From patchwork Tue Apr 18 10:32:42 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 9685309 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4A9D0602C9 for ; Tue, 18 Apr 2017 10:34:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 31C2B28415 for ; Tue, 18 Apr 2017 10:34:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2626A28419; Tue, 18 Apr 2017 10:34:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 8EBA628415 for ; Tue, 18 Apr 2017 10:34:47 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d0QR9-0007OY-JE; Tue, 18 Apr 2017 10:32:43 +0000 Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1d0QR7-0007OM-Qy for xen-devel@lists.xenproject.org; Tue, 18 Apr 2017 10:32:41 +0000 Received: from [85.158.143.35] by server-7.bemta-6.messagelabs.com id 97/3E-03620-94BE5F85; Tue, 18 Apr 2017 10:32:41 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrBIsWRWlGSWpSXmKPExsXS6fjDS9fj9dc Ig1nfpSy+b5nM5MDocfjDFZYAxijWzLyk/IoE1oytf7kLprhWTHk6ga2B8a55FyMnh5BAnsSc +V9YQGxeATuJhb9Xs4HYEgKGEk/fXwezWQRUJSbtuMgOYrMJqEu0PdvO2sXIwSEiYCBx7mhSF yMXB7NAB5NE76c7YDXCAsESM2Y/ZYKYXyRx+vttVhCbU8Beovt/D1gvr4CgxN8dwiBhZqC1E/ 4cYJ7AyDMLITMLSQbC1pJ4+OsWC4StLbFs4WtmkHJmAWmJ5f84IExrifUbRFFVgNhuEmuOn2F bwMixilGjOLWoLLVI19BAL6koMz2jJDcxMwfIM9PLTS0uTkxPzUlMKtZLzs/dxAgMVQYg2MF4 b1nAIUZJDiYlUd5fFl8jhPiS8lMqMxKLM+KLSnNSiw8xynBwKEnw/n4JlBMsSk1PrUjLzAFGD UxagoNHSYT3PUiat7ggMbc4Mx0idYpRl+Pd0g/vmYRY8vLzUqXEecVfARUJgBRllObBjYBF8C VGWSlhXkago4R4ClKLcjNLUOVfMYpzMCoJ864AmcKTmVcCt+kV0BFMQEdEBHwBOaIkESEl1cD Y3/bRtPH+V/+lN+a2zLozOyvH7shk4/1nzDZdEMwO+2q80X+98uJ1Kcq7okX3cSYeX/m/ppD1 Bssty9JTcfXvBfcyzVWYP+NVim4d65x1H5hn+Cp31bZaPr2nGKbkem3hhs7y9YIFPruDRKZFX mazDueW7Uzd+vaCxw3t3NunHQMPGCuE80UpsRRnJBpqMRcVJwIALBNMdNsCAAA= X-Env-Sender: JBeulich@suse.com X-Msg-Ref: server-7.tower-21.messagelabs.com!1492511558!64144512!1 X-Originating-IP: [137.65.248.74] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG, UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 9.4.12; banners=-,-,- X-VirusChecked: Checked Received: (qmail 33672 invoked from network); 18 Apr 2017 10:32:39 -0000 Received: from prv-mh.provo.novell.com (HELO prv-mh.provo.novell.com) (137.65.248.74) by server-7.tower-21.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 18 Apr 2017 10:32:39 -0000 Received: from INET-PRV-MTA by prv-mh.provo.novell.com with Novell_GroupWise; Tue, 18 Apr 2017 04:32:37 -0600 Message-Id: <58F6076A02000078001517D2@prv-mh.provo.novell.com> X-Mailer: Novell GroupWise Internet Agent 14.2.1 Date: Tue, 18 Apr 2017 04:32:42 -0600 From: "Jan Beulich" To: "xen-devel" References: <58F605A802000078001517B9@prv-mh.provo.novell.com> <58F605A802000078001517B9@prv-mh.provo.novell.com> In-Reply-To: <58F605A802000078001517B9@prv-mh.provo.novell.com> Mime-Version: 1.0 Cc: Kevin Tian , Razvan Cojocaru , Andrew Cooper , Julien Grall , Jun Nakajima , Tamas K Lengyel Subject: [Xen-devel] [PATCH v2 3/4] VMX: don't blindly enable descriptor table exiting control X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP This is an optional feature and hence we should check for it before use. Signed-off-by: Jan Beulich Acked-by: Razvan Cojocaru Reviewed-by: Andrew Cooper Reviewed-by: Kevin Tian --- v2: Re-do detection of availability, resulting in almost all of the changes done here being different than in v1. VMX: don't blindly enable descriptor table exiting control This is an optional feature and hence we should check for it before use. Signed-off-by: Jan Beulich --- v2: Re-do detection of availability, resulting in almost all of the changes done here being different than in v1. --- a/xen/arch/x86/hvm/vmx/vmcs.c +++ b/xen/arch/x86/hvm/vmx/vmcs.c @@ -226,6 +226,7 @@ static int vmx_init_vmcs_config(void) opt = (SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | SECONDARY_EXEC_WBINVD_EXITING | SECONDARY_EXEC_ENABLE_EPT | + SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING | SECONDARY_EXEC_ENABLE_RDTSCP | SECONDARY_EXEC_PAUSE_LOOP_EXITING | SECONDARY_EXEC_ENABLE_INVPCID | @@ -1020,6 +1021,13 @@ static int construct_vmcs(struct vcpu *v v->arch.hvm_vmx.secondary_exec_control = vmx_secondary_exec_control; + /* + * Disable descriptor table exiting: It's controlled by the VM event + * monitor requesting it. + */ + v->arch.hvm_vmx.secondary_exec_control &= + ~SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING; + /* Disable VPID for now: we decide when to enable it on VMENTER. */ v->arch.hvm_vmx.secondary_exec_control &= ~SECONDARY_EXEC_ENABLE_VPID; --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -2325,7 +2325,6 @@ static struct hvm_function_table __initd .handle_cd = vmx_handle_cd, .set_info_guest = vmx_set_info_guest, .set_rdtsc_exiting = vmx_set_rdtsc_exiting, - .set_descriptor_access_exiting = vmx_set_descriptor_access_exiting, .nhvm_vcpu_initialise = nvmx_vcpu_initialise, .nhvm_vcpu_destroy = nvmx_vcpu_destroy, .nhvm_vcpu_reset = nvmx_vcpu_reset, @@ -2446,6 +2445,10 @@ const struct hvm_function_table * __init return NULL; } + if ( cpu_has_vmx_dt_exiting ) + vmx_function_table.set_descriptor_access_exiting = + vmx_set_descriptor_access_exiting; + /* * Do not enable EPT when (!cpu_has_vmx_pat), to prevent security hole * (refer to http://xenbits.xen.org/xsa/advisory-60.html). --- a/xen/arch/x86/monitor.c +++ b/xen/arch/x86/monitor.c @@ -219,6 +219,9 @@ int arch_monitor_domctl_event(struct dom if ( unlikely(old_status == requested_status) ) return -EEXIST; + if ( !hvm_funcs.set_descriptor_access_exiting ) + return -EOPNOTSUPP; + domain_pause(d); ad->monitor.descriptor_access_enabled = requested_status; --- a/xen/include/asm-x86/hvm/vmx/vmcs.h +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h @@ -274,6 +274,8 @@ extern u64 vmx_ept_vpid_cap; (vmx_cpu_based_exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) #define cpu_has_vmx_ept \ (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_EPT) +#define cpu_has_vmx_dt_exiting \ + (vmx_secondary_exec_control & SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING) #define cpu_has_vmx_vpid \ (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_VPID) #define cpu_has_monitor_trap_flag \ --- a/xen/include/asm-x86/monitor.h +++ b/xen/include/asm-x86/monitor.h @@ -77,13 +77,15 @@ static inline uint32_t arch_monitor_get_ (1U << XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST) | (1U << XEN_DOMCTL_MONITOR_EVENT_DEBUG_EXCEPTION) | (1U << XEN_DOMCTL_MONITOR_EVENT_CPUID) | - (1U << XEN_DOMCTL_MONITOR_EVENT_INTERRUPT) | - (1U << XEN_DOMCTL_MONITOR_EVENT_DESC_ACCESS); + (1U << XEN_DOMCTL_MONITOR_EVENT_INTERRUPT); /* Since we know this is on VMX, we can just call the hvm func */ if ( hvm_is_singlestep_supported() ) capabilities |= (1U << XEN_DOMCTL_MONITOR_EVENT_SINGLESTEP); + if ( hvm_funcs.set_descriptor_access_exiting ) + capabilities |= (1U << XEN_DOMCTL_MONITOR_EVENT_DESC_ACCESS); + return capabilities; } --- a/xen/arch/x86/hvm/vmx/vmcs.c +++ b/xen/arch/x86/hvm/vmx/vmcs.c @@ -226,6 +226,7 @@ static int vmx_init_vmcs_config(void) opt = (SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | SECONDARY_EXEC_WBINVD_EXITING | SECONDARY_EXEC_ENABLE_EPT | + SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING | SECONDARY_EXEC_ENABLE_RDTSCP | SECONDARY_EXEC_PAUSE_LOOP_EXITING | SECONDARY_EXEC_ENABLE_INVPCID | @@ -1020,6 +1021,13 @@ static int construct_vmcs(struct vcpu *v v->arch.hvm_vmx.secondary_exec_control = vmx_secondary_exec_control; + /* + * Disable descriptor table exiting: It's controlled by the VM event + * monitor requesting it. + */ + v->arch.hvm_vmx.secondary_exec_control &= + ~SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING; + /* Disable VPID for now: we decide when to enable it on VMENTER. */ v->arch.hvm_vmx.secondary_exec_control &= ~SECONDARY_EXEC_ENABLE_VPID; --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -2325,7 +2325,6 @@ static struct hvm_function_table __initd .handle_cd = vmx_handle_cd, .set_info_guest = vmx_set_info_guest, .set_rdtsc_exiting = vmx_set_rdtsc_exiting, - .set_descriptor_access_exiting = vmx_set_descriptor_access_exiting, .nhvm_vcpu_initialise = nvmx_vcpu_initialise, .nhvm_vcpu_destroy = nvmx_vcpu_destroy, .nhvm_vcpu_reset = nvmx_vcpu_reset, @@ -2446,6 +2445,10 @@ const struct hvm_function_table * __init return NULL; } + if ( cpu_has_vmx_dt_exiting ) + vmx_function_table.set_descriptor_access_exiting = + vmx_set_descriptor_access_exiting; + /* * Do not enable EPT when (!cpu_has_vmx_pat), to prevent security hole * (refer to http://xenbits.xen.org/xsa/advisory-60.html). --- a/xen/arch/x86/monitor.c +++ b/xen/arch/x86/monitor.c @@ -219,6 +219,9 @@ int arch_monitor_domctl_event(struct dom if ( unlikely(old_status == requested_status) ) return -EEXIST; + if ( !hvm_funcs.set_descriptor_access_exiting ) + return -EOPNOTSUPP; + domain_pause(d); ad->monitor.descriptor_access_enabled = requested_status; --- a/xen/include/asm-x86/hvm/vmx/vmcs.h +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h @@ -274,6 +274,8 @@ extern u64 vmx_ept_vpid_cap; (vmx_cpu_based_exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) #define cpu_has_vmx_ept \ (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_EPT) +#define cpu_has_vmx_dt_exiting \ + (vmx_secondary_exec_control & SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING) #define cpu_has_vmx_vpid \ (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_VPID) #define cpu_has_monitor_trap_flag \ --- a/xen/include/asm-x86/monitor.h +++ b/xen/include/asm-x86/monitor.h @@ -77,13 +77,15 @@ static inline uint32_t arch_monitor_get_ (1U << XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST) | (1U << XEN_DOMCTL_MONITOR_EVENT_DEBUG_EXCEPTION) | (1U << XEN_DOMCTL_MONITOR_EVENT_CPUID) | - (1U << XEN_DOMCTL_MONITOR_EVENT_INTERRUPT) | - (1U << XEN_DOMCTL_MONITOR_EVENT_DESC_ACCESS); + (1U << XEN_DOMCTL_MONITOR_EVENT_INTERRUPT); /* Since we know this is on VMX, we can just call the hvm func */ if ( hvm_is_singlestep_supported() ) capabilities |= (1U << XEN_DOMCTL_MONITOR_EVENT_SINGLESTEP); + if ( hvm_funcs.set_descriptor_access_exiting ) + capabilities |= (1U << XEN_DOMCTL_MONITOR_EVENT_DESC_ACCESS); + return capabilities; }