From patchwork Tue Feb 4 17:34:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= X-Patchwork-Id: 11365073 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AF2DF112B for ; Tue, 4 Feb 2020 17:36:26 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 897302082E for ; Tue, 4 Feb 2020 17:36:26 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="K2GHsmK9" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 897302082E Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iz26J-0005R4-R7; Tue, 04 Feb 2020 17:35:03 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iz26I-0005Qz-Hb for xen-devel@lists.xenproject.org; Tue, 04 Feb 2020 17:35:02 +0000 X-Inumbo-ID: abed1d38-4774-11ea-b211-bc764e2007e4 Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id abed1d38-4774-11ea-b211-bc764e2007e4; Tue, 04 Feb 2020 17:35:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1580837701; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=h+anamrqT2q9UTZlpaYvIXOm1XfYwgcZqBSJsR8iSoU=; b=K2GHsmK92qDtw9IzOx6YnJ8hdOgp6PCUZZ14/gVd1i1+6q8rxr4PZ8GS AZq0GZj6xwo8neMBHMc9Mpc7nq8kf7rr5JO9FgLz6Kadz+NRUKca+IPQi 4Aamy+O9/wA9WIr4/2gQwp4jrdsMxObNzQthIKl98PdN/+dy1TEXnSDRK E=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa4.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: uP8q+NHyULdso6vtTJAncNVqf2wwnOUt5J5sd0itN8WB7jPVchPxPcpVyKQNO2rQqPv7ToTOqI Z/uxk+i85uVtoypwyWpgDoOuaaDor4tWPPyjeGJ965axMsP4uzLAHNAhaMSg7d/oC4y/ljCPwx 7XWkX7SE3Y1oy9d64F/4zE9sxYpYiDPDK9NSzJC9c4qTT7RudUpyEVZ93dGk6cqdsffIeMAyDj ozSR37IiH6bEOp+e/cMxWyb29a25tfx5eOr/zbXGnYq1l+oV2m5isshVEsij3+XxTdY44AdE7I aOE= X-SBRS: 2.7 X-MesageID: 12549459 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,402,1574139600"; d="scan'208";a="12549459" From: Roger Pau Monne To: Date: Tue, 4 Feb 2020 18:34:52 +0100 Message-ID: <20200204173455.22020-1-roger.pau@citrix.com> X-Mailer: git-send-email 2.25.0 MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v4 0/3] nvmx: implement support for MSR bitmaps X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Stefano Stabellini , Julien Grall , Jun Nakajima , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Jan Beulich , Roger Pau Monne Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Hello, Current nested VMX code advertises support for the MSR bitmap feature, yet the implementation isn't done. Previous to this series Xen just maps the nested guest MSR bitmap (as set by L1) and that's it, the L2 guest ends up using the L1 MSR bitmap. This series adds handling of the L2 MSR bitmap and merging with the L1 MSR bitmap and loading it into the nested guest VMCS. Patch #3 makes sure the x2APIC MSR range is always trapped, or else a guest with nested virtualization enabled could manage to access some of the x2APIC MSR registers from the host. Thanks, Roger. Roger Pau Monne (3): nvmx: implement support for MSR bitmaps bitmap: import bitmap_{set/clear} from Linux 5.5 nvmx: always trap accesses to x2APIC MSRs xen/arch/x86/hvm/vmx/vvmx.c | 80 ++++++++++++++++++++++++++++-- xen/common/bitmap.c | 41 +++++++++++++++ xen/include/asm-x86/hvm/vmx/vvmx.h | 3 +- xen/include/xen/bitmap.h | 39 +++++++++++++++ 4 files changed, 158 insertions(+), 5 deletions(-)