| Message ID | 1523943962-25415-3-git-send-email-wanpengli@tencent.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Mon, Apr 16, 2018 at 10:46:01PM -0700, Wanpeng Li wrote: > From: Wanpeng Li <wanpengli@tencent.com> > > Allow to disable ioport intercept by userspace. > > Cc: Paolo Bonzini <pbonzini@redhat.com> > Cc: Radim Krčmář <rkrcmar@redhat.com> > Cc: Tim Shearer <tshearer@advaoptical.com> > Cc: Liran Alon <liran.alon@oracle.com> > Signed-off-by: Wanpeng Li <wanpengli@tencent.com> > --- > Documentation/virtual/kvm/api.txt | 11 +++++++++++ > arch/x86/include/asm/kvm_host.h | 2 ++ > arch/x86/kvm/x86.c | 5 +++++ > include/uapi/linux/kvm.h | 1 + > 4 files changed, 19 insertions(+) > > diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt > index 1c7958b..3d0488e 100644 > --- a/Documentation/virtual/kvm/api.txt > +++ b/Documentation/virtual/kvm/api.txt > @@ -4378,6 +4378,17 @@ all such vmexits. > > Do not enable KVM_FEATURE_PV_UNHALT if you disable HLT exits. > > +7.14 KVM_CAP_IOPORT_DISABLE_INTERCEPT > + > +Architectures: x86 > +Parameters: args[0] defines whether ioport intercept "defines whether ioport intercept" -> "defines whether to intercept the provided ioport" > + > +When disable intercept (args[0] == 1), some ioports which frequently When args[0] == 1 is one, that is disable intercept, some ioports.. > +access will not be intercepted. Why not proide args[1] which will have the ioport in questions? Or an array of them? > + > +When enable intercept (args[0] == 0), behavior is as if this facility > +is unsupported. > + > 8. Other capabilities. > ---------------------- > > diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h > index c25775f..2f29f64 100644 > --- a/arch/x86/include/asm/kvm_host.h > +++ b/arch/x86/include/asm/kvm_host.h > @@ -808,6 +808,8 @@ struct kvm_arch { > bool hlt_in_guest; > bool pause_in_guest; > > + bool ioport_disable_intercept; > + > unsigned long irq_sources_bitmap; > s64 kvmclock_offset; > raw_spinlock_t tsc_write_lock; > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 51ecd38..044e314 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -2881,6 +2881,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) > case KVM_CAP_SPLIT_IRQCHIP: > case KVM_CAP_IMMEDIATE_EXIT: > case KVM_CAP_GET_MSR_FEATURES: > + case KVM_CAP_IOPORT_DISABLE_INTERCEPT: > r = 1; > break; > case KVM_CAP_SYNC_REGS: > @@ -4250,6 +4251,10 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, > kvm->arch.pause_in_guest = true; > r = 0; > break; > + case KVM_CAP_IOPORT_DISABLE_INTERCEPT: > + kvm->arch.ioport_disable_intercept = cap->args[0]; > + r = 0; > + break; > default: > r = -EINVAL; > break; > diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h > index 1065006..92730d8 100644 > --- a/include/uapi/linux/kvm.h > +++ b/include/uapi/linux/kvm.h > @@ -941,6 +941,7 @@ struct kvm_ppc_resize_hpt { > #define KVM_CAP_S390_BPB 152 > #define KVM_CAP_GET_MSR_FEATURES 153 > #define KVM_CAP_HYPERV_EVENTFD 154 > +#define KVM_CAP_IOPORT_DISABLE_INTERCEPT 155 > > #ifdef KVM_CAP_IRQ_ROUTING > > -- > 2.7.4 >
On Fri, May 11, 2018 at 11:42:46AM -0400, Konrad Rzeszutek Wilk wrote: > On Mon, Apr 16, 2018 at 10:46:01PM -0700, Wanpeng Li wrote: > > From: Wanpeng Li <wanpengli@tencent.com> > > > > Allow to disable ioport intercept by userspace. > > > > Cc: Paolo Bonzini <pbonzini@redhat.com> > > Cc: Radim Krčmář <rkrcmar@redhat.com> > > Cc: Tim Shearer <tshearer@advaoptical.com> > > Cc: Liran Alon <liran.alon@oracle.com> > > Signed-off-by: Wanpeng Li <wanpengli@tencent.com> > > --- > > Documentation/virtual/kvm/api.txt | 11 +++++++++++ > > arch/x86/include/asm/kvm_host.h | 2 ++ > > arch/x86/kvm/x86.c | 5 +++++ > > include/uapi/linux/kvm.h | 1 + > > 4 files changed, 19 insertions(+) > > > > diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt > > index 1c7958b..3d0488e 100644 > > --- a/Documentation/virtual/kvm/api.txt > > +++ b/Documentation/virtual/kvm/api.txt > > @@ -4378,6 +4378,17 @@ all such vmexits. > > > > Do not enable KVM_FEATURE_PV_UNHALT if you disable HLT exits. > > > > +7.14 KVM_CAP_IOPORT_DISABLE_INTERCEPT > > + > > +Architectures: x86 And to be exact: Intel only..
I'd prefer to let the kvm module have the final say as to whether or not to allow userspace to do this. On Fri, May 11, 2018 at 8:43 AM, Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> wrote: > On Fri, May 11, 2018 at 11:42:46AM -0400, Konrad Rzeszutek Wilk wrote: >> On Mon, Apr 16, 2018 at 10:46:01PM -0700, Wanpeng Li wrote: >> > From: Wanpeng Li <wanpengli@tencent.com> >> > >> > Allow to disable ioport intercept by userspace. >> > >> > Cc: Paolo Bonzini <pbonzini@redhat.com> >> > Cc: Radim Krčmář <rkrcmar@redhat.com> >> > Cc: Tim Shearer <tshearer@advaoptical.com> >> > Cc: Liran Alon <liran.alon@oracle.com> >> > Signed-off-by: Wanpeng Li <wanpengli@tencent.com> >> > --- >> > Documentation/virtual/kvm/api.txt | 11 +++++++++++ >> > arch/x86/include/asm/kvm_host.h | 2 ++ >> > arch/x86/kvm/x86.c | 5 +++++ >> > include/uapi/linux/kvm.h | 1 + >> > 4 files changed, 19 insertions(+) >> > >> > diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt >> > index 1c7958b..3d0488e 100644 >> > --- a/Documentation/virtual/kvm/api.txt >> > +++ b/Documentation/virtual/kvm/api.txt >> > @@ -4378,6 +4378,17 @@ all such vmexits. >> > >> > Do not enable KVM_FEATURE_PV_UNHALT if you disable HLT exits. >> > >> > +7.14 KVM_CAP_IOPORT_DISABLE_INTERCEPT >> > + >> > +Architectures: x86 > > And to be exact: Intel only..
2018-05-16 5:56 GMT+08:00 Jim Mattson <jmattson@google.com>: > I'd prefer to let the kvm module have the final say as to whether or > not to allow userspace to do this. I have an IRC discussion with Paolo, it seems that he didn't like the original idea of the patchset. Regards, Wanpeng Li > > On Fri, May 11, 2018 at 8:43 AM, Konrad Rzeszutek Wilk > <konrad.wilk@oracle.com> wrote: >> On Fri, May 11, 2018 at 11:42:46AM -0400, Konrad Rzeszutek Wilk wrote: >>> On Mon, Apr 16, 2018 at 10:46:01PM -0700, Wanpeng Li wrote: >>> > From: Wanpeng Li <wanpengli@tencent.com> >>> > >>> > Allow to disable ioport intercept by userspace. >>> > >>> > Cc: Paolo Bonzini <pbonzini@redhat.com> >>> > Cc: Radim Krčmář <rkrcmar@redhat.com> >>> > Cc: Tim Shearer <tshearer@advaoptical.com> >>> > Cc: Liran Alon <liran.alon@oracle.com> >>> > Signed-off-by: Wanpeng Li <wanpengli@tencent.com> >>> > --- >>> > Documentation/virtual/kvm/api.txt | 11 +++++++++++ >>> > arch/x86/include/asm/kvm_host.h | 2 ++ >>> > arch/x86/kvm/x86.c | 5 +++++ >>> > include/uapi/linux/kvm.h | 1 + >>> > 4 files changed, 19 insertions(+) >>> > >>> > diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt >>> > index 1c7958b..3d0488e 100644 >>> > --- a/Documentation/virtual/kvm/api.txt >>> > +++ b/Documentation/virtual/kvm/api.txt >>> > @@ -4378,6 +4378,17 @@ all such vmexits. >>> > >>> > Do not enable KVM_FEATURE_PV_UNHALT if you disable HLT exits. >>> > >>> > +7.14 KVM_CAP_IOPORT_DISABLE_INTERCEPT >>> > + >>> > +Architectures: x86 >> >> And to be exact: Intel only..
diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index 1c7958b..3d0488e 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt @@ -4378,6 +4378,17 @@ all such vmexits. Do not enable KVM_FEATURE_PV_UNHALT if you disable HLT exits. +7.14 KVM_CAP_IOPORT_DISABLE_INTERCEPT + +Architectures: x86 +Parameters: args[0] defines whether ioport intercept + +When disable intercept (args[0] == 1), some ioports which frequently +access will not be intercepted. + +When enable intercept (args[0] == 0), behavior is as if this facility +is unsupported. + 8. Other capabilities. ---------------------- diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index c25775f..2f29f64 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -808,6 +808,8 @@ struct kvm_arch { bool hlt_in_guest; bool pause_in_guest; + bool ioport_disable_intercept; + unsigned long irq_sources_bitmap; s64 kvmclock_offset; raw_spinlock_t tsc_write_lock; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 51ecd38..044e314 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -2881,6 +2881,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) case KVM_CAP_SPLIT_IRQCHIP: case KVM_CAP_IMMEDIATE_EXIT: case KVM_CAP_GET_MSR_FEATURES: + case KVM_CAP_IOPORT_DISABLE_INTERCEPT: r = 1; break; case KVM_CAP_SYNC_REGS: @@ -4250,6 +4251,10 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, kvm->arch.pause_in_guest = true; r = 0; break; + case KVM_CAP_IOPORT_DISABLE_INTERCEPT: + kvm->arch.ioport_disable_intercept = cap->args[0]; + r = 0; + break; default: r = -EINVAL; break; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 1065006..92730d8 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -941,6 +941,7 @@ struct kvm_ppc_resize_hpt { #define KVM_CAP_S390_BPB 152 #define KVM_CAP_GET_MSR_FEATURES 153 #define KVM_CAP_HYPERV_EVENTFD 154 +#define KVM_CAP_IOPORT_DISABLE_INTERCEPT 155 #ifdef KVM_CAP_IRQ_ROUTING