletions(-) This patch is ok, but it must be placed after patch 10 ("nEPT: Nested INVEPT"). Paolo > diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h > index f3e01a2..4aec45d 100644 > --- a/arch/x86/include/asm/vmx.h > +++ b/arch/x86/include/asm/vmx.h > @@ -394,7 +394,9 @@ enum vmcs_field { > #define VMX_EPTP_WB_BIT (1ull << 14) > #define VMX_EPT_2MB_PAGE_BIT (1ull << 16) > #define VMX_EPT_1GB_PAGE_BIT (1ull << 17) > +#define VMX_EPT_INVEPT_BIT (1ull << 20) > #define VMX_EPT_AD_BIT (1ull << 21) > +#define VMX_EPT_EXTENT_INDIVIDUAL_BIT (1ull << 24) > #define VMX_EPT_EXTENT_CONTEXT_BIT (1ull << 25) > #define VMX_EPT_EXTENT_GLOBAL_BIT (1ull << 26) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 4661a22..1cf8a41 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -2155,6 +2155,7 @@ static u32 nested_vmx_pinbased_ctls_low, nested_vmx_pinbased_ctls_high; > static u32 nested_vmx_exit_ctls_low, nested_vmx_exit_ctls_high; > static u32 nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high; > static u32 nested_vmx_misc_low, nested_vmx_misc_high; > +static u32 nested_vmx_ept_caps; > static __init void nested_vmx_setup_ctls_msrs(void) > { > /* > @@ -2242,6 +2243,18 @@ static __init void nested_vmx_setup_ctls_msrs(void) > SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | > SECONDARY_EXEC_WBINVD_EXITING; > > + if (enable_ept) { > + /* nested EPT: emulate EPT also to L1 */ > + nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT; > + nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT; > + nested_vmx_ept_caps |= > + VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT | > + VMX_EPT_EXTENT_CONTEXT_BIT | > + VMX_EPT_EXTENT_INDIVIDUAL_BIT; > + nested_vmx_ept_caps &= vmx_capability.ept; > + } else > + nested_vmx_ept_caps = 0; > + > /* miscellaneous data */ > rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high); > nested_vmx_misc_low &= VMX_MISC_PREEMPTION_TIMER_RATE_MASK | > @@ -2347,8 +2360,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata) > nested_vmx_secondary_ctls_high); > break; > case MSR_IA32_VMX_EPT_VPID_CAP: > - /* Currently, no nested ept or nested vpid */ > - *pdata = 0; > + /* Currently, no nested vpid support */ > + *pdata = nested_vmx_ept_caps; > break; > default: > return 0; > -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index f3e01a2..4aec45d 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -394,7 +394,9 @@ enum vmcs_field { #define VMX_EPTP_WB_BIT (1ull << 14) #define VMX_EPT_2MB_PAGE_BIT (1ull << 16) #define VMX_EPT_1GB_PAGE_BIT (1ull << 17) +#define VMX_EPT_INVEPT_BIT (1ull << 20) #define VMX_EPT_AD_BIT (1ull << 21) +#define VMX_EPT_EXTENT_INDIVIDUAL_BIT (1ull << 24) #define VMX_EPT_EXTENT_CONTEXT_BIT (1ull << 25) #define VMX_EPT_EXTENT_GLOBAL_BIT (1ull << 26) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 4661a22..1cf8a41 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -2155,6 +2155,7 @@ static u32 nested_vmx_pinbased_ctls_low, nested_vmx_pinbased_ctls_high; static u32 nested_vmx_exit_ctls_low, nested_vmx_exit_ctls_high; static u32 nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high; static u32 nested_vmx_misc_low, nested_vmx_misc_high; +static u32 nested_vmx_ept_caps; static __init void nested_vmx_setup_ctls_msrs(void) { /* @@ -2242,6 +2243,18 @@ static __init void nested_vmx_setup_ctls_msrs(void) SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | SECONDARY_EXEC_WBINVD_EXITING; + if (enable_ept) { + /* nested EPT: emulate EPT also to L1 */ + nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT; + nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT; + nested_vmx_ept_caps |= + VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT | + VMX_EPT_EXTENT_CONTEXT_BIT | + VMX_EPT_EXTENT_INDIVIDUAL_BIT; + nested_vmx_ept_caps &= vmx_capability.ept; + } else + nested_vmx_ept_caps = 0; + /* miscellaneous data */ rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high); nested_vmx_misc_low &= VMX_MISC_PREEMPTION_TIMER_RATE_MASK | @@ -2347,8 +2360,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata) nested_vmx_secondary_ctls_high); break; case MSR_IA32_VMX_EPT_VPID_CAP: - /* Currently, no nested ept or nested vpid */ - *pdata = 0; + /* Currently, no nested vpid support */ + *pdata = nested_vmx_ept_caps; break; default: return 0;