From patchwork Mon Feb 17 11:45:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11386173 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9050A17EF for ; Mon, 17 Feb 2020 11:47:08 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6C4F6206F4 for ; Mon, 17 Feb 2020 11:47:08 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="eCTvsuqU" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6C4F6206F4 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqh-00017H-1u; Mon, 17 Feb 2020 11:46:03 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqf-00016t-Qt for xen-devel@lists.xenproject.org; Mon, 17 Feb 2020 11:46:01 +0000 X-Inumbo-ID: 1123c516-517b-11ea-bfd4-12813bfff9fa Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 1123c516-517b-11ea-bfd4-12813bfff9fa; Mon, 17 Feb 2020 11:46:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1581939960; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=X73LQAyRxZc1sHJILFMGjRAH5RI6XM28Twoui29I0zQ=; b=eCTvsuqU1BzIBALl9rqVC1BnkO5sDuTa3BwjBi0n+TlYSTdJzpMNr8kR +FIjWgQ793YvxJ69s6BE7NdeTvsId5Pl8ADiixVqPcjgL/0y8UUthX4xu t7/Sw3iMFybxQu0BK0fHqa2nOS1dAsIIeu2hTrZnnfpxpwm0+X6Qio3e1 o=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa4.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: uv9xflxfGaa8qqThrGK9WelHyKN/6fo4szsEothdApg5ySi7wOL0BUDX9g/my9fSJP6M3NWRSB pAqf8xp0PLfHkXpjArcm4ZMS1NC7u7eNulMBtAQ2wqhgsHmO/yIc5v72WsFsdQmcrUGsITZ8OH IvKoZa+JdVJ+V0H7t28TCZhSXEDKAzJmL8PPuvvVbgnkEEUpqm4QhbjNHsavqnZ2mSSf/aALlg SkfT4qWXE0cUyORvfh9LT9m6T2d+u+j75wMFwV5LH1TKfnSaPy78/Q1RNPKgXkmgOzl1PkVMnS FeQ= X-SBRS: 2.7 X-MesageID: 13182661 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,452,1574139600"; d="scan'208";a="13182661" From: Roger Pau Monne To: Date: Mon, 17 Feb 2020 12:45:42 +0100 Message-ID: <20200217114545.71112-2-roger.pau@citrix.com> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200217114545.71112-1-roger.pau@citrix.com> References: <20200217114545.71112-1-roger.pau@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v5 1/4] nvmx: implement support for MSR bitmaps X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Jun Nakajima , Wei Liu , Andrew Cooper , Jan Beulich , Roger Pau Monne Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Current implementation of nested VMX has a half baked handling of MSR bitmaps for the L1 VMM: it maps the L1 VMM provided MSR bitmap, but doesn't actually load it into the nested vmcs, and thus the nested guest vmcs ends up using the same MSR bitmap as the L1 VMM. This is wrong as there's no assurance that the set of features enabled for the L1 vmcs are the same that L1 itself is going to use in the nested vmcs, and thus can lead to misconfigurations. For example L1 vmcs can use x2APIC virtualization and virtual interrupt delivery, and thus some x2APIC MSRs won't be trapped so that they can be handled directly by the hardware using virtualization extensions. On the other hand, the nested vmcs created by L1 VMM might not use any of such features, so using a MSR bitmap that doesn't trap accesses to the x2APIC MSRs will be leaking them to the underlying hardware. Fix this by crafting a merged MSR bitmap between the one used by L1 and the nested guest. Signed-off-by: Roger Pau Monné Reviewed-by: Kevin Tian --- Changes since v4: - Add static to vcpu_relinquish_resources. Changes since v3: - Free the merged MSR bitmap page in nvmx_purge_vvmcs. Changes since v2: - Pass shadow_ctrl into update_msrbitmap, and check there if CPU_BASED_ACTIVATE_MSR_BITMAP is set. - Do not enable MSR bitmap unless it's enabled in both L1 and L2. - Rename L1 guest to L2 in nestedvmx struct comment. Changes since v1: - Split the x2APIC MSR fix into a separate patch. - Move setting MSR_BITMAP vmcs field into load_vvmcs_host_state for virtual vmexit. - Allocate memory with MEMF_no_owner. - Use tabs to align comment of the nestedvmx struct field. --- xen/arch/x86/hvm/vmx/vvmx.c | 73 ++++++++++++++++++++++++++++-- xen/include/asm-x86/hvm/vmx/vvmx.h | 3 +- 2 files changed, 71 insertions(+), 5 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c index 47eee1e5b9..3337260d4b 100644 --- a/xen/arch/x86/hvm/vmx/vvmx.c +++ b/xen/arch/x86/hvm/vmx/vvmx.c @@ -128,6 +128,16 @@ int nvmx_vcpu_initialise(struct vcpu *v) unmap_domain_page(vw); } + if ( cpu_has_vmx_msr_bitmap ) + { + nvmx->msr_merged = alloc_domheap_page(d, MEMF_no_owner); + if ( !nvmx->msr_merged ) + { + gdprintk(XENLOG_ERR, "nest: allocation for MSR bitmap failed\n"); + return -ENOMEM; + } + } + nvmx->ept.enabled = 0; nvmx->guest_vpid = 0; nvmx->vmxon_region_pa = INVALID_PADDR; @@ -183,13 +193,27 @@ void nvmx_vcpu_destroy(struct vcpu *v) v->arch.hvm.vmx.vmwrite_bitmap = NULL; } } - + +static void vcpu_relinquish_resources(struct vcpu *v) +{ + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + + if ( nvmx->msr_merged ) + { + free_domheap_page(nvmx->msr_merged); + nvmx->msr_merged = NULL; + } +} + void nvmx_domain_relinquish_resources(struct domain *d) { struct vcpu *v; for_each_vcpu ( d, v ) + { nvmx_purge_vvmcs(v); + vcpu_relinquish_resources(v); + } } int nvmx_vcpu_reset(struct vcpu *v) @@ -548,6 +572,35 @@ unsigned long *_shadow_io_bitmap(struct vcpu *v) return nestedhvm_vcpu_iomap_get(port80, portED); } +static void update_msrbitmap(struct vcpu *v, uint32_t shadow_ctrl) +{ + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + struct vmx_msr_bitmap *msr_bitmap; + + if ( !(shadow_ctrl & CPU_BASED_ACTIVATE_MSR_BITMAP) || + !nvmx->msrbitmap ) + return; + + msr_bitmap = __map_domain_page(nvmx->msr_merged); + + bitmap_or(msr_bitmap->read_low, nvmx->msrbitmap->read_low, + v->arch.hvm.vmx.msr_bitmap->read_low, + sizeof(msr_bitmap->read_low) * 8); + bitmap_or(msr_bitmap->read_high, nvmx->msrbitmap->read_high, + v->arch.hvm.vmx.msr_bitmap->read_high, + sizeof(msr_bitmap->read_high) * 8); + bitmap_or(msr_bitmap->write_low, nvmx->msrbitmap->write_low, + v->arch.hvm.vmx.msr_bitmap->write_low, + sizeof(msr_bitmap->write_low) * 8); + bitmap_or(msr_bitmap->write_high, nvmx->msrbitmap->write_high, + v->arch.hvm.vmx.msr_bitmap->write_high, + sizeof(msr_bitmap->write_high) * 8); + + unmap_domain_page(msr_bitmap); + + __vmwrite(MSR_BITMAP, page_to_maddr(nvmx->msr_merged)); +} + void nvmx_update_exec_control(struct vcpu *v, u32 host_cntrl) { u32 pio_cntrl = (CPU_BASED_ACTIVATE_IO_BITMAP @@ -558,10 +611,17 @@ void nvmx_update_exec_control(struct vcpu *v, u32 host_cntrl) shadow_cntrl = __n2_exec_control(v); pio_cntrl &= shadow_cntrl; /* Enforce the removed features */ - shadow_cntrl &= ~(CPU_BASED_ACTIVATE_MSR_BITMAP - | CPU_BASED_ACTIVATE_IO_BITMAP + shadow_cntrl &= ~(CPU_BASED_ACTIVATE_IO_BITMAP | CPU_BASED_UNCOND_IO_EXITING); - shadow_cntrl |= host_cntrl; + /* + * Do NOT enforce the MSR bitmap currently used by L1, as certain hardware + * virtualization features require specific MSR bitmap settings, but + * without the guest also using these same features the bitmap could be + * leaking through unwanted MSR accesses. + */ + shadow_cntrl |= host_cntrl & ~CPU_BASED_ACTIVATE_MSR_BITMAP; + if ( !(shadow_cntrl & host_cntrl & CPU_BASED_ACTIVATE_MSR_BITMAP) ) + shadow_cntrl &= ~CPU_BASED_ACTIVATE_MSR_BITMAP; if ( pio_cntrl == CPU_BASED_UNCOND_IO_EXITING ) { /* L1 VMM intercepts all I/O instructions */ shadow_cntrl |= CPU_BASED_UNCOND_IO_EXITING; @@ -584,6 +644,8 @@ void nvmx_update_exec_control(struct vcpu *v, u32 host_cntrl) __vmwrite(IO_BITMAP_B, virt_to_maddr(bitmap) + PAGE_SIZE); } + update_msrbitmap(v, shadow_cntrl); + /* TODO: change L0 intr window to MTF or NMI window */ __vmwrite(CPU_BASED_VM_EXEC_CONTROL, shadow_cntrl); } @@ -1278,6 +1340,9 @@ static void load_vvmcs_host_state(struct vcpu *v) hvm_set_tsc_offset(v, v->arch.hvm.cache_tsc_offset, 0); set_vvmcs(v, VM_ENTRY_INTR_INFO, 0); + + if ( v->arch.hvm.vmx.exec_control & CPU_BASED_ACTIVATE_MSR_BITMAP ) + __vmwrite(MSR_BITMAP, virt_to_maddr(v->arch.hvm.vmx.msr_bitmap)); } static void sync_exception_state(struct vcpu *v) diff --git a/xen/include/asm-x86/hvm/vmx/vvmx.h b/xen/include/asm-x86/hvm/vmx/vvmx.h index 6b9c4ae0b2..c41f089939 100644 --- a/xen/include/asm-x86/hvm/vmx/vvmx.h +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h @@ -37,7 +37,8 @@ struct nestedvmx { */ paddr_t vmxon_region_pa; void *iobitmap[2]; /* map (va) of L1 guest I/O bitmap */ - void *msrbitmap; /* map (va) of L1 guest MSR bitmap */ + struct vmx_msr_bitmap *msrbitmap; /* map (va) of L1 guest MSR bitmap */ + struct page_info *msr_merged; /* merged L1 and L2 MSR bitmap */ /* deferred nested interrupt */ struct { unsigned long intr_info; From patchwork Mon Feb 17 11:45:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11386179 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4C69E159A for ; Mon, 17 Feb 2020 11:47:20 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1DA39206F4 for ; Mon, 17 Feb 2020 11:47:20 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="bI2DkhZY" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1DA39206F4 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqk-00018e-C4; Mon, 17 Feb 2020 11:46:06 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqj-000189-3o for xen-devel@lists.xenproject.org; Mon, 17 Feb 2020 11:46:05 +0000 X-Inumbo-ID: 134fa292-517b-11ea-bc8e-bc764e2007e4 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 134fa292-517b-11ea-bc8e-bc764e2007e4; Mon, 17 Feb 2020 11:46:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1581939965; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Mi11UQmSHbD8aXYldsLAWbES2mwN5ocU1SVa3JcoBwQ=; b=bI2DkhZY132wHxqjcEYzQUWGS9SG7ttYMCuNy3jc1R2Dn2Xga6L7VmnA HRjVDM8KOInC3qhCE+isEjreb/mjmDNm8lF706XTk4nhwS3kHhY+jto92 JBUNTD+OnvwmyGweEnNEorw7jjjffPNytzJUGRhDrPmNqXVL7Ol8FZwXg Q=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: XXbBkCzDq5mc6s+B0uNL7D6hSQjjeAnMBhzl1I4TcNO73W1/9NRc6hqkSxuySyyVHyBKxgF3ew d+PnrrAGo7ZIb/q0YJF9X59r3yxnX2TGF7VRy6GZfcdTypowu5qhhL3XYJc3a17jf0rJqmpOuB dl14DmtsdOmD21fvE58Ng52rJzTL8QOg+HMoEhaq5u6wI4Fi0WpKm6Aby1iNu8QbtXo0X1uR7y WUny1Ay/l75nhHbO/Mbg36BXxbp9/pNnxz9nqSy/yxKAWcyEk/ogNHkNQbnmup1g8KzekVffJL y4I= X-SBRS: 2.7 X-MesageID: 12565371 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,452,1574139600"; d="scan'208";a="12565371" From: Roger Pau Monne To: Date: Mon, 17 Feb 2020 12:45:43 +0100 Message-ID: <20200217114545.71112-3-roger.pau@citrix.com> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200217114545.71112-1-roger.pau@citrix.com> References: <20200217114545.71112-1-roger.pau@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v5 2/4] arm: rename BIT_WORD to BITOP_WORD X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Julien Grall , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Jan Beulich , Volodymyr Babchuk , Roger Pau Monne Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" So BIT_WORD can be imported from Linux. The difference between current Linux implementation of BIT_WORD is that the size of the word unit is a long integer, while the Xen one is hardcoded to 32 bits. Current users of BITOP_WORD on Arm (which considers a word a long integer) are switched to use the generic BIT_WORD which also operates on long integers. No functional change intended. Suggested-by: Julien Grall Suggested-by: Jan Beulich Signed-off-by: Roger Pau Monné --- Changes since v4: - New in this version. --- xen/arch/arm/arm32/lib/bitops.c | 4 ++-- xen/arch/arm/arm64/lib/bitops.c | 4 ++-- xen/arch/arm/arm64/lib/find_next_bit.c | 10 ++++------ xen/include/asm-arm/bitops.h | 10 +++++----- xen/include/xen/bitops.h | 2 ++ 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/xen/arch/arm/arm32/lib/bitops.c b/xen/arch/arm/arm32/lib/bitops.c index 3dca769bf0..82d935ce33 100644 --- a/xen/arch/arm/arm32/lib/bitops.c +++ b/xen/arch/arm/arm32/lib/bitops.c @@ -33,7 +33,7 @@ static always_inline bool int_##name(int nr, volatile void *p, bool timeout,\ unsigned int max_try) \ { \ - volatile uint32_t *ptr = (uint32_t *)p + BIT_WORD((unsigned int)nr); \ + volatile uint32_t *ptr = (uint32_t *)p + BITOP_WORD((unsigned int)nr); \ const uint32_t mask = BIT_MASK((unsigned int)nr); \ unsigned long res, tmp; \ \ @@ -71,7 +71,7 @@ bool name##_timeout(int nr, volatile void *p, unsigned int max_try) \ static always_inline bool int_##name(int nr, volatile void *p, int *oldbit, \ bool timeout, unsigned int max_try) \ { \ - volatile uint32_t *ptr = (uint32_t *)p + BIT_WORD((unsigned int)nr); \ + volatile uint32_t *ptr = (uint32_t *)p + BITOP_WORD((unsigned int)nr); \ unsigned int bit = (unsigned int)nr % BITS_PER_WORD; \ const uint32_t mask = BIT_MASK(bit); \ unsigned long res, tmp; \ diff --git a/xen/arch/arm/arm64/lib/bitops.c b/xen/arch/arm/arm64/lib/bitops.c index 27688e5418..f5128c58f5 100644 --- a/xen/arch/arm/arm64/lib/bitops.c +++ b/xen/arch/arm/arm64/lib/bitops.c @@ -32,7 +32,7 @@ static always_inline bool int_##name(int nr, volatile void *p, bool timeout,\ unsigned int max_try) \ { \ - volatile uint32_t *ptr = (uint32_t *)p + BIT_WORD((unsigned int)nr); \ + volatile uint32_t *ptr = (uint32_t *)p + BITOP_WORD((unsigned int)nr); \ const uint32_t mask = BIT_MASK((unsigned int)nr); \ unsigned long res, tmp; \ \ @@ -67,7 +67,7 @@ bool name##_timeout(int nr, volatile void *p, unsigned int max_try) \ static always_inline bool int_##name(int nr, volatile void *p, int *oldbit, \ bool timeout, unsigned int max_try) \ { \ - volatile uint32_t *ptr = (uint32_t *)p + BIT_WORD((unsigned int)nr); \ + volatile uint32_t *ptr = (uint32_t *)p + BITOP_WORD((unsigned int)nr); \ unsigned int bit = (unsigned int)nr % BITS_PER_WORD; \ const uint32_t mask = BIT_MASK(bit); \ unsigned long res, tmp; \ diff --git a/xen/arch/arm/arm64/lib/find_next_bit.c b/xen/arch/arm/arm64/lib/find_next_bit.c index 17cb176266..8ebf8bfe97 100644 --- a/xen/arch/arm/arm64/lib/find_next_bit.c +++ b/xen/arch/arm/arm64/lib/find_next_bit.c @@ -12,8 +12,6 @@ #include #include -#define BITOP_WORD(nr) ((nr) / BITS_PER_LONG) - #ifndef find_next_bit /* * Find the next set bit in a memory region. @@ -21,7 +19,7 @@ unsigned long find_next_bit(const unsigned long *addr, unsigned long size, unsigned long offset) { - const unsigned long *p = addr + BITOP_WORD(offset); + const unsigned long *p = addr + BIT_WORD(offset); unsigned long result = offset & ~(BITS_PER_LONG-1); unsigned long tmp; @@ -67,7 +65,7 @@ EXPORT_SYMBOL(find_next_bit); unsigned long find_next_zero_bit(const unsigned long *addr, unsigned long size, unsigned long offset) { - const unsigned long *p = addr + BITOP_WORD(offset); + const unsigned long *p = addr + BIT_WORD(offset); unsigned long result = offset & ~(BITS_PER_LONG-1); unsigned long tmp; @@ -197,7 +195,7 @@ unsigned long find_next_zero_bit_le(const void *addr, unsigned if (offset >= size) return size; - p += BITOP_WORD(offset); + p += BIT_WORD(offset); size -= result; offset &= (BITS_PER_LONG - 1UL); if (offset) { @@ -243,7 +241,7 @@ unsigned long find_next_bit_le(const void *addr, unsigned if (offset >= size) return size; - p += BITOP_WORD(offset); + p += BIT_WORD(offset); size -= result; offset &= (BITS_PER_LONG - 1UL); if (offset) { diff --git a/xen/include/asm-arm/bitops.h b/xen/include/asm-arm/bitops.h index fbb4b82413..fabf218e23 100644 --- a/xen/include/asm-arm/bitops.h +++ b/xen/include/asm-arm/bitops.h @@ -22,7 +22,7 @@ #define BITS_PER_WORD 32 #define BIT_MASK(nr) (1UL << ((nr) % BITS_PER_WORD)) -#define BIT_WORD(nr) ((nr) / BITS_PER_WORD) +#define BITOP_WORD(nr) ((nr) / BITS_PER_WORD) #define BITS_PER_BYTE 8 #define ADDR (*(volatile int *) addr) @@ -87,7 +87,7 @@ static inline int __test_and_set_bit(int nr, volatile void *addr) { unsigned int mask = BIT_MASK(nr); volatile unsigned int *p = - ((volatile unsigned int *)addr) + BIT_WORD(nr); + ((volatile unsigned int *)addr) + BITOP_WORD(nr); unsigned int old = *p; *p = old | mask; @@ -107,7 +107,7 @@ static inline int __test_and_clear_bit(int nr, volatile void *addr) { unsigned int mask = BIT_MASK(nr); volatile unsigned int *p = - ((volatile unsigned int *)addr) + BIT_WORD(nr); + ((volatile unsigned int *)addr) + BITOP_WORD(nr); unsigned int old = *p; *p = old & ~mask; @@ -120,7 +120,7 @@ static inline int __test_and_change_bit(int nr, { unsigned int mask = BIT_MASK(nr); volatile unsigned int *p = - ((volatile unsigned int *)addr) + BIT_WORD(nr); + ((volatile unsigned int *)addr) + BITOP_WORD(nr); unsigned int old = *p; *p = old ^ mask; @@ -135,7 +135,7 @@ static inline int __test_and_change_bit(int nr, static inline int test_bit(int nr, const volatile void *addr) { const volatile unsigned int *p = (const volatile unsigned int *)addr; - return 1UL & (p[BIT_WORD(nr)] >> (nr & (BITS_PER_WORD-1))); + return 1UL & (p[BITOP_WORD(nr)] >> (nr & (BITS_PER_WORD-1))); } /* diff --git a/xen/include/xen/bitops.h b/xen/include/xen/bitops.h index dfb70417c2..a64595f68e 100644 --- a/xen/include/xen/bitops.h +++ b/xen/include/xen/bitops.h @@ -245,4 +245,6 @@ static inline __u32 ror32(__u32 word, unsigned int shift) (bit) < (size); \ (bit) = find_next_bit(addr, size, (bit) + 1) ) +#define BIT_WORD(nr) ((nr) / BITS_PER_LONG) + #endif From patchwork Mon Feb 17 11:45:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11386177 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 79D3017E8 for ; Mon, 17 Feb 2020 11:47:16 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 46CA0206F4 for ; Mon, 17 Feb 2020 11:47:16 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="Q8Esq4a+" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 46CA0206F4 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqo-0001BP-4j; Mon, 17 Feb 2020 11:46:10 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqn-0001AS-1K for xen-devel@lists.xenproject.org; Mon, 17 Feb 2020 11:46:09 +0000 X-Inumbo-ID: 1481823e-517b-11ea-bc8e-bc764e2007e4 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 1481823e-517b-11ea-bc8e-bc764e2007e4; Mon, 17 Feb 2020 11:46:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1581939966; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=wrtHJNuL2tWxmyfOTFTjmWQj6+PEQKZYa+vWfEmz+zY=; b=Q8Esq4a+USU2AwHQZv39JCV94eb0kgQ8Dm/29WMw1zj7rjhNJdxcz9va Rt+kASwsqZuP0CsXNU3VnI7yA39b2w13GVzh7TefYNZkLHrD1bvahrw00 Xrdwsxyuf14oYgEtFa+ftqPp+AWzhTBkZTGbhijyRzu8GOzkiIwhEplIg A=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: xHkWEcu/tgHRGhT2KaY4EljeOiGCyG87cNHsXR1DJlHF53aqQIwMebLaew1j3dBGOrY2LXqEJw BF1GX8uqLjCnuH2pZBMRXkyfqKGJtQEudzdw0NjzsIlEHY21oVlh1mJFodYlaQLU4BNRfJTHMS cA1V8MWKJGrzwYM2OAhvJ0VAFRtRIdPIKBIEamkhDodi+OrjCFVupwHsO5+Sz/UcDoo960uLbm OKu0pb9l/fcEynzEKmWVpBCKlP8yx6slHjhfbRgL8b/F7D1X99EYDZVAukLcR96cQZ6+B493S7 D4I= X-SBRS: 2.7 X-MesageID: 12565373 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,452,1574139600"; d="scan'208";a="12565373" From: Roger Pau Monne To: Date: Mon, 17 Feb 2020 12:45:44 +0100 Message-ID: <20200217114545.71112-4-roger.pau@citrix.com> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200217114545.71112-1-roger.pau@citrix.com> References: <20200217114545.71112-1-roger.pau@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v5 3/4] bitmap: import bitmap_{set/clear} from Linux 5.5 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Julien Grall , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Jan Beulich , Roger Pau Monne Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Import the functions and it's dependencies. Based on Linux 5.5, commit id d5226fa6dbae0569ee43ecfc08bdcd6770fc4755. Signed-off-by: Roger Pau Monné Acked-by: Jan Beulich --- Changes since v4: - Introduce BIT_WORD in generic header bitops.h (instead of the x86 one). - Include byteorder.h for __LITTLE_ENDIAN - Remove EXPORT_SYMBOL. --- xen/common/bitmap.c | 39 +++++++++++++++++++++++++++++++++++++++ xen/include/xen/bitmap.h | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 79 insertions(+) diff --git a/xen/common/bitmap.c b/xen/common/bitmap.c index fd070bee97..88768bf8bc 100644 --- a/xen/common/bitmap.c +++ b/xen/common/bitmap.c @@ -212,6 +212,45 @@ int __bitmap_weight(const unsigned long *bitmap, int bits) #endif EXPORT_SYMBOL(__bitmap_weight); +void __bitmap_set(unsigned long *map, unsigned int start, int len) +{ + unsigned long *p = map + BIT_WORD(start); + const unsigned int size = start + len; + int bits_to_set = BITS_PER_LONG - (start % BITS_PER_LONG); + unsigned long mask_to_set = BITMAP_FIRST_WORD_MASK(start); + + while (len - bits_to_set >= 0) { + *p |= mask_to_set; + len -= bits_to_set; + bits_to_set = BITS_PER_LONG; + mask_to_set = ~0UL; + p++; + } + if (len) { + mask_to_set &= BITMAP_LAST_WORD_MASK(size); + *p |= mask_to_set; + } +} + +void __bitmap_clear(unsigned long *map, unsigned int start, int len) +{ + unsigned long *p = map + BIT_WORD(start); + const unsigned int size = start + len; + int bits_to_clear = BITS_PER_LONG - (start % BITS_PER_LONG); + unsigned long mask_to_clear = BITMAP_FIRST_WORD_MASK(start); + + while (len - bits_to_clear >= 0) { + *p &= ~mask_to_clear; + len -= bits_to_clear; + bits_to_clear = BITS_PER_LONG; + mask_to_clear = ~0UL; + p++; + } + if (len) { + mask_to_clear &= BITMAP_LAST_WORD_MASK(size); + *p &= ~mask_to_clear; + } +} /** * bitmap_find_free_region - find a contiguous aligned mem region diff --git a/xen/include/xen/bitmap.h b/xen/include/xen/bitmap.h index 4e1e690af1..c44e009f8c 100644 --- a/xen/include/xen/bitmap.h +++ b/xen/include/xen/bitmap.h @@ -85,6 +85,8 @@ extern int __bitmap_intersects(const unsigned long *bitmap1, extern int __bitmap_subset(const unsigned long *bitmap1, const unsigned long *bitmap2, int bits); extern int __bitmap_weight(const unsigned long *bitmap, int bits); +extern void __bitmap_set(unsigned long *map, unsigned int start, int len); +extern void __bitmap_clear(unsigned long *map, unsigned int start, int len); extern int bitmap_find_free_region(unsigned long *bitmap, int bits, int order); extern void bitmap_release_region(unsigned long *bitmap, int pos, int order); @@ -227,6 +229,44 @@ static inline int bitmap_weight(const unsigned long *src, int nbits) return __bitmap_weight(src, nbits); } +#include + +#ifdef __LITTLE_ENDIAN +#define BITMAP_MEM_ALIGNMENT 8 +#else +#define BITMAP_MEM_ALIGNMENT (8 * sizeof(unsigned long)) +#endif +#define BITMAP_MEM_MASK (BITMAP_MEM_ALIGNMENT - 1) +#define BITMAP_FIRST_WORD_MASK(start) (~0UL << ((start) & (BITS_PER_LONG - 1))) + +static inline void bitmap_set(unsigned long *map, unsigned int start, + unsigned int nbits) +{ + if (__builtin_constant_p(nbits) && nbits == 1) + __set_bit(start, map); + else if (__builtin_constant_p(start & BITMAP_MEM_MASK) && + IS_ALIGNED(start, BITMAP_MEM_ALIGNMENT) && + __builtin_constant_p(nbits & BITMAP_MEM_MASK) && + IS_ALIGNED(nbits, BITMAP_MEM_ALIGNMENT)) + memset((char *)map + start / 8, 0xff, nbits / 8); + else + __bitmap_set(map, start, nbits); +} + +static inline void bitmap_clear(unsigned long *map, unsigned int start, + unsigned int nbits) +{ + if (__builtin_constant_p(nbits) && nbits == 1) + __clear_bit(start, map); + else if (__builtin_constant_p(start & BITMAP_MEM_MASK) && + IS_ALIGNED(start, BITMAP_MEM_ALIGNMENT) && + __builtin_constant_p(nbits & BITMAP_MEM_MASK) && + IS_ALIGNED(nbits, BITMAP_MEM_ALIGNMENT)) + memset((char *)map + start / 8, 0, nbits / 8); + else + __bitmap_clear(map, start, nbits); +} + #undef bitmap_switch #undef bitmap_bytes From patchwork Mon Feb 17 11:45:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Roger Pau Monne X-Patchwork-Id: 11386171 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EA1F2159A for ; Mon, 17 Feb 2020 11:47:07 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C664F206F4 for ; Mon, 17 Feb 2020 11:47:07 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="Pvgam7c7" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C664F206F4 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqn-0001B0-S7; Mon, 17 Feb 2020 11:46:09 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j3eqm-0001AO-Rz for xen-devel@lists.xenproject.org; Mon, 17 Feb 2020 11:46:08 +0000 X-Inumbo-ID: 1597f770-517b-11ea-bfd4-12813bfff9fa Received: from esa6.hc3370-68.iphmx.com (unknown [216.71.155.175]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 1597f770-517b-11ea-bfd4-12813bfff9fa; Mon, 17 Feb 2020 11:46:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1581939967; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=HbNgsxjhDJg2cfAsjg7YJ/c5HCpT5XfT108NmWLAzFM=; b=Pvgam7c7H8QJniDi4QglrUFTJS9Lyutg3TA+U9xD3pn3tkSu1FW4xSja /kI25qMuLdk8g5TjTebJselO3Jlj3PVgE3Nww0VYj/BF6ZR2ihyWz+WuF +kTEAw3E24V4XmQk/wOeRppxDBURzPEFOgsRZTnrXuuIM5pjTvBTqFIgU 8=; Authentication-Results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa6.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa6.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa6.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: VyL+57nxCzdZtRsvM7sIJRH/G259MVs9ZHsKjeT9cx4US2lxCsaUuZBxqIevapgFeJ5+VXBPOZ 7F0YuA0g161zLbZXrtggsa/o7WtejIkANXWjXw1OzgsjX5qNRh+Ye5NYBCnQ/CiDw0mqXcpHx5 WAx8TSiy4tlZHYP2DmicmNBiH1elJ9Jh/2h2k8YJ9436p/Zkb1S+6cbX545aPCPmhG/cpE4vag Pxh4vI3cRy6CXn3bOqvv018N4H7k4dfEn7JrZhRyBPH1wYf/Nt5SjudYv8p3iLHBQGjgrC333B lXE= X-SBRS: 2.7 X-MesageID: 12992157 X-Ironport-Server: esa6.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.70,452,1574139600"; d="scan'208";a="12992157" From: Roger Pau Monne To: Date: Mon, 17 Feb 2020 12:45:45 +0100 Message-ID: <20200217114545.71112-5-roger.pau@citrix.com> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200217114545.71112-1-roger.pau@citrix.com> References: <20200217114545.71112-1-roger.pau@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v5 4/4] nvmx: always trap accesses to x2APIC MSRs X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Jun Nakajima , Wei Liu , Andrew Cooper , Jan Beulich , Roger Pau Monne Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Nested VMX doesn't expose support for SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE, SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY or SECONDARY_EXEC_APIC_REGISTER_VIRT, and hence the x2APIC MSRs should always be trapped in the nested guest MSR bitmap, or else a nested guest could access the hardware x2APIC MSRs given certain conditions. Accessing the hardware MSRs could be achieved by forcing the L0 Xen to use SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE and SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY or SECONDARY_EXEC_APIC_REGISTER_VIRT (if supported), and then creating a L2 guest with a MSR bitmap that doesn't trap accesses to the x2APIC MSR range. Then OR'ing both L0 and L1 MSR bitmaps would result in a bitmap that doesn't trap certain x2APIC MSRs and a VMCS that doesn't have SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE and SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY or SECONDARY_EXEC_APIC_REGISTER_VIRT set either. Fix this by making sure x2APIC MSRs are always trapped in the nested MSR bitmap. Signed-off-by: Roger Pau Monné Reviewed-by: Kevin Tian --- Changes since v4: - Fix size of x2APIC region to use 0x100. Changes since v3: - Use bitmap_set. Changes since v1: - New in this version (split from #1 patch). - Use non-locked set_bit. --- xen/arch/x86/hvm/vmx/vvmx.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c index 3337260d4b..926a11c15f 100644 --- a/xen/arch/x86/hvm/vmx/vvmx.c +++ b/xen/arch/x86/hvm/vmx/vvmx.c @@ -596,6 +596,13 @@ static void update_msrbitmap(struct vcpu *v, uint32_t shadow_ctrl) v->arch.hvm.vmx.msr_bitmap->write_high, sizeof(msr_bitmap->write_high) * 8); + /* + * Nested VMX doesn't support any x2APIC hardware virtualization, so + * make sure all the x2APIC MSRs are trapped. + */ + bitmap_set(msr_bitmap->read_low, MSR_X2APIC_FIRST, 0x100); + bitmap_set(msr_bitmap->write_low, MSR_X2APIC_FIRST, 0x100); + unmap_domain_page(msr_bitmap); __vmwrite(MSR_BITMAP, page_to_maddr(nvmx->msr_merged));