diff mbox series

[XEN,v1,15/15] x86/hvm: make AMD-V and Intel VT-x support configurable

Message ID 20240416065012.3470263-1-Sergiy_Kibrik@epam.com (mailing list archive)
State New
Headers show
Series None | expand

Commit Message

Sergiy Kibrik April 16, 2024, 6:50 a.m. UTC 
From: Xenia Ragiadakou <burzalodowa@gmail.com>

Provide the user with configuration control over the cpu virtualization support
in Xen by making SVM and VMX options user selectable.

To preserve the current default behavior, both options depend on HVM and
default to Y.

To prevent users from unknowingly disabling virtualization support, make the
controls user selectable only if EXPERT is enabled.
Also make INTEL_IOMMU/AMD_IOMMU options dependant on VMX/SVM options.

No functional change intended.

Signed-off-by: Xenia Ragiadakou <burzalodowa@gmail.com>
Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
---
 xen/arch/x86/Kconfig            | 18 ++++++++++++++++--
 xen/drivers/passthrough/Kconfig |  4 ++--
 2 files changed, 18 insertions(+), 4 deletions(-)

Comments

Teddy Astie April 16, 2024, 8:40 a.m. UTC | #1 
Hello Sergiy,

> Also make INTEL_IOMMU/AMD_IOMMU options dependant on VMX/SVM options.

The discussion in the RFC series stated the IOMMU may be used with PV 
guests, and doesn't rely on VMX/SVM support (in fact, it can be used 
without HVM support in Xen).

However, in the discussion, posted interrupts were supposed to be 
dependent on VMX/SVM instead. I suppose this is a leftover from the 
original RFC ?

> https://lore.kernel.org/xen-devel/e29e375f-3d30-0eb1-7e28-b93f2d831b43@suse.com/

Teddy

---


Teddy Astie | Vates XCP-ng Intern

XCP-ng & Xen Orchestra - Vates solutions

web: https://vates.tech
Andrew Cooper April 16, 2024, 9:36 a.m. UTC | #2 
On 16/04/2024 7:50 am, Sergiy Kibrik wrote:
> From: Xenia Ragiadakou <burzalodowa@gmail.com>
>
> Provide the user with configuration control over the cpu virtualization support
> in Xen by making SVM and VMX options user selectable.
>
> To preserve the current default behavior, both options depend on HVM and
> default to Y.
>
> To prevent users from unknowingly disabling virtualization support, make the
> controls user selectable only if EXPERT is enabled.
> Also make INTEL_IOMMU/AMD_IOMMU options dependant on VMX/SVM options.

Everything else seems ok, but there's no inherent dependency between
VMX/SVM and IOMMUs.  There are certain features (HAP/IOMMU pagetable
sharing, posted interrupts) which do depend on both, but the vast
majority of functionality is independent.

It would be a legitimate config (although getting less plausible, these
days) to have PV && IOMMU && !HVM.

Furthermore, randconfig will do a better job without such restrictions
in place.

~Andrew
Sergiy Kibrik April 16, 2024, 10:12 a.m. UTC | #3 
hi Teddy,

16.04.24 11:40, Teddy Astie:
> Hello Sergiy,
> 
>> Also make INTEL_IOMMU/AMD_IOMMU options dependant on VMX/SVM options.
> 
> The discussion in the RFC series stated the IOMMU may be used with PV
> guests, and doesn't rely on VMX/SVM support (in fact, it can be used
> without HVM support in Xen).
> 
> However, in the discussion, posted interrupts were supposed to be
> dependent on VMX/SVM instead. I suppose this is a leftover from the
> original RFC ?
> 

oh, yes, this bit remained from original patch, and indeed shouldn't be 
here.
I shall drop it in v2.

  -Sergiy
Sergiy Kibrik April 16, 2024, 10:16 a.m. UTC | #4 
16.04.24 12:36, Andrew Cooper:
> 
> Everything else seems ok, but there's no inherent dependency between
> VMX/SVM and IOMMUs.  There are certain features (HAP/IOMMU pagetable
> sharing, posted interrupts) which do depend on both, but the vast
> majority of functionality is independent.
> 
> It would be a legitimate config (although getting less plausible, these
> days) to have PV && IOMMU && !HVM.
> 
> Furthermore, randconfig will do a better job without such restrictions
> in place.

understood. I'll make a patch instead to guard posted interrupts calls 
from iommu driver.

   -Sergiy
diff mbox series

Patch

diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index 6f06d3baa5..98a6f8d877 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -121,10 +121,24 @@  config HVM
 	  If unsure, say Y.
 
 config SVM
-	def_bool y if HVM
+	bool "AMD-V" if EXPERT
+	depends on HVM
+	default y
+	help
+	  Enables virtual machine extensions on platforms that implement the
+	  AMD Virtualization Technology (AMD-V).
+	  If your system includes a processor with AMD-V support, say Y.
+	  If in doubt, say Y.
 
 config VMX
-	def_bool y if HVM
+	bool "Intel VT-x" if EXPERT
+	depends on HVM
+	default y
+	help
+	  Enables virtual machine extensions on platforms that implement the
+	  Intel Virtualization Technology (Intel VT-x).
+	  If your system includes a processor with Intel VT-x support, say Y.
+	  If in doubt, say Y.
 
 config XEN_SHSTK
 	bool "Supervisor Shadow Stacks"
diff --git a/xen/drivers/passthrough/Kconfig b/xen/drivers/passthrough/Kconfig
index 864fcf3b0c..5f53639c2d 100644
--- a/xen/drivers/passthrough/Kconfig
+++ b/xen/drivers/passthrough/Kconfig
@@ -39,7 +39,7 @@  endif
 
 config AMD_IOMMU
 	bool "AMD IOMMU" if EXPERT
-	depends on X86
+	depends on X86 && SVM
 	default y
 	help
 	  Enables I/O virtualization on platforms that implement the
@@ -51,7 +51,7 @@  config AMD_IOMMU
 
 config INTEL_IOMMU
 	bool "Intel VT-d" if EXPERT
-	depends on X86
+	depends on X86 && VMX
 	default y
 	help
 	  Enables I/O virtualization on platforms that implement the