From patchwork Tue Jul 18 10:34:23 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergey Dyasli X-Patchwork-Id: 9847675 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id A3031602C8 for ; Tue, 18 Jul 2017 10:36:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9F4982854A for ; Tue, 18 Jul 2017 10:36:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 93BCE28572; Tue, 18 Jul 2017 10:36:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 063FA2854A for ; Tue, 18 Jul 2017 10:36:36 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dXPpw-000678-6O; Tue, 18 Jul 2017 10:34:40 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dXPpv-00063z-7N for xen-devel@lists.xen.org; Tue, 18 Jul 2017 10:34:39 +0000 Received: from [85.158.143.35] by server-7.bemta-6.messagelabs.com id 23/BE-03557-E34ED695; Tue, 18 Jul 2017 10:34:38 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAIsWRWlGSWpSXmKPExsXitHRDpK7dk9x Ig4Pt/BZLPi5mcWD0OLr7N1MAYxRrZl5SfkUCa8abSwIFz7QqXvzczdjAOEepi5GTQ0LAX6Jr Zy87iM0moCexcfYrJhBbREBWYnXXHLA4s8AnJomGY44gtrCAhcSK0zvYQGwWAVWJF7cuMoPYv AK2Ept+r2GFmCkvsavtIpjNKWAnMe95JwuILQRUs/rCLlYIW1Xi9YtdLBC9ghInZz5hgdglIX HwxQvmCYy8s5CkZiFJLWBkWsWoUZxaVJZapGtoqZdUlJmeUZKbmJmja2hgppebWlycmJ6ak5h UrJecn7uJERg6DECwg/HHsoBDjJIcTEqivKsP5EYK8SXlp1RmJBZnxBeV5qQWH2KU4eBQkuA9 +ggoJ1iUmp5akZaZAwximLQEB4+SCG/QY6A0b3FBYm5xZjpE6hSjLserCf+/MQmx5OXnpUqJ8 9aAzBAAKcoozYMbAYuoS4yyUsK8jEBHCfEUpBblZpagyr9iFOdgVBLm3QIyhSczrwRu0yugI5 iAjhD2zQE5oiQRISXVwLhcJOBNxeWkxhr1m13m91rqvgh6sVnPvq+7Z/MpJrZ1Cwsu+81JEi5 lNZ4bIVyd/OjsCo6l7SeX+ax2TH0dHNgu7vQg63X65yTV13eMTnBPXPv7o13i7q2RVfczt7x9 OOOYW1W7gEyv8MfzuToRbW/8FIo/GDw6fd3fcr6pzNqelb81e4ROeCixFGckGmoxFxUnAgB8D nvkowIAAA== X-Env-Sender: prvs=365bef495=sergey.dyasli@citrix.com X-Msg-Ref: server-3.tower-21.messagelabs.com!1500374074!70287400!4 X-Originating-IP: [66.165.176.89] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n, received_headers: No Received headers X-StarScan-Received: X-StarScan-Version: 9.4.25; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18021 invoked from network); 18 Jul 2017 10:34:38 -0000 Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89) by server-3.tower-21.messagelabs.com with RC4-SHA encrypted SMTP; 18 Jul 2017 10:34:38 -0000 X-IronPort-AV: E=Sophos;i="5.40,377,1496102400"; d="scan'208";a="431880765" From: Sergey Dyasli To: Date: Tue, 18 Jul 2017 11:34:23 +0100 Message-ID: <20170718103429.25020-7-sergey.dyasli@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170718103429.25020-1-sergey.dyasli@citrix.com> References: <20170718103429.25020-1-sergey.dyasli@citrix.com> MIME-Version: 1.0 Cc: Sergey Dyasli , Kevin Tian , Jun Nakajima , George Dunlap , Andrew Cooper , Tim Deegan , Jan Beulich , Boris Ostrovsky , Suravee Suthikulpanit Subject: [Xen-devel] [PATCH RFC 06/12] x86/vvmx: add stale_eptp flag X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP The new variable will indicate if update of a shadow EPTP is needed prior to vmentry. Update is required if a nested vcpu gets a new np2m or if its np2m was flushed by an IPI. Helper function nvcpu_flush() is added. Signed-off-by: Sergey Dyasli --- xen/arch/x86/hvm/nestedhvm.c | 1 + xen/arch/x86/hvm/vmx/entry.S | 6 ++++++ xen/arch/x86/hvm/vmx/vmx.c | 8 +++++++- xen/arch/x86/hvm/vmx/vvmx.c | 15 +++++++++++++++ xen/arch/x86/mm/p2m.c | 10 ++++++++-- xen/include/asm-x86/hvm/vmx/vvmx.h | 2 ++ 6 files changed, 39 insertions(+), 3 deletions(-) diff --git a/xen/arch/x86/hvm/nestedhvm.c b/xen/arch/x86/hvm/nestedhvm.c index 32b8acca6a..e9b1d8e628 100644 --- a/xen/arch/x86/hvm/nestedhvm.c +++ b/xen/arch/x86/hvm/nestedhvm.c @@ -108,6 +108,7 @@ nestedhvm_flushtlb_ipi(void *info) */ hvm_asid_flush_core(); vcpu_nestedhvm(v).nv_p2m = NULL; + vcpu_2_nvmx(v).stale_eptp = true; } void diff --git a/xen/arch/x86/hvm/vmx/entry.S b/xen/arch/x86/hvm/vmx/entry.S index 9f1755b31c..5480206cac 100644 --- a/xen/arch/x86/hvm/vmx/entry.S +++ b/xen/arch/x86/hvm/vmx/entry.S @@ -77,6 +77,8 @@ UNLIKELY_END(realmode) mov %rsp,%rdi call vmx_vmenter_helper + cmp $0,%eax + jne .Lvmx_vmentry_restart mov VCPU_hvm_guest_cr2(%rbx),%rax pop %r15 @@ -115,6 +117,10 @@ ENTRY(vmx_asm_do_vmentry) GET_CURRENT(bx) jmp .Lvmx_do_vmentry +.Lvmx_vmentry_restart: + sti + jmp .Lvmx_do_vmentry + .Lvmx_goto_emulator: sti mov %rsp,%rdi diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 69ce3aae25..35aa57e24f 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -4236,13 +4236,17 @@ static void lbr_fixup(void) bdw_erratum_bdf14_fixup(); } -void vmx_vmenter_helper(const struct cpu_user_regs *regs) +int vmx_vmenter_helper(const struct cpu_user_regs *regs) { struct vcpu *curr = current; u32 new_asid, old_asid; struct hvm_vcpu_asid *p_asid; bool_t need_flush; + /* Shadow EPTP can't be updated here because irqs are disabled */ + if ( nestedhvm_vcpu_in_guestmode(curr) && vcpu_2_nvmx(curr).stale_eptp ) + return 1; + if ( curr->domain->arch.hvm_domain.pi_ops.do_resume ) curr->domain->arch.hvm_domain.pi_ops.do_resume(curr); @@ -4303,6 +4307,8 @@ void vmx_vmenter_helper(const struct cpu_user_regs *regs) __vmwrite(GUEST_RIP, regs->rip); __vmwrite(GUEST_RSP, regs->rsp); __vmwrite(GUEST_RFLAGS, regs->rflags | X86_EFLAGS_MBS); + + return 0; } /* diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c index 1011829c15..7b193767cd 100644 --- a/xen/arch/x86/hvm/vmx/vvmx.c +++ b/xen/arch/x86/hvm/vmx/vvmx.c @@ -120,6 +120,7 @@ int nvmx_vcpu_initialise(struct vcpu *v) nvmx->iobitmap[1] = NULL; nvmx->msrbitmap = NULL; INIT_LIST_HEAD(&nvmx->launched_list); + nvmx->stale_eptp = false; return 0; } @@ -1390,12 +1391,26 @@ static void virtual_vmexit(struct cpu_user_regs *regs) vmsucceed(regs); } +static void nvmx_eptp_update(void) +{ + if ( !nestedhvm_vcpu_in_guestmode(current) || + vcpu_nestedhvm(current).nv_vmexit_pending || + !vcpu_2_nvmx(current).stale_eptp || + !nestedhvm_paging_mode_hap(current) ) + return; + + __vmwrite(EPT_POINTER, get_shadow_eptp(current)); + vcpu_2_nvmx(current).stale_eptp = false; +} + void nvmx_switch_guest(void) { struct vcpu *v = current; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); struct cpu_user_regs *regs = guest_cpu_user_regs(); + nvmx_eptp_update(); + /* * A pending IO emulation may still be not finished. In this case, no * virtual vmswitch is allowed. Or else, the following IO emulation will diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 4fc2d94b46..3d65899b05 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -1817,6 +1817,12 @@ static void assign_np2m(struct vcpu *v, struct p2m_domain *p2m) cpumask_set_cpu(v->processor, p2m->dirty_cpumask); } +static void nvcpu_flush(struct vcpu *v) +{ + hvm_asid_flush_vcpu(v); + vcpu_2_nvmx(v).stale_eptp = true; +} + struct p2m_domain * p2m_get_nestedp2m(struct vcpu *v) { @@ -1840,7 +1846,7 @@ p2m_get_nestedp2m(struct vcpu *v) if ( p2m->np2m_base == np2m_base || p2m->np2m_base == P2M_BASE_EADDR ) { if ( p2m->np2m_base == P2M_BASE_EADDR ) - hvm_asid_flush_vcpu(v); + nvcpu_flush(v); p2m->np2m_base = np2m_base; assign_np2m(v, p2m); p2m_unlock(p2m); @@ -1857,7 +1863,7 @@ p2m_get_nestedp2m(struct vcpu *v) p2m_flush_table(p2m); p2m_lock(p2m); p2m->np2m_base = np2m_base; - hvm_asid_flush_vcpu(v); + nvcpu_flush(v); assign_np2m(v, p2m); p2m_unlock(p2m); nestedp2m_unlock(d); diff --git a/xen/include/asm-x86/hvm/vmx/vvmx.h b/xen/include/asm-x86/hvm/vmx/vvmx.h index 3285b03bbb..ddc2569f64 100644 --- a/xen/include/asm-x86/hvm/vmx/vvmx.h +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h @@ -51,6 +51,8 @@ struct nestedvmx { } ept; uint32_t guest_vpid; struct list_head launched_list; + + bool stale_eptp; /* True, when EPTP in the shadow VMCS is no longer valid */ }; #define vcpu_2_nvmx(v) (vcpu_nestedhvm(v).u.nvmx)