diff mbox

[v2,5/5] x86/vvmx: add per domain vmx msr policy

Message ID 20170724134745.4787-6-sergey.dyasli@citrix.com (mailing list archive)
State New, archived
Headers show

Commit Message

Sergey Dyasli July 24, 2017, 1:47 p.m. UTC 
Having a policy per domain allows to sensibly query what VMX features
the domain has, which unblocks some other nested virt work items.

For now, make policy for each domain equal to vvmx_max_msr_policy.
In the future it should be possible to independently configure
the policy for each domain.

Signed-off-by: Sergey Dyasli <sergey.dyasli@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
v1 --> v2:
- nvmx_msr_read_intercept() now uses const struct vmx_msr_policy *
  (starting from patch #4)
- Added Reviewed-by: Jan Beulich <jbeulich@suse.com>

 xen/arch/x86/domain.c              |  6 ++++++
 xen/arch/x86/hvm/vmx/vvmx.c        | 14 +++++++++++++-
 xen/include/asm-x86/domain.h       |  2 ++
 xen/include/asm-x86/hvm/vmx/vvmx.h |  1 +
 4 files changed, 22 insertions(+), 1 deletion(-)

Comments

Jan Beulich July 30, 2017, 10:05 a.m. UTC | #1 
>>> Sergey Dyasli <sergey.dyasli@citrix.com> 07/24/17 3:48 PM >>>
>@@ -470,6 +471,9 @@ int arch_domain_create(struct domain *d, unsigned int domcr_flags,
>if ( (rc = init_domain_cpuid_policy(d)) )
>goto fail;
 >
>+        if ( (rc = init_domain_vmx_msr_policy(d)) )
>+            goto fail;

There should not be a direct call from here to VMX-specific code - an
intermediate HVM layer is needed.

Jan
diff mbox

Patch

diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
index dd8bf1302f..e72f17c593 100644
--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -425,6 +425,7 @@  int arch_domain_create(struct domain *d, unsigned int domcr_flags,
     {
         d->arch.emulation_flags = 0;
         d->arch.cpuid = ZERO_BLOCK_PTR; /* Catch stray misuses. */
+        d->arch.vmx_msr = ZERO_BLOCK_PTR;
     }
     else
     {
@@ -470,6 +471,9 @@  int arch_domain_create(struct domain *d, unsigned int domcr_flags,
         if ( (rc = init_domain_cpuid_policy(d)) )
             goto fail;
 
+        if ( (rc = init_domain_vmx_msr_policy(d)) )
+            goto fail;
+
         d->arch.ioport_caps = 
             rangeset_new(d, "I/O Ports", RANGESETF_prettyprint_hex);
         rc = -ENOMEM;
@@ -541,6 +545,7 @@  int arch_domain_create(struct domain *d, unsigned int domcr_flags,
     cleanup_domain_irq_mapping(d);
     free_xenheap_page(d->shared_info);
     xfree(d->arch.cpuid);
+    xfree(d->arch.vmx_msr);
     if ( paging_initialised )
         paging_final_teardown(d);
     free_perdomain_mappings(d);
@@ -555,6 +560,7 @@  void arch_domain_destroy(struct domain *d)
 
     xfree(d->arch.e820);
     xfree(d->arch.cpuid);
+    xfree(d->arch.vmx_msr);
 
     free_domain_pirqs(d);
     if ( !is_idle_domain(d) )
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c
index e71728f356..9a19e7a7c0 100644
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -2072,6 +2072,18 @@  void __init calculate_vvmx_max_policy(void)
                                       MSR_IA32_VMX_VMFUNC);
 }
 
+int init_domain_vmx_msr_policy(struct domain *d)
+{
+    d->arch.vmx_msr = xmalloc(struct vmx_msr_policy);
+
+    if ( !d->arch.vmx_msr )
+        return -ENOMEM;
+
+    *d->arch.vmx_msr = vvmx_max_msr_policy;
+
+    return 0;
+}
+
 /*
  * Capability reporting
  */
@@ -2079,7 +2091,7 @@  int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
 {
     struct vcpu *v = current;
     struct domain *d = v->domain;
-    const struct vmx_msr_policy *p = &vvmx_max_msr_policy;
+    const struct vmx_msr_policy *p = d->arch.vmx_msr;
     int r = 1;
 
     /* VMX capablity MSRs are available only when guest supports VMX. */
diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h
index c10522b7f5..430188c1fa 100644
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -359,6 +359,8 @@  struct arch_domain
     /* CPUID Policy. */
     struct cpuid_policy *cpuid;
 
+    struct vmx_msr_policy *vmx_msr;
+
     struct PITState vpit;
 
     /* TSC management (emulation, pv, scaling, stats) */
diff --git a/xen/include/asm-x86/hvm/vmx/vvmx.h b/xen/include/asm-x86/hvm/vmx/vvmx.h
index 150124f3a3..0f5e44ae94 100644
--- a/xen/include/asm-x86/hvm/vmx/vvmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vvmx.h
@@ -246,5 +246,6 @@  int nvmx_cpu_up_prepare(unsigned int cpu);
 void nvmx_cpu_dead(unsigned int cpu);
 
 void calculate_vvmx_max_policy(void);
+int init_domain_vmx_msr_policy(struct domain *d);
 #endif /* __ASM_X86_HVM_VVMX_H__ */