From patchwork Mon Feb 3 17:37:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= X-Patchwork-Id: 11363127 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A0930138D for ; Mon, 3 Feb 2020 17:38:42 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7D0262080C for ; Mon, 3 Feb 2020 17:38:42 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="QF2biqZZ" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7D0262080C Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iyffT-0007Qx-CR; Mon, 03 Feb 2020 17:37:51 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iyffR-0007Qk-86 for xen-devel@lists.xenproject.org; Mon, 03 Feb 2020 17:37:49 +0000 X-Inumbo-ID: e49f6e48-46ab-11ea-8e7c-12813bfff9fa Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id e49f6e48-46ab-11ea-8e7c-12813bfff9fa; Mon, 03 Feb 2020 17:37:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1580751469; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=1uAvnWMOArEwHihLbC0v59fYzSYq7L28U8c1Ce8mJRc=; b=QF2biqZZ00zT0rpiRv1DE3iE0U0OiWy4ljNVbZR0Z4SnuSaThyKvHu1c MSAwnXfnTFVVHbf8Fcb2uFDky6XHwTRHA0aUddRK9YK7Yb/KFQ3zyzIrf eBmCh3bcfMaI0jNti/8J9lTeEAoJWWjGfZ2XoSCHiij75wIi6blitf/b9 E=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa1.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: e6gVsbIEL0exhSZgrhAbt1s1kTTrJ5XgnbA3NBwWc8Nm8LCScwIUlVTNwxRlz+ge8r6bC0T/Tk OYUOz5IfB4FHID02sUEqvUtB2H/CJ76YI5bNRpYZRwNLxliNOsmp/1d04scYlyky9wZmm50UuV WhX20dFPOAdPNzi2XaIBvdqMgbtYSzjqKBor9HfxyYvxyBJfp5wdbqA1D89EJx7n6O8EwF/i4g JyOVgjF5i/rjC0R1Wk3EJq90unOXHgB1/94rJFToZ4Qc8Q+L1kxhOWmtCm1PT+79fUHVUqlEaY PXI= X-SBRS: 2.7 X-MesageID: 12036616 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,398,1574139600"; d="scan'208";a="12036616" From: Roger Pau Monne To: Date: Mon, 3 Feb 2020 18:37:26 +0100 Message-ID: <20200203173728.18135-1-roger.pau@citrix.com> X-Mailer: git-send-email 2.25.0 MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v3 0/2] nvmx: implement support for MSR bitmaps X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Jun Nakajima , Wei Liu , Andrew Cooper , Roger Pau Monne Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Hello, Current nested VMX code advertises support for the MSR bitmap feature, yet the implementation isn't done. Previous to this series Xen just maps the nested guest MSR bitmap (as set by L1) and that's it, the L2 guest ends up using the L1 MSR bitmap. This series adds handling of the L2 MSR bitmap and merging with the L1 MSR bitmap and loading it into the nested guest VMCS. Patch #2 makes sure the x2APIC MSR range is always trapped, or else a guest with nested virtualization enabled could manage to access some of the x2APIC MSR registers from the host. Thanks, Roger. Roger Pau Monne (2): nvmx: implement support for MSR bitmaps nvmx: always trap accesses to x2APIC MSRs xen/arch/x86/hvm/vmx/vvmx.c | 72 ++++++++++++++++++++++++++++-- xen/include/asm-x86/hvm/vmx/vvmx.h | 3 +- 2 files changed, 71 insertions(+), 4 deletions(-)