From patchwork Sat Oct 21 20:02:23 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Luwei Kang X-Patchwork-Id: 10021643 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 3AB9E60381 for ; Sun, 22 Oct 2017 09:48:59 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 249E928700 for ; Sun, 22 Oct 2017 09:48:59 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 192DF28775; Sun, 22 Oct 2017 09:48:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.2 required=2.0 tests=BAYES_00, DATE_IN_PAST_12_24, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id B6DB228705 for ; Sun, 22 Oct 2017 09:48:56 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e6CqX-00047K-3a; Sun, 22 Oct 2017 09:47:05 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e6CqV-000476-Pv for xen-devel@lists.xen.org; Sun, 22 Oct 2017 09:47:03 +0000 Received: from [193.109.254.147] by server-11.bemta-6.messagelabs.com id BD/19-20813-7196CE95; Sun, 22 Oct 2017 09:47:03 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrAIsWRWlGSWpSXmKPExsVywNykQlcs802 kQdtMUYslHxezODB6HN39mymAMYo1My8pvyKBNeP0jVXsBX8NKu71XWBuYNyl2sXIxSEkMJ1R 4vz8j6xdjJwcEgK8EkeWzYCyAyTuPDvN3MXIAVRUKtG4wwAkzCagLrH1/UawEhEBaYlrny8zg sxhFpjKJPFo2wmwhLBAoMSbKTuYQGwWAVWJSbN/sIHYvAIuEi9bm5kg5stJ3DzXyQxicwq4Sl y8twSsVwio5uD5DkaIekGJkzOfsIDcwAy0eP08IZAws4C8RPPW2cwTGAVmIamahVA1C0nVAkb mVYwaxalFZalFukameklFmekZJbmJmTm6hgZmermpxcWJ6ak5iUnFesn5uZsYgaHJAAQ7GFct CDzEKMnBpCTKW/HuVaQQX1J+SmVGYnFGfFFpTmrxIUYZDg4lCd6v6W8ihQSLUtNTK9Iyc4BRA pOW4OBREuG9ApLmLS5IzC3OTIdInWLU5ei4efcPkxBLXn5eqpQ472+QIgGQoozSPLgRsIi9xC grJczLCHSUEE9BalFuZgmq/CtGcQ5GJWFegQygKTyZeSVwm14BHcEEdISsPdgRJYkIKakGRv+ 3VndCI0rU1nrbHl62d4/4pLo1bBrek05q3Y5raJhhe774tmVNHscqyW3eUfalz94lOoSoR3zR PhOa8WN+9q1gayPL0Ce3nbZ8X5+W3njFc+mpvt6l/5+c5tKP1pkRs/KY+n+FCpEal+/7oqr0j j91UhXq+L90yfFEWVFuM2E9v89mdcysSizFGYmGWsxFxYkA0Nt9C9MCAAA= X-Env-Sender: luwei.kang@intel.com X-Msg-Ref: server-2.tower-27.messagelabs.com!1508665620!53255653!1 X-Originating-IP: [192.55.52.120] X-SpamReason: No, hits=1.0 required=7.0 tests=DATE_IN_PAST_12_24, UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 9.4.45; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6525 invoked from network); 22 Oct 2017 09:47:01 -0000 Received: from mga04.intel.com (HELO mga04.intel.com) (192.55.52.120) by server-2.tower-27.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 22 Oct 2017 09:47:01 -0000 Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Oct 2017 02:47:00 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos; i="5.43,416,1503385200"; d="scan'208"; a="1208603491" Received: from vmm.bj.intel.com ([10.238.135.172]) by fmsmga001.fm.intel.com with ESMTP; 22 Oct 2017 02:46:57 -0700 From: Luwei Kang To: xen-devel@lists.xen.org Date: Sun, 22 Oct 2017 04:02:23 +0800 Message-Id: <1508616147-17310-3-git-send-email-luwei.kang@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1508616147-17310-1-git-send-email-luwei.kang@intel.com> References: <1508616147-17310-1-git-send-email-luwei.kang@intel.com> MIME-Version: 1.0 Cc: kevin.tian@intel.com, sstabellini@kernel.org, wei.liu2@citrix.com, jun.nakajima@intel.com, konrad.wilk@oracle.com, George.Dunlap@eu.citrix.com, andrew.cooper3@citrix.com, ian.jackson@eu.citrix.com, tim@xen.org, jbeulich@suse.com, Luwei Kang Subject: [Xen-devel] [PATCH 2/6] x86: configure vmcs for Intel processor trace virtualization X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP This patch configure VMCS to make Intel PT output address can be treat as guest physical address and translated by EPT when intel_pt option is true. There have some constraint condition on VMCS configuration, otherwise will cause VM entry failed. 1. If the “Guest PT uses Guest Physical Addresses” execution control is 1, the “Clear IA32_RTIT_CTL on exit” exit control and the “Load IA32_RTIT_CTL on entry” entry control must also be 1. 2. If the “Guest PT uses Guest Physical Addresses” execution control is 1, the "enable EPT" execution control must also be 1. Signed-off-by: Luwei Kang --- xen/arch/x86/hvm/vmx/vmcs.c | 36 +++++++++++++++++++++++++++++++----- xen/include/asm-x86/hvm/vmx/vmcs.h | 7 +++++++ 2 files changed, 38 insertions(+), 5 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c index f62fe7e..8cd57b5 100644 --- a/xen/arch/x86/hvm/vmx/vmcs.c +++ b/xen/arch/x86/hvm/vmx/vmcs.c @@ -40,6 +40,7 @@ #include #include #include +#include static bool_t __read_mostly opt_vpid_enabled = 1; boolean_param("vpid", opt_vpid_enabled); @@ -242,6 +243,9 @@ static int vmx_init_vmcs_config(void) rdmsrl(MSR_IA32_VMX_MISC, _vmx_misc_cap); if ( _vmx_misc_cap & VMX_MISC_VMWRITE_ALL ) opt |= SECONDARY_EXEC_ENABLE_VMCS_SHADOWING; + if ( _vmx_misc_cap & VMX_MISC_PT_ENABLE ) + opt |= SECONDARY_EXEC_PT_USE_GPA | + SECONDARY_EXEC_CONCEAL_PT_PIP; if ( opt_vpid_enabled ) opt |= SECONDARY_EXEC_ENABLE_VPID; if ( opt_unrestricted_guest_enabled ) @@ -343,7 +347,8 @@ static int vmx_init_vmcs_config(void) min = VM_EXIT_ACK_INTR_ON_EXIT; opt = VM_EXIT_SAVE_GUEST_PAT | VM_EXIT_LOAD_HOST_PAT | - VM_EXIT_CLEAR_BNDCFGS; + VM_EXIT_CLEAR_BNDCFGS | VM_EXIT_CONCEAL_PT_PIP | + VM_EXIT_CLEAR_IA32_RTIT_CTL; min |= VM_EXIT_IA32E_MODE; _vmx_vmexit_control = adjust_vmx_controls( "VMExit Control", min, opt, MSR_IA32_VMX_EXIT_CTLS, &mismatch); @@ -383,13 +388,28 @@ static int vmx_init_vmcs_config(void) _vmx_secondary_exec_control &= ~SECONDARY_EXEC_ENABLE_VIRT_EXCEPTIONS; min = 0; - opt = VM_ENTRY_LOAD_GUEST_PAT | VM_ENTRY_LOAD_BNDCFGS; + opt = VM_ENTRY_LOAD_GUEST_PAT | VM_ENTRY_LOAD_BNDCFGS | + VM_ENTRY_CONCEAL_PT_PIP | VM_ENTRY_LOAD_IA32_RTIT_CTL; _vmx_vmentry_control = adjust_vmx_controls( "VMEntry Control", min, opt, MSR_IA32_VMX_ENTRY_CTLS, &mismatch); if ( mismatch ) return -EINVAL; + if ( !(_vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_EPT) || + !(_vmx_secondary_exec_control & SECONDARY_EXEC_PT_USE_GPA) || + !(_vmx_vmexit_control & VM_EXIT_CLEAR_IA32_RTIT_CTL) || + !(_vmx_vmentry_control & VM_ENTRY_LOAD_IA32_RTIT_CTL) ) + { + _vmx_secondary_exec_control &= ~(SECONDARY_EXEC_PT_USE_GPA | + SECONDARY_EXEC_CONCEAL_PT_PIP); + _vmx_vmexit_control &= ~(VM_EXIT_CONCEAL_PT_PIP | + VM_EXIT_CLEAR_IA32_RTIT_CTL); + _vmx_vmentry_control &= ~(VM_ENTRY_CONCEAL_PT_PIP | + VM_ENTRY_LOAD_IA32_RTIT_CTL); + opt_intel_pt = 0; + } + if ( !vmx_pin_based_exec_control ) { /* First time through. */ @@ -1032,10 +1052,16 @@ static int construct_vmcs(struct vcpu *v) v->arch.hvm_vmx.secondary_exec_control &= ~(SECONDARY_EXEC_ENABLE_EPT | SECONDARY_EXEC_UNRESTRICTED_GUEST | - SECONDARY_EXEC_ENABLE_INVPCID); + SECONDARY_EXEC_ENABLE_INVPCID | + SECONDARY_EXEC_PT_USE_GPA | + SECONDARY_EXEC_CONCEAL_PT_PIP); vmexit_ctl &= ~(VM_EXIT_SAVE_GUEST_PAT | - VM_EXIT_LOAD_HOST_PAT); - vmentry_ctl &= ~VM_ENTRY_LOAD_GUEST_PAT; + VM_EXIT_LOAD_HOST_PAT | + VM_EXIT_CONCEAL_PT_PIP | + VM_EXIT_CLEAR_IA32_RTIT_CTL); + vmentry_ctl &= ~(VM_ENTRY_LOAD_GUEST_PAT | + VM_ENTRY_CONCEAL_PT_PIP | + VM_ENTRY_LOAD_IA32_RTIT_CTL); } /* Disable Virtualize x2APIC mode by default. */ diff --git a/xen/include/asm-x86/hvm/vmx/vmcs.h b/xen/include/asm-x86/hvm/vmx/vmcs.h index 8fb9e3c..bd8a128 100644 --- a/xen/include/asm-x86/hvm/vmx/vmcs.h +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h @@ -220,6 +220,8 @@ extern u32 vmx_pin_based_exec_control; #define VM_EXIT_LOAD_HOST_EFER 0x00200000 #define VM_EXIT_SAVE_PREEMPT_TIMER 0x00400000 #define VM_EXIT_CLEAR_BNDCFGS 0x00800000 +#define VM_EXIT_CONCEAL_PT_PIP 0x01000000 +#define VM_EXIT_CLEAR_IA32_RTIT_CTL 0x02000000 extern u32 vmx_vmexit_control; #define VM_ENTRY_IA32E_MODE 0x00000200 @@ -229,6 +231,8 @@ extern u32 vmx_vmexit_control; #define VM_ENTRY_LOAD_GUEST_PAT 0x00004000 #define VM_ENTRY_LOAD_GUEST_EFER 0x00008000 #define VM_ENTRY_LOAD_BNDCFGS 0x00010000 +#define VM_ENTRY_CONCEAL_PT_PIP 0x00020000 +#define VM_ENTRY_LOAD_IA32_RTIT_CTL 0x00040000 extern u32 vmx_vmentry_control; #define SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES 0x00000001 @@ -247,7 +251,9 @@ extern u32 vmx_vmentry_control; #define SECONDARY_EXEC_ENABLE_VMCS_SHADOWING 0x00004000 #define SECONDARY_EXEC_ENABLE_PML 0x00020000 #define SECONDARY_EXEC_ENABLE_VIRT_EXCEPTIONS 0x00040000 +#define SECONDARY_EXEC_CONCEAL_PT_PIP 0x00080000 #define SECONDARY_EXEC_XSAVES 0x00100000 +#define SECONDARY_EXEC_PT_USE_GPA 0x01000000 #define SECONDARY_EXEC_TSC_SCALING 0x02000000 extern u32 vmx_secondary_exec_control; @@ -268,6 +274,7 @@ extern u32 vmx_secondary_exec_control; #define VMX_VPID_INVVPID_SINGLE_CONTEXT_RETAINING_GLOBAL 0x80000000000ULL extern u64 vmx_ept_vpid_cap; +#define VMX_MISC_PT_ENABLE 0x00004000 #define VMX_MISC_CR3_TARGET 0x01ff0000 #define VMX_MISC_VMWRITE_ALL 0x20000000