From patchwork Sun May 19 04:52:28 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Nakajima, Jun" <jun.nakajima@intel.com>
X-Patchwork-Id: 2589701
Return-Path: <kvm-owner@vger.kernel.org>
X-Original-To: patchwork-kvm@patchwork.kernel.org
Delivered-To: patchwork-process-083081@patchwork2.kernel.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by patchwork2.kernel.org (Postfix) with ESMTP id 4A90ADF24C
	for <patchwork-kvm@patchwork.kernel.org>;
	Sun, 19 May 2013 04:53:02 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751889Ab3ESEw6 (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Sun, 19 May 2013 00:52:58 -0400
Received: from mail-pd0-f180.google.com ([209.85.192.180]:59989 "EHLO
	mail-pd0-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751371Ab3ESEw5 (ORCPT <rfc822; kvm@vger.kernel.org>);
	Sun, 19 May 2013 00:52:57 -0400
Received: by mail-pd0-f180.google.com with SMTP id 10so3383497pdc.11
	for <kvm@vger.kernel.org>; Sat, 18 May 2013 21:52:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=x-received:from:to:cc:subject:date:message-id:x-mailer:in-reply-to
	:references:x-gm-message-state;
	bh=lGg5BDx3UWprXEEJ6Ud2KcI1YpipWg+c2rPU5iVIfHc=;
	b=hPeIV5M5ShV6u9MxWtrVihVJ5QuIjpmEmkUhfPElsvF3TgRzM3oGWdK5aMhBziQnHf
	WejTCohExjgXdAy4MVDBFah9EQRXvlj3SF45dUkl1MxCpzViIoTe2c4uabP4X6BeWipR
	I9qVWLBxebWW06rUSfVCx1KUteQ+OMEv/NaeTQqUgKIgYGMruXoAQUWCWBNXhf20+5+z
	YmEPJ1NouQsynu44SoT7CcHNdv81GTYZ00PpE9vIhDsNwAritOV8SaSUbzZ9jgrXBokq
	xuUIB18CD9C26pOCDMBGcPsTwNLfNZl5/YCDkfayEYvQl2jJIUrsMkMqgIpm17HztXJe
	Vr+Q==
X-Received: by 10.68.49.130 with SMTP id u2mr54704419pbn.124.1368939176856;
	Sat, 18 May 2013 21:52:56 -0700 (PDT)
Received: from localhost (c-98-207-34-191.hsd1.ca.comcast.net.
	[98.207.34.191]) by mx.google.com with ESMTPSA id
	rn7sm18226138pbc.12.2013.05.18.21.52.54 for <multiple recipients>
	(version=TLSv1.2 cipher=RC4-SHA bits=128/128);
	Sat, 18 May 2013 21:52:55 -0700 (PDT)
From: Jun Nakajima <jun.nakajima@intel.com>
To: kvm@vger.kernel.org
Cc: Gleb Natapov <gleb@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>
Subject: [PATCH v3 09/13] nEPT: Advertise EPT to L1
Date: Sat, 18 May 2013 21:52:28 -0700
Message-Id: <1368939152-11406-9-git-send-email-jun.nakajima@intel.com>
X-Mailer: git-send-email 1.8.2.1.610.g562af5b
In-Reply-To: <1368939152-11406-1-git-send-email-jun.nakajima@intel.com>
References: <1368939152-11406-1-git-send-email-jun.nakajima@intel.com>
X-Gm-Message-State: 
 ALoCoQkXQGxJjhbG0qnL66M5kt7Kob+ICevEWgEU8lCOdDJbDQbubeod5Iwn3YWNbEPtXHvLKYK5
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

From: Nadav Har'El <nyh@il.ibm.com>

Advertise the support of EPT to the L1 guest, through the appropriate MSR.

This is the last patch of the basic Nested EPT feature, so as to allow
bisection through this patch series: The guest will not see EPT support until
this last patch, and will not attempt to use the half-applied feature.

Signed-off-by: Nadav Har'El <nyh@il.ibm.com>
Signed-off-by: Jun Nakajima <jun.nakajima@intel.com>
Signed-off-by: Xinhao Xu <xinhao.xu@intel.com>
---
 arch/x86/include/asm/vmx.h |  2 ++
 arch/x86/kvm/vmx.c         | 17 +++++++++++++++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
index f3e01a2..4aec45d 100644
--- a/arch/x86/include/asm/vmx.h
+++ b/arch/x86/include/asm/vmx.h
@@ -394,7 +394,9 @@ enum vmcs_field {
 #define VMX_EPTP_WB_BIT				(1ull << 14)
 #define VMX_EPT_2MB_PAGE_BIT			(1ull << 16)
 #define VMX_EPT_1GB_PAGE_BIT			(1ull << 17)
+#define VMX_EPT_INVEPT_BIT			(1ull << 20)
 #define VMX_EPT_AD_BIT				    (1ull << 21)
+#define VMX_EPT_EXTENT_INDIVIDUAL_BIT		(1ull << 24)
 #define VMX_EPT_EXTENT_CONTEXT_BIT		(1ull << 25)
 #define VMX_EPT_EXTENT_GLOBAL_BIT		(1ull << 26)
 
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 4661a22..1cf8a41 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2155,6 +2155,7 @@ static u32 nested_vmx_pinbased_ctls_low, nested_vmx_pinbased_ctls_high;
 static u32 nested_vmx_exit_ctls_low, nested_vmx_exit_ctls_high;
 static u32 nested_vmx_entry_ctls_low, nested_vmx_entry_ctls_high;
 static u32 nested_vmx_misc_low, nested_vmx_misc_high;
+static u32 nested_vmx_ept_caps;
 static __init void nested_vmx_setup_ctls_msrs(void)
 {
 	/*
@@ -2242,6 +2243,18 @@ static __init void nested_vmx_setup_ctls_msrs(void)
 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES |
 		SECONDARY_EXEC_WBINVD_EXITING;
 
+	if (enable_ept) {
+		/* nested EPT: emulate EPT also to L1 */
+		nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT;
+		nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT;
+		nested_vmx_ept_caps |=
+			VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT |
+			VMX_EPT_EXTENT_CONTEXT_BIT |
+			VMX_EPT_EXTENT_INDIVIDUAL_BIT;
+		nested_vmx_ept_caps &= vmx_capability.ept;
+	} else
+		nested_vmx_ept_caps = 0;
+
 	/* miscellaneous data */
 	rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high);
 	nested_vmx_misc_low &= VMX_MISC_PREEMPTION_TIMER_RATE_MASK |
@@ -2347,8 +2360,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
 					nested_vmx_secondary_ctls_high);
 		break;
 	case MSR_IA32_VMX_EPT_VPID_CAP:
-		/* Currently, no nested ept or nested vpid */
-		*pdata = 0;
+		/* Currently, no nested vpid support */
+		*pdata = nested_vmx_ept_caps;
 		break;
 	default:
 		return 0;