From patchwork Mon Feb 27 03:53:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152699 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8002C64ED6 for ; Mon, 27 Feb 2023 03:54:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230422AbjB0Dyn (ORCPT ); Sun, 26 Feb 2023 22:54:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57954 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229954AbjB0Dym (ORCPT ); Sun, 26 Feb 2023 22:54:42 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2041.outbound.protection.outlook.com [40.107.94.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1116F74D; Sun, 26 Feb 2023 19:54:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I8Xg+Dq9V1hAtQtW1pJtA4Voe5bFTbtC08zpis5edCCjo9pWmvk54wrODQhFQR6s2Jhw6VQ3+Nd8XUjh9Pudf8EhF0YuP303bZLpJpjvVFq8DEGt5TfqJAB8A6kzS9mwcjVwHo4BuJM93JRGGEB+1CbzaP6bvwUP4sktHX/zLn9Jxvs0GVss4tGgRZUQ4ADya+ow6RJcl2emCdMfmfhGk4TABfWNB8cm/Cr1TwMFAiVbrO7KkxwoYrmY3UZRvD1ZwkrODgynDoIEDk5zfp79TxB4vhpb61mI57tQOglZ9Nas2Urfp4T6yrkc/BKQdb6cTVQvbg0K21FfjCUdUPmbmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gd7MYIu4mHbFu38bGyi94/NKEegCYzVzkeE5RgtBi8o=; b=eYKc8fJxNMgo0tJ3P6eFYNHfrbqgf5k37XD8oROy1M6I5GB5q3kZkN64wjb2JyBr7P/9uPSqAm0d4GyDhLgDSpq+0oDi61pRgjc3h0kJ929AbGPHsMokIjJJbjAvzvaUYkKNZFdjL0vAdLdIe7hZs9fqyKgqFoWOtjZLF9y5XGCWdL9rVkvtgRomUT6fYaepk9SDc6CCeS+B4kJ4oW1QBnGR7MN/5/O1UnAAjA6RMpeap2nTzs50KHcamNd46+rlExiSQvBprselKfdt/LZHnNCQ82GzlUqL3SkMdwRYxgnv0lYRMx8FMHkgyEDY6CTQQ5pu3phjAyH0MNoxwZoURg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gd7MYIu4mHbFu38bGyi94/NKEegCYzVzkeE5RgtBi8o=; b=h9rx+KQBoIhVywOYcoKH51jyrQyaDTE/EGrVdncAs8USPVEofSrDD4jcii15J2pNWvitvIaUpkxVFdAQUtZRx6A7h0RcM0RFQrD6Of5uJwGRe1NgZlfke48KIa/9h1zJFNIazdrENRkF1GmunHXjSSjXa/258CNdKdJcPufFk4A= Received: from MW4PR04CA0193.namprd04.prod.outlook.com (2603:10b6:303:86::18) by MW6PR12MB8706.namprd12.prod.outlook.com (2603:10b6:303:249::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 03:54:37 +0000 Received: from CO1NAM11FT106.eop-nam11.prod.protection.outlook.com (2603:10b6:303:86:cafe::95) by MW4PR04CA0193.outlook.office365.com (2603:10b6:303:86::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28 via Frontend Transport; Mon, 27 Feb 2023 03:54:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT106.mail.protection.outlook.com (10.13.175.44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:54:36 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:54:33 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 01/10] KVM: nSVM: Disable intercept of VINTR if saved RFLAG.IF is 0 Date: Mon, 27 Feb 2023 09:23:51 +0530 Message-ID: <20230227035400.1498-2-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT106:EE_|MW6PR12MB8706:EE_ X-MS-Office365-Filtering-Correlation-Id: 56448efa-a102-486a-9504-08db1876584f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6m4vm91v8D8lVRm/i8VwOxJ3k2mrhj+XbMMHarS7evyhAGORXrywpKHIufdQ1WRp+R3eFaQFhAEu5atgQfoGJWBwCBJPlYqTQfUmAU3k7uIGCzMMsQ+DHua/V4G75fFu45F11UCAyALgDLDfUFwbOOY+Gge+DpUKkVAgcF73oV5kj0CAnHYxasOgjqhB207MKD/ApIp7d1JLGtN0C4tnT3k5GY13V464IMg+HhJTzBmZqofjaX8djKQFlyJa9Ee7p878Ee6u4cf3MpTNcodZdkXDg1afpOerrPIxd54bHuNiMWUv9TLkDS3WZvUiPsMM77Dz18sxEX3EOnG6GbFJLECVnp96fDS80AOToAfSWmOtrvFs/7ye5ecTlOkNZz5k2WRl4QFYkM+coOFjAneNEFmTUtk04oc3nZT7iKGUfuVPwXBus60YtA7qftMUha4sRpjWZRrrj4I6wvV+aH0qPS+6VTJMsKuz2wYsJQaAvEuI8jZXEzWVBHrlSMSK5FnUi81gfB61qNLgRITloGqHWAg+dviMu1xtK0MKQS83WQhaAQc9vGEJyy+lchcxeWkhuSfUGxU8s7sl9vv0NhbjPTA94BEY8Usam6wUp1L92staqB8wPQ7oZSyDx8dGMoPt1X0VsYMH5hhIthk+zmkXcKbxbQrqdG+6WBsIFVpYagI+cHxRFrn/oDclacNXSppXJNEPzV0TZFcCnoeC6N4JJ5fG+sk6IBT+UOpRdL+NH+k= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(396003)(39860400002)(346002)(376002)(451199018)(40470700004)(36840700001)(46966006)(40460700003)(16526019)(186003)(81166007)(82740400003)(83380400001)(356005)(8936002)(4326008)(70586007)(70206006)(41300700001)(8676002)(44832011)(2906002)(36860700001)(5660300002)(7696005)(336012)(40480700001)(426003)(47076005)(478600001)(1076003)(6666004)(26005)(966005)(2616005)(316002)(110136005)(36756003)(82310400005)(86362001)(54906003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:54:36.8156 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 56448efa-a102-486a-9504-08db1876584f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT106.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW6PR12MB8706 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Santosh Shukla Disable intercept of virtual interrupts (used to detect interrupt windows) if the saved RFLAGS.IF is '0', as the effective RFLAGS.IF for L1 interrupts will never be set while L2 is running (L2's RFLAGS.IF doesn't affect L1 IRQs). Suggested-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v3: https://lore.kernel.org/all/Y9hybI65So5X2LFg@google.com/ suggested by Sean. arch/x86/kvm/svm/nested.c | 15 ++++++++++----- arch/x86/kvm/svm/svm.c | 10 ++++++++++ 2 files changed, 20 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index fbade158d368..107258ed46ee 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -139,13 +139,18 @@ void recalc_intercepts(struct vcpu_svm *svm) if (g->int_ctl & V_INTR_MASKING_MASK) { /* - * Once running L2 with HF_VINTR_MASK, EFLAGS.IF and CR8 - * does not affect any interrupt we may want to inject; - * therefore, writes to CR8 are irrelevant to L0, as are - * interrupt window vmexits. + * If L2 is active and V_INTR_MASKING is enabled in vmcb12, + * disable intercept of CR8 writes as L2's CR8 does not affect + * any interrupt KVM may want to inject. + * + * Similarly, disable intercept of virtual interrupts (used to + * detect interrupt windows) if the saved RFLAGS.IF is '0', as + * the effective RFLAGS.IF for L1 interrupts will never be set + * while L2 is running (L2's RFLAGS.IF doesn't affect L1 IRQs). */ vmcb_clr_intercept(c, INTERCEPT_CR8_WRITE); - vmcb_clr_intercept(c, INTERCEPT_VINTR); + if (!(svm->vmcb01.ptr->save.rflags & X86_EFLAGS_IF)) + vmcb_clr_intercept(c, INTERCEPT_VINTR); } /* diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b43775490074..cf6ae093ed19 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1583,6 +1583,16 @@ static void svm_set_vintr(struct vcpu_svm *svm) svm_set_intercept(svm, INTERCEPT_VINTR); + /* + * Recalculating intercepts may have clear the VINTR intercept. If + * V_INTR_MASKING is enabled in vmcb12, then the effective RFLAGS.IF + * for L1 physical interrupts is L1's RFLAGS.IF at the time of VMRUN. + * Requesting an interrupt window if save.RFLAGS.IF=0 is pointless as + * interrupts will never be unblocked while L2 is running. + */ + if (!svm_is_intercept(svm, INTERCEPT_VINTR)) + return; + /* * This is just a dummy VINTR to actually cause a vmexit to happen. * Actual injection of virtual interrupts happens through EVENTINJ. From patchwork Mon Feb 27 03:53:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152700 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91DFBC64ED8 for ; Mon, 27 Feb 2023 03:55:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230413AbjB0DzV (ORCPT ); Sun, 26 Feb 2023 22:55:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58870 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229816AbjB0DzT (ORCPT ); Sun, 26 Feb 2023 22:55:19 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0857118165; Sun, 26 Feb 2023 19:54:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QydOKSIaWzLnm8U+iBcgwsna1cMx60r/5V42JQAgRJ1u4EqUs/mCxj26QujRex3lp1rQahKtYiiNDYqjEmZ76k/n51KTf3XHjYofsN+pMdKvJGsdG0yfbUsO9CKBhvNJH760p6NTB6FGjSMrZVX8x3rlTiroTQPj+8zNPOVCba7W9cxHFZjngCmEskWEmaU11138iKXSwJrbl6I6q+mQMVv61O2oYOWrvc6Tpfxc6wa8BEh/Dk5CCC9Ml3tyb3J/1mQpEIw0bzBJv0rYvw8eqnwHkA1vS6r2Ss4/HTskfXUhkp8vIwNuUyYL3RWEKO0Ig1nog7txPsFkzVAW3sPIVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JyH9v9BOX1ih55cDoML8MMxJytu22tVxlxjFFEiKtYg=; b=XtpgRxEg9V3kqgpoo05v0I1x3+uhw4V7UlK3V9QCepJlHY7nJ1OnbvhuhuQB4nQa0Qu4mWHctVu2OF1bLHaIvq3F1KNGhZRabCCCoV/ITglRQX2dOZ6PxuFnGE5/PNPN5aos8Y1fBqxh47ZdkpWyjMN9zqc6ZpQ3BlEccnp++hnuJTnMerYKMn74EJ+7Wg9eXPXJctqNAw+qCBfbY/wn21+oetJYNGls7frPb0ENFYZFFJVtW4Z65hA6wN8EF6QQgfD7sz0XPrXH0u09SJ33qvnwnUYDCS7ulauw6wH3uz535XsSyIrd92DluC2P8T4T0x2XkNDzChPWwXKOhlt6uA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JyH9v9BOX1ih55cDoML8MMxJytu22tVxlxjFFEiKtYg=; b=fdBm7atY82tqmhilix31+TFSnhATAeQHWCmlc/L7q95mYdtIcCp1sgNQRaUj01JbFca6g2Hn6QLhDPMdeM0GYHYWtAJZTLn7M4d2QbrHfnu99Unl90KHf1b0YBrSKXuRi3I8lLWdvMg9R8gX2XJHiYOk2eES2FWgDs8r1up1Prc= Received: from DM6PR11CA0027.namprd11.prod.outlook.com (2603:10b6:5:190::40) by PH7PR12MB7332.namprd12.prod.outlook.com (2603:10b6:510:20f::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27; Mon, 27 Feb 2023 03:54:54 +0000 Received: from DM6NAM11FT069.eop-nam11.prod.protection.outlook.com (2603:10b6:5:190:cafe::d7) by DM6PR11CA0027.outlook.office365.com (2603:10b6:5:190::40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27 via Frontend Transport; Mon, 27 Feb 2023 03:54:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT069.mail.protection.outlook.com (10.13.173.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:54:54 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:54:49 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 02/10] KVM: nSVM: Raise event on nested VM exit if L1 doesn't intercept IRQs Date: Mon, 27 Feb 2023 09:23:52 +0530 Message-ID: <20230227035400.1498-3-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT069:EE_|PH7PR12MB7332:EE_ X-MS-Office365-Filtering-Correlation-Id: 6486b227-50df-45a2-8717-08db18766287 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: gWv6XLduXgw2CFtKX2+SsEcsL8LfwVVxVQkouwRKa057IKxTl8vG/JApbAmOEkr61ky2sIMMrDwwpbZ7Fkx83k2QtqTmgnfpRfhaySEO+OBMqULjKX1PE81fc4nFK+WBIbA3EkRgHLIBVjexj7sC7MCAflwFUc5C7jJrrM6FR2gaR0QX0J4D8CD+GBAClTPOpjY2Ai5WtYzmGZTZs8XMT+hVsUzsb/D3voJ75yVwzr3EnpTFClBDDAcePdO9KZ3HWW4JrscW7S4W8AUe3nNwWdkts60dTF1P0HUkJtPXYjCV3KnpXekwtXkNXX7oeE4HUOeDBi4FKq3ZA14cdP7y4EmiURpEZLuLSEFqgXoaNHSM2aLQTqgy6J47wDGLbD5iSEJLN+BT1O2FCoue9AobcteqYphn5+hpkDpWDmrNK2yDf0HVXfuxgnNbvk1auDiBleQuD5HMaAZk94NMXW/22Mi8JYrxIz6K+gGL9xlKEfIjWw/s2RbBALlgNDzu+lc+Ql5z6LDCvVBRF2+QzAthZcXuAczTArrKY/VvZIlhGNOPjINzH9d+qLH3QMjsn/eSVJM2bjb2NxVd98SemrFe6rFWpZVw6Kef194XgcwF0Av56JG+d1k5FsSI/GrsnmioCSdDZbCn+tQGDNu2JZ/W3QPzHNAIKZXvj/pOcGpv3qfRzXISxikLkOrIcPgnG7gaLyzTnXVD70pGmCuZxjyI1W365P3FuuSf4Y6f0Bwegl8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(39860400002)(396003)(376002)(136003)(451199018)(36840700001)(40470700004)(46966006)(70586007)(4326008)(70206006)(83380400001)(47076005)(41300700001)(426003)(36860700001)(82740400003)(316002)(36756003)(16526019)(8676002)(336012)(81166007)(8936002)(110136005)(54906003)(2616005)(5660300002)(44832011)(356005)(7696005)(966005)(86362001)(478600001)(186003)(26005)(40460700003)(82310400005)(40480700001)(2906002)(1076003)(6666004)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:54:54.0688 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6486b227-50df-45a2-8717-08db18766287 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT069.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7332 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Maxim Levitsky If the L1 doesn't intercept interrupts, then the KVM will use vmcb02's V_IRQ for L1 (to detect an interrupt window) In this case on nested VM exit KVM might need to copy the V_IRQ bit from the vmcb02 to the vmcb01, to continue waiting for the interrupt window. To make it simple, just raise the KVM_REQ_EVENT request, which execution will lead to the reenabling of the interrupt window if needed. Note that this is a theoretical bug because KVM already does raise KVM_REQ_EVENT request on each nested VM exit because the nested VM exit resets RFLAGS and the kvm_set_rflags() raises the KVM_REQ_EVENT request in the response. However raising this request explicitly, together with documenting why this is needed, is still preferred. Signed-off-by: Maxim Levitsky [reworded description as per Sean's v2 comment] Signed-off-by: Santosh Shukla --- v3: https://lore.kernel.org/all/Y9hybI65So5X2LFg@google.com/ suggested vt Sean. arch/x86/kvm/svm/nested.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 107258ed46ee..74e9e9e76d77 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1025,6 +1025,31 @@ int nested_svm_vmexit(struct vcpu_svm *svm) svm_switch_vmcb(svm, &svm->vmcb01); + /* Note about synchronizing some of int_ctl bits from vmcb02 to vmcb01: + * + * V_IRQ, V_IRQ_VECTOR, V_INTR_PRIO_MASK, V_IGN_TPR: + * If the L1 doesn't intercept interrupts, then + * (even if the L1 does use virtual interrupt masking), + * KVM will use the vmcb02's V_INTR to detect interrupt window. + * + * In this case, the KVM raises KVM_REQ_EVENT to ensure that interrupt + * window is not lost and KVM implicitly V_IRQ bit from vmcb02 to vmcb01 + * + * V_TPR: + * If the L1 doesn't use virtual interrupt masking, then the L1's vTPR + * is stored in the vmcb02 but its value doesn't need to be copied + * from/to vmcb01 because it is copied from/to the TPR APIC's register + * on each VM entry/exit. + * + * V_GIF: + * If the nested vGIF is not used, KVM uses vmcb02's V_GIF for L1's + * V_GIF, however, the L1 vGIF is reset to false on each VM exit, thus + * there is no need to copy it from vmcb02 to vmcb01. + */ + + if (!nested_exit_on_intr(svm)) + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); + if (unlikely(svm->lbrv_enabled && (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { svm_copy_lbrs(vmcb12, vmcb02); svm_update_lbrv(vcpu); From patchwork Mon Feb 27 03:53:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152701 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1FF90C64ED8 for ; Mon, 27 Feb 2023 03:55:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230478AbjB0Dzg (ORCPT ); Sun, 26 Feb 2023 22:55:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59252 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230473AbjB0Dze (ORCPT ); Sun, 26 Feb 2023 22:55:34 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2072.outbound.protection.outlook.com [40.107.237.72]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A5D5F742; Sun, 26 Feb 2023 19:55:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MA6VdWMWb0C9GfBhSBqW/Om2mCRcaUggVw1vd8BI6INhRl0oPEwI+VEbUlwn11I/bp2TNFhJBVJHCobOxcXRfWD81OoBH9j1K+vglhgsry7WgGMp9VsZw+laXZ7EyIoN2SumAnymU3GdSSXQHBWLw32+iIz84pdqd/ahCiraJXFAluLBmjv7wEGmWdwLtUPJhfAmOnswskhRqQl1dN3bSrNKonhRemOHiboZvlvr8C3h4NIs1Z33/T6IwbvReF+FihJ0XU79pQjPcHb4sFTk/PbdFbUKaBiERYqd662nnKrUCDC1aSWuQYy/IclKFvsN29871VfRWvi8/eZkhyfUMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WsBi1YVAqcUeIja1LeaDn65/zTLD9XL7APBHdf4wERg=; b=MPZM2FGYv318CFQL9IYL/ZDOp6+JBSJUUgERqi/u6fiVyfnJq8UP/OOm8Tk79eJz7Jx0nfSEZMmiIEmRNffKlmG9b9FyU0tZtY9hQ2DYlo8eOobPu8FCN0KH70iavHwvj2/yv4Ee6CQAvrmK9DTUI+jDmyM/6l+EAU0K8LQEQSDU0SO77tzwNodtPsx9/PtCQAHCjI804/WvsJSzVdz420NKkCN9Qu9LE2pXcC9g5blhYSGBxkrYBXHYMalmtWjDcnMWO81wGtRt7RtN3y8liwGQ1AAlANXjpjidmY4u7Xke5e+GYK7BUbY9T/6Y100k5kJUBT7gZuy7BiW1iKzMow== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WsBi1YVAqcUeIja1LeaDn65/zTLD9XL7APBHdf4wERg=; b=xzoghsXXqq7bDaEhjrF4P9qW9/UgYI/mIHbLaOMgarU/KbK81NP0Skk2aYC73hD7IUDQBvwvkJLgDS6Xw003LgGkOTn5siSLa7Q2bNWw8UV99ghMi6uT88QJK4CvT3W1qhfZ+ABqjvX9MHUTNtlgZcSLpEioD3uqxp02OGbegbI= Received: from DM6PR08CA0044.namprd08.prod.outlook.com (2603:10b6:5:1e0::18) by DM6PR12MB4107.namprd12.prod.outlook.com (2603:10b6:5:218::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27; Mon, 27 Feb 2023 03:55:11 +0000 Received: from DM6NAM11FT031.eop-nam11.prod.protection.outlook.com (2603:10b6:5:1e0:cafe::e7) by DM6PR08CA0044.outlook.office365.com (2603:10b6:5:1e0::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 03:55:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT031.mail.protection.outlook.com (10.13.172.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:55:11 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:55:07 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 03/10] KVM: SVM: add wrappers to enable/disable IRET interception Date: Mon, 27 Feb 2023 09:23:53 +0530 Message-ID: <20230227035400.1498-4-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT031:EE_|DM6PR12MB4107:EE_ X-MS-Office365-Filtering-Correlation-Id: 049472ba-e4dc-4d40-2337-08db18766cad X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9qJvzfH07uldZW+oR/X9tQOQMGMdNFngzOshud4N5ekrRg7XPxNoRjz70qi9kIQbxaU9tZqXprULWCYEXX8PJIkGf7AC2S1VryN4dpQPn1/P69F+u7ZAEtT4n7rQpgpyakLsLMu/XBcauOeOMn4juTCpXT6DDhyHI0Kcr3zcQEO7dF53paY5/HYWA8lR8Bi0o2B94X7pZjBJ1TJqwge7Ti2C8NC0dBHSr5X25ojhWM+58dFlfOrlrBIRlcoXNc/wJbk7YRkDkfYXlqXDyBYvhXQENohond3BOF3a5xShNZISu6EYv/0SCdZa/UqhrCX34irsZL4/KL6I9J8sli30D2kKTWAKMAY+CN1woKZHptVKBimV3SfUj8eOSujoZMabVOvGsCrpIEqr+R9qNz3nZT0YzF+V5xieVGwwlA2/r/33Xwx6F1zdJOUSBN6jq09Yg9iut9Ne8U5g/9WhOOtxJeW6WIgP6NCiaKB6mPEYoJ0YTIuvJkqKbI2he+Q2T8YE3A2jPSZBQ0k3rtZ5PnEeMGocNlH77+3lFqObe0KPFeFGpPvPWv3TvhKQfoFzKtBI5rXJeJOcoulzUJeVmB3nYuAut3qYLcGgL16iD8k/QEz+E3anKiH8b8m/i7DL+h122Dn/s7f4XONK1l4ybsofx2iXXMDyuuU5rCkbr411rZu1rGg88tot4G7ZlarE22C7JwfXvnQQNNf6cE7nKyK6wyIyHC2c3lQZhgRbsxqdJ2g= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(346002)(396003)(136003)(376002)(451199018)(36840700001)(46966006)(40470700004)(356005)(426003)(47076005)(82310400005)(336012)(40480700001)(36756003)(86362001)(81166007)(82740400003)(36860700001)(40460700003)(83380400001)(2906002)(7696005)(5660300002)(44832011)(70586007)(70206006)(4326008)(8676002)(8936002)(110136005)(41300700001)(54906003)(316002)(186003)(26005)(16526019)(2616005)(478600001)(966005)(6666004)(1076003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:55:11.0769 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 049472ba-e4dc-4d40-2337-08db18766cad X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT031.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4107 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Maxim Levitsky SEV-ES guests don't use IRET interception for the detection of an end of a NMI. Therefore it makes sense to create a wrapper to avoid repeating the check for the SEV-ES. No functional change is intended. Suggested-by: Sean Christopherson Signed-off-by: Maxim Levitsky [Renamed iret intercept API of style svm_{clr,set}_iret_intercept()] Signed-off-by: Santosh Shukla --- v3: Reworded commit description per Sean's v2 comment: https://lore.kernel.org/all/Y9RypRsfpLteK51v@google.com/ arch/x86/kvm/svm/svm.c | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index cf6ae093ed19..da936723e8ca 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2490,16 +2490,29 @@ static int task_switch_interception(struct kvm_vcpu *vcpu) has_error_code, error_code); } +static void svm_clr_iret_intercept(struct vcpu_svm *svm) +{ + if (!sev_es_guest(svm->vcpu.kvm)) + svm_clr_intercept(svm, INTERCEPT_IRET); +} + +static void svm_set_iret_intercept(struct vcpu_svm *svm) +{ + if (!sev_es_guest(svm->vcpu.kvm)) + svm_set_intercept(svm, INTERCEPT_IRET); +} + static int iret_interception(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); ++vcpu->stat.nmi_window_exits; svm->awaiting_iret_completion = true; - if (!sev_es_guest(vcpu->kvm)) { - svm_clr_intercept(svm, INTERCEPT_IRET); + + svm_clr_iret_intercept(svm); + if (!sev_es_guest(vcpu->kvm)) svm->nmi_iret_rip = kvm_rip_read(vcpu); - } + kvm_make_request(KVM_REQ_EVENT, vcpu); return 1; } @@ -3491,8 +3504,7 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu) return; svm->nmi_masked = true; - if (!sev_es_guest(vcpu->kvm)) - svm_set_intercept(svm, INTERCEPT_IRET); + svm_set_iret_intercept(svm); ++vcpu->stat.nmi_injections; } @@ -3632,12 +3644,10 @@ static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) if (masked) { svm->nmi_masked = true; - if (!sev_es_guest(vcpu->kvm)) - svm_set_intercept(svm, INTERCEPT_IRET); + svm_set_iret_intercept(svm); } else { svm->nmi_masked = false; - if (!sev_es_guest(vcpu->kvm)) - svm_clr_intercept(svm, INTERCEPT_IRET); + svm_clr_iret_intercept(svm); } } From patchwork Mon Feb 27 03:53:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152702 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0F62BC64ED8 for ; Mon, 27 Feb 2023 03:55:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230183AbjB0Dzr (ORCPT ); Sun, 26 Feb 2023 22:55:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59600 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229478AbjB0Dzq (ORCPT ); Sun, 26 Feb 2023 22:55:46 -0500 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2064.outbound.protection.outlook.com [40.107.93.64]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6D0FC16337; Sun, 26 Feb 2023 19:55:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IN4SkgnBEbhq4Z7iHNhqOkk70IH1LUNyarCnqPdvqnxtWwHmyNdCq63Hh/6uM7/gBXVqAi+JUJintXZQQ95KBYg5j6Oo5Udg5yEoZoO+f5HAey7QwPNj5WfC5prSL61kS1FvDU4FeXo8bDAYJAx+K8TYm0sGiwvT5Pg2OobBIt/Erm30EgIpsln+Ecn35Bth2hZ57uvqJbTbBVI6SoD8sQ2oqbj/KfFE041zAnVkDV/RsNx/nRJgsFDmTh7Mcyx6whbzE5lOO55YxXezierU4glAi3EP6Zr2ky80QNlSuM0NfXZ25dpDHTnhOIZBn5RbgTCiWgr01UfuxvtliXS+0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Hu+vMnSbb0fu9eWMd7S5gFKKGtAFLqJlHCvzrvVxW1U=; b=IdCkxW/nFq7jC/uu35odKo4ub/zoi2Bbn+Q7QRWIKrJEIM4CfYVm7C+EcF+G9YTwGn2OvCxawqIGlJBAKX3AAUtoCJy7HzS9dTGTRAtLw3hmFsR9qRT8uERwYK0VYvDJzAWFgg93EjnTGOaVY5UOFOPKvD0sNFmj5efGZxRqRnO1rwXEyoIbQkuKsO5vKAm09WlTnCgxNOuRwSqqNxMmrrIzlk8WjNzmdYBYsd4HuKGpnOSkYauG8LXsFHgEyAeCgSl2Umxk+fpv73S2t3csN/eE7nXiw4QpwLaOVSW2G5VewDS/gouY+gKCum6xyC7O+kH89ocGhZ//LX57WU20Mg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Hu+vMnSbb0fu9eWMd7S5gFKKGtAFLqJlHCvzrvVxW1U=; b=ezVjtalx2ZyCs4DXbsMp3Pg9zA0095Cu5EP8kM7CMCQ91189tuYSOAjNEVTDlJ8K5IcVezfq9DQwPiHVoa2Z0QqTyK9Zut9zhP/Bp2xlGtKTr7Hd5z85o0QNa98GF9sISnHhvh/uq1tDZ1Zo/vpMTFyXGgGm9zalANDyvk/Q0SY= Received: from DM6PR02CA0069.namprd02.prod.outlook.com (2603:10b6:5:177::46) by IA0PR12MB7775.namprd12.prod.outlook.com (2603:10b6:208:431::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.25; Mon, 27 Feb 2023 03:55:28 +0000 Received: from DM6NAM11FT037.eop-nam11.prod.protection.outlook.com (2603:10b6:5:177:cafe::7f) by DM6PR02CA0069.outlook.office365.com (2603:10b6:5:177::46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28 via Frontend Transport; Mon, 27 Feb 2023 03:55:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT037.mail.protection.outlook.com (10.13.172.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.12 via Frontend Transport; Mon, 27 Feb 2023 03:55:28 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:55:24 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 04/10] KVM: x86: Raise an event request when processing NMIs if an NMI is pending Date: Mon, 27 Feb 2023 09:23:54 +0530 Message-ID: <20230227035400.1498-5-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT037:EE_|IA0PR12MB7775:EE_ X-MS-Office365-Filtering-Correlation-Id: 774d1f8d-a8bd-492c-953a-08db1876772e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: y89NWt7OnLgBOSmr2OE2MWgpYCf7cqiZbe3aVaUzG+pU2A4YQfFscRuCNNiJkzmNPTu7YqNP8T9Mj/K9ZQoa5lWOcfiD2r6jRUcLJbgmPGgG7UdhfltvBGseyqKeuq/X+IE8PJ0WZSEi4wMLiZ8qeLLMtg6jNl5WnHKpf3ztGAzB1lU7lKnXa7y+jKidIXohMebSOXK1fkZ8oEJLh+UWT6Xw8JCi6ccpEcmzBLOmr0DuvPFTejIzpzqOgkAY1Anu68ZqH+0UzHZAHQ4y88HT/KzeaY2xVdfJK+AKEHcdgo7WpJIOSQAJWeh88XubbuB2zHWP29UNUAA5l4C1HNFU8XO5X5yeoK3vNuJGOBuCjJXyNqI0MesvMzC5MYcdZSXFQDW/P1XsZKeq1n8FAYsfVNaVu1WbYNsWLYkdn4dUv4h/gCNyJc7h+emVfFfNToVzYRzYzqxIa9N/azbaJ9yFu2HG8CcV8/eAs1lhcGd0A/me15kdMt/1vznQxfMVQnjU6iV3a5XdqyZUyiaRarGArKK7AnDRhHrAJhAD3rAKjdONreJd9MQ0aA6h8W1gah5+TjvTOshtVLN3Pr8KYE8bm4wI+Mv3kBLzTLoiurnLipPVXhuH7hA1rHIjgrRWhS/VWzfx07ZjJhbf7WseK78yhDHnFadYekE7COoBbZgvJih8hVNWQkNptLNCkolfwX9DZE5bvEbMMStVqa2LJgeVF0y9N2UInIedeOYgIFa9RYk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(396003)(376002)(346002)(451199018)(46966006)(40470700004)(36840700001)(40460700003)(83380400001)(36860700001)(47076005)(2616005)(82310400005)(82740400003)(356005)(81166007)(41300700001)(4326008)(2906002)(8676002)(70206006)(40480700001)(8936002)(70586007)(1076003)(26005)(5660300002)(6666004)(16526019)(44832011)(966005)(186003)(7696005)(316002)(426003)(336012)(36756003)(478600001)(86362001)(54906003)(110136005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:55:28.7025 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 774d1f8d-a8bd-492c-953a-08db1876772e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT037.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB7775 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Don't raise KVM_REQ_EVENT if no NMIs are pending at the end of process_nmi(). Finishing process_nmi() without a pending NMI will become much more likely when KVM gains support for AMD's vNMI, which allows pending vNMIs in hardware, i.e. doesn't require explicit injection. Signed-off-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v3: - renamed iret_intercept API https://lore.kernel.org/all/a5d8307b-ffe6-df62-5e22-dffd19755baa@amd.com/ arch/x86/kvm/x86.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index f706621c35b8..1cd9cadc82af 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10148,7 +10148,9 @@ static void process_nmi(struct kvm_vcpu *vcpu) vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0); vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit); - kvm_make_request(KVM_REQ_EVENT, vcpu); + + if (vcpu->arch.nmi_pending) + kvm_make_request(KVM_REQ_EVENT, vcpu); } void kvm_make_scan_ioapic_request_mask(struct kvm *kvm, From patchwork Mon Feb 27 03:53:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152703 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F0702C64ED6 for ; Mon, 27 Feb 2023 03:56:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229803AbjB0D4m (ORCPT ); Sun, 26 Feb 2023 22:56:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60404 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230104AbjB0D4T (ORCPT ); Sun, 26 Feb 2023 22:56:19 -0500 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2040.outbound.protection.outlook.com [40.107.100.40]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFD9C1E1F2; Sun, 26 Feb 2023 19:55:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FzKEUq72OyiHobnzaGF2Aqauu7qkOb6fWNpaoJD9rccL0mX1sH4oWDXuWo+SJ/ALPeI6S4XG+jy7cFKyP/BfRWAMLmEaflH+Lgjh2h8P2srIZ+t850niWRDsQ+Tinqsew/YXcsYTJUBQCKRBLvKxpNYKcNloDFKm6nldbne26eLjA7OsrOoPhn4sUiZAf6biRodo0IU+0s0Kz7gdsxZK2bjtfmsWLAr4tEdOagHpBNyUgHG1yOSS3mcZc4s7gckyHe6Em0OX6LjdB5rARRkTP8Z2aAeu3n/pjtgrDYgzSblV7O18EYo588BfbEByO4qjvUL+Hhp9tZUNzRARCAuCww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oR7zheTrX5qMmDFyKQ7qK0DSOkugApnTFBoUnooBEdU=; b=Pq7drIlduRhingl8Rxg770cTgeKQ0COBJYNj/nX8Lt0tM9iL7KJp/O8Six2dpPvZjSiEEoSL44lueLasxXKVD45jGJVhinZVq/6wV6k98VoaqvT+kADBvos4ClAFy8kCGm3CHWdp3/VgWSqDbFsjtX+PJd/BU5ausgdDPe7gvr1N86b5NJKWJwwPZU0yAfhpmzC2AJZCNUu6IVABhHcEAKTcwViG8JS9KOhyGYAnObrBUiTePaaJfrQTms+QC77h+yHh0Imt7vFRAi5GeVxZM8RXRk6vGHFERnN8MXYopoWEqB14fTk6AH85hhlhZU3uMhW294bXry2QfqOHslorpQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oR7zheTrX5qMmDFyKQ7qK0DSOkugApnTFBoUnooBEdU=; b=st2iT19EZKSuCiGdFi8fjsh5YMxj2lTuaoDjYmDxj35Buw85MIGkslR8WsTfn52nFMyq+064Bad+jsLZ21CGoCTCxtJBI2OHki0bQEoga0LiilBqU8VRBb0o/cC/gZKSp6XP34ThwGHw2dJHS6JuqMzGM9RSDqlW/gClYTuKkAc= Received: from DM6PR13CA0038.namprd13.prod.outlook.com (2603:10b6:5:134::15) by CY8PR12MB7217.namprd12.prod.outlook.com (2603:10b6:930:5b::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.25; Mon, 27 Feb 2023 03:55:45 +0000 Received: from DM6NAM11FT066.eop-nam11.prod.protection.outlook.com (2603:10b6:5:134:cafe::fd) by DM6PR13CA0038.outlook.office365.com (2603:10b6:5:134::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:55:45 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT066.mail.protection.outlook.com (10.13.173.179) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:55:45 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:55:41 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 05/10] KVM: x86: Tweak the code and comment related to handling concurrent NMIs Date: Mon, 27 Feb 2023 09:23:55 +0530 Message-ID: <20230227035400.1498-6-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT066:EE_|CY8PR12MB7217:EE_ X-MS-Office365-Filtering-Correlation-Id: 58129453-7f10-4673-956b-08db187680fb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: dNpwhXeYnKbsT+ugHgXmoVcDq07stbAmtnpcw8d8L5X9oZ8gydyWotwPv2BM5MAPcgnpSosqiUtUQ2L2voeoq8uyYcRfS3iQstnP8cbjY48XOw1ObnrCQtcDZtWXM7a6X8ImfhYVIgwtKzgnDhmiJ9jo4umDFcUI6+rJGuacG1cYgSGcF+EWQa7DzIe9bVEqUYXOBBTdtHsmIgbIdUEZZqKrpAxDmIAfY5cM6/46rVnSBlS6+tn/hlHT+xFh53JRN6kj0i0PlnUafDgaz61vmqjmBFz2+M4xEdAvTNDxP0BwqceGC28ZqW/0O7gGorZlA2Hfy9tH5w8hXBst1c0Af08IVdhszvdZmoIBhWzjb3GTD4r29PsK9XtE/DVIIokAFrAqFY1mZEMfStIW9RkarCBqt06ltxloT5vFdfP3keuhCV7d9KN6h2rNoqItSY6bWroBOkgPCIVuonuizOics8GG8I9cSxuSCmBr0DfSoQSKpVWxzZIk2d+sWpvWX+GmjuolPXoLiLL17hdwStVjdGgsAA45zU7NLhybdbKYuwGRCGXNoMsTe9xwi1LFzMtE5S6vZtedHKAJCL3hSm3ksZODWVC3VMVCWXROrpwLWhZLeyDP4ASLYpPTZXOv2OU5YKwrhuPvjIkjls92TlqrZbFn/CzSA5Y0DTObGP/0pCHeUIWtzSojRoQF/+wjTTY4gZBsVq2r7H7lm+BQzfQmaRuhA73UaRYUX92U+W/Sads= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(39860400002)(346002)(136003)(396003)(451199018)(36840700001)(40470700004)(46966006)(36756003)(40480700001)(40460700003)(86362001)(478600001)(41300700001)(356005)(8936002)(4326008)(70206006)(8676002)(110136005)(7696005)(82310400005)(70586007)(316002)(54906003)(5660300002)(186003)(2906002)(44832011)(36860700001)(83380400001)(82740400003)(81166007)(6666004)(47076005)(16526019)(26005)(1076003)(2616005)(426003)(336012)(966005)(66899018)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:55:45.1454 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 58129453-7f10-4673-956b-08db187680fb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT066.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7217 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Tweak the code and comment that deals with concurrent NMIs to explicitly call out that x86 allows exactly one pending NMI, but that KVM needs to temporarily allow two pending NMIs in order to workaround the fact that the target vCPU cannot immediately recognize an incoming NMI, unlike bare metal. No functional change intended. Signed-off-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v3: https://lore.kernel.org/all/Y9mtGV+q0P2U9+M1@google.com/ from Sean comment. arch/x86/kvm/x86.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 1cd9cadc82af..16590e094899 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10136,15 +10136,22 @@ static int kvm_check_and_inject_events(struct kvm_vcpu *vcpu, static void process_nmi(struct kvm_vcpu *vcpu) { - unsigned limit = 2; + unsigned int limit; /* - * x86 is limited to one NMI running, and one NMI pending after it. - * If an NMI is already in progress, limit further NMIs to just one. - * Otherwise, allow two (and we'll inject the first one immediately). + * x86 is limited to one NMI pending, but because KVM can't react to + * incoming NMIs as quickly as bare metal, e.g. if the vCPU is + * scheduled out, KVM needs to play nice with two queued NMIs showing + * up at the same time. To handle this scenario, allow two NMIs to be + * (temporarily) pending so long as NMIs are not blocked and KVM is not + * waiting for a previous NMI injection to complete (which effectively + * blocks NMIs). KVM will immediately inject one of the two NMIs, and + * will request an NMI window to handle the second NMI. */ if (static_call(kvm_x86_get_nmi_mask)(vcpu) || vcpu->arch.nmi_injected) limit = 1; + else + limit = 2; vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0); vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit); From patchwork Mon Feb 27 03:53:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152704 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 189ADC7EE2F for ; Mon, 27 Feb 2023 03:56:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230039AbjB0D4n (ORCPT ); Sun, 26 Feb 2023 22:56:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60744 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230446AbjB0D4f (ORCPT ); Sun, 26 Feb 2023 22:56:35 -0500 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2085.outbound.protection.outlook.com [40.107.94.85]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E9AA9196BE; Sun, 26 Feb 2023 19:56:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S+Td0OQH9n3QYdSrNPElC24NHrMzd72cZCJwmlSx0vp+8qQ07oopX/pcMEPt/rxK1UU0tTrhKJG0/jiv9Ef/es53LwUdDeKU+3PLy3YU39pMDRU9HymY8RBETTmdqHcxLRD0CI4A6jiI3riKn4dbmZZkM+bC0PDNh5RODPundScjs1w4WP5FEeFf5nO2w0TcfFEbDg01qo1dEshCPeEFCNeG2cJDGCSVRP7rMWhg8pzoZ3aCBkBkGldOIXe+UsLcHMf/nPqhtVxri389cZVvCqW/YkG540kaYtmxW+AExTZC2W8w6UjTyvJpxCfxccvySXKWMB1fjFbL6qNSYzwSHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gKBFoj86dHZ+KfxyBEgxL1R8g8Ujxd/3fSsSU13nxSc=; b=O8GwzHm8934H6ZQw7ugbov6B4RnvyEuMiTHfVA6hKc9bWkWlYFfL5R8F9obYgh93hZXzwnHtwBOWuNe+s7ymBlxVVMiYwbjFJiDKnHymadDW/lwfT/JZHKfl/4PkyRQ4WSws/aGMRy+ekkEWS1zUKVVCPmdKGr6Z/dMDudtCmveDUloMKVucsHoglozNTuS6jQc7FEN0w+sKyPtmSsrTabNEHChAaZMBEKTkQvM7Vb59/OdiC0dki48Z8/nTu0QbHNymptLlBI84pw3CILRI7FwXlZPFXEEeXM9v4FVImSWxTDMOSZXqFZfHIsxVvYPcQT23sqkYOULuxKjjD0BwVA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gKBFoj86dHZ+KfxyBEgxL1R8g8Ujxd/3fSsSU13nxSc=; b=ooaGqyM2H1OjqD9o3f1ag+dxgXRsAqtCBqaY/VQJXi7B5dCALrZ++jAwaiB5lx24Q71r0hyzUT0H+yJc+Sz2oMGIcFaGsSAZQlt3+D9vdBxhp7rHh+EPn/3ozA2i0M4cROha30E4Q5rQS5lrZcg8AN1tCn94gENxB8Vm0SJ/DLE= Received: from DM6PR06CA0086.namprd06.prod.outlook.com (2603:10b6:5:336::19) by CY8PR12MB7684.namprd12.prod.outlook.com (2603:10b6:930:87::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27; Mon, 27 Feb 2023 03:56:02 +0000 Received: from DM6NAM11FT105.eop-nam11.prod.protection.outlook.com (2603:10b6:5:336:cafe::6f) by DM6PR06CA0086.outlook.office365.com (2603:10b6:5:336::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28 via Frontend Transport; Mon, 27 Feb 2023 03:56:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT105.mail.protection.outlook.com (10.13.173.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:56:02 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:55:58 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 06/10] KVM: x86: Save/restore all NMIs when multiple NMIs are pending Date: Mon, 27 Feb 2023 09:23:56 +0530 Message-ID: <20230227035400.1498-7-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT105:EE_|CY8PR12MB7684:EE_ X-MS-Office365-Filtering-Correlation-Id: 8917648e-41df-4ead-6468-08db18768b5c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Vgjr95Psn0XLEG2lchdKnXMpRaEPL+iJ4ylfV+Edh6limd+dARGVlCXk7vIXD6LlD2E0uGTOZazKxjWQckxsXAi+NKB4Q4Xjm01hj6FgYWW8fiQ8inQYJwmtryb1vY08HSbw++75lDRCKdnoBFOyMB28PGOBlRvQN6o/ZVo8ii366YZV/x95OdliGxrEF22cMuxNCIixOAvubk2jnzppfH84QUvBmQR5wFoGfdAZe3OCDI5rG/m3hR9AA9KTxIX+RxSi/OBarTc0Mr20TPSTHgCh8Y9AX76HcDA4jTfuio2KfFOmSQDng/twx7QLN14R63TD5SA1NzqJd7XWHWEzw6qmqQ9+HHY2v0gJYDi2nJfvtYOX8Q9GCcYKBOSYz5LAlolr/raemFoBZhUqq7iUc0Q4FTW76xlxiUpwH8oLahitgm6yCnLynRjX9ZL0QpHlVQsiSOQq34ZnHUw4Ii+J5zdaoFH6HFSjjI5Tio3wlM/8DnEyfqG/WPXcf92iqmzqtq2lv4fTXY4b3d5lYOMCdPxP9aVQNWWQjKlQFL5Iw7iyaFkHBOTb3RI+yr3DmT2tGxiwiLZQU+o0Ty8xrlEvu3xOdNHb6oyM/EqxZrznG6RaoECM/FRN6JIU1vtzLT0SzMhBi6IDMbFCQ+830FvOysBATC+PQibBfjWYIOnpVEjVBQqnEbf0Jkl8DSc05hjphCOAsUKmZ2nYcld13mHL8nPsDeWSzAHp/Wkba6mZob4= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(396003)(376002)(346002)(451199018)(36840700001)(40470700004)(46966006)(40460700003)(16526019)(186003)(82740400003)(81166007)(83380400001)(316002)(356005)(8936002)(8676002)(4326008)(70206006)(41300700001)(70586007)(336012)(44832011)(2906002)(5660300002)(36860700001)(7696005)(40480700001)(478600001)(1076003)(426003)(26005)(47076005)(2616005)(110136005)(36756003)(82310400005)(86362001)(54906003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:56:02.5727 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8917648e-41df-4ead-6468-08db18768b5c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT105.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7684 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Save all pending NMIs in KVM_GET_VCPU_EVENTS, and queue KVM_REQ_NMI if one or more NMIs are pending after KVM_SET_VCPU_EVENTS in order to re-evaluate pending NMIs with respect to NMI blocking. KVM allows multiple NMIs to be pending in order to faithfully emulate bare metal handling of simultaneous NMIs (on bare metal, truly simultaneous NMIs are impossible, i.e. one will always arrive first and be consumed). Support for simultaneous NMIs botched the save/restore though. KVM only saves one pending NMI, but allows userspace to restore 255 pending NMIs as kvm_vcpu_events.nmi.pending is a u8, and KVM's internal state is stored in an unsigned int. Fixes: 7460fb4a3400 ("KVM: Fix simultaneous NMIs") Signed-off-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v3: - There is checkpatch warning about the Fixes tag like below WARNING: Unknown commit id '7460fb4a3400', maybe rebased or not pulled? #19: Fixes: 7460fb4a3400 ("KVM: Fix simultaneous NMIs") total: 0 errors, 1 warnings, 20 lines checked Although this patch is part of kernel v3.2 onwards arch/x86/kvm/x86.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 16590e094899..b22074f467e0 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5113,7 +5113,7 @@ static void kvm_vcpu_ioctl_x86_get_vcpu_events(struct kvm_vcpu *vcpu, events->interrupt.shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu); events->nmi.injected = vcpu->arch.nmi_injected; - events->nmi.pending = vcpu->arch.nmi_pending != 0; + events->nmi.pending = vcpu->arch.nmi_pending; events->nmi.masked = static_call(kvm_x86_get_nmi_mask)(vcpu); /* events->sipi_vector is never valid when reporting to user space */ @@ -5200,8 +5200,11 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, events->interrupt.shadow); vcpu->arch.nmi_injected = events->nmi.injected; - if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING) + if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING) { vcpu->arch.nmi_pending = events->nmi.pending; + if (vcpu->arch.nmi_pending) + kvm_make_request(KVM_REQ_NMI, vcpu); + } static_call(kvm_x86_set_nmi_mask)(vcpu, events->nmi.masked); if (events->flags & KVM_VCPUEVENT_VALID_SIPI_VECTOR && From patchwork Mon Feb 27 03:53:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152705 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 98ADFC7EE30 for ; Mon, 27 Feb 2023 03:57:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229867AbjB0D5O (ORCPT ); Sun, 26 Feb 2023 22:57:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33032 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230127AbjB0D4z (ORCPT ); Sun, 26 Feb 2023 22:56:55 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2070.outbound.protection.outlook.com [40.107.92.70]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C80801E1EB; Sun, 26 Feb 2023 19:56:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Hsw2B1meAKB6lO8Hovo1RsR3ZfDBVPN2QqrtReyexMKR2F/jqFnMvgg4Nnch1Q9HR73zH7LR+jHJmTquI2DcNvxknLQ4L0LeED7yb8+wOB98hq0zPM6NHqLhYX4p2eNh8jHyFF5KnkfYipc54I4s4hNQQ9ZiKZJAzsHxR634g849mp7LlhS+/Rol8QeLYfgQLjuyEuCgKfCUG2ktqgPGCSTAaY3AAWaNA1X15/duKRFlCDNp5QO/cPpmEaNRsxDBg87qTOqyiD7a7r8hxkavgMRquS5DY8Qaq3AJ8mTZmxJNe0eNPO3ewuYo92Su60F7cbNoxKegCJ0T90iyC0u1tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5ZoJBnY5c1ZWHmeG/NH0VLZt3i7xb5uH/tahYI69Vkw=; b=aLy5nQLhdHnxb+7hyQ88NIBMlHH9CbbUk7t+vgU7qbAIOLvHim4yo1t2xADn0kkXqOfi7MxGsfHKVUS5Lz5UxoLhuWA1NUD58D9AFZMCOhuTCDwbvZBCYtY/fyl9vOM4DFYpBkNzxHNIo3dLtF4eHuoc3eNbLw9XJoBcO1hcD7ELkv//p/HWO6I2b5CHEuOw3gKUgj/R1ZJzMXxOTR1ehVOKjzG2fdk0mkmb3e6Di3yNCOBshqm7FMqdINSMsJRsfrPiM6jkV1IYu4bGjyow+b0XlcL8kz1f7iKZOBnc16ThAjrbiysVGIcCvjU87YzkjCZrfkmCAI6QF7/eg2hO8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5ZoJBnY5c1ZWHmeG/NH0VLZt3i7xb5uH/tahYI69Vkw=; b=EviJGANcFCZI4Yp+ksOITCuH7QLXGrkLU91xVCYQ1UoHJ7MVJ7J4LRsoNdK7F7jqE6ZEmTF3IuiKX6wgjkcOQAWYFmJ/8lCTg9yF3EtNHd4oDPlbC5+3XQtJxgOJCXnfhhO4spqKEWsAdGqgASx0uOir6L4X4j1005pce4Y88LM= Received: from DS7PR03CA0090.namprd03.prod.outlook.com (2603:10b6:5:3bb::35) by DM4PR12MB5391.namprd12.prod.outlook.com (2603:10b6:5:39a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27; Mon, 27 Feb 2023 03:56:19 +0000 Received: from DM6NAM11FT109.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3bb:cafe::ec) by DS7PR03CA0090.outlook.office365.com (2603:10b6:5:3bb::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27 via Frontend Transport; Mon, 27 Feb 2023 03:56:19 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT109.mail.protection.outlook.com (10.13.173.178) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:56:19 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:56:15 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 07/10] x86/cpu: Add CPUID feature bit for VNMI Date: Mon, 27 Feb 2023 09:23:57 +0530 Message-ID: <20230227035400.1498-8-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT109:EE_|DM4PR12MB5391:EE_ X-MS-Office365-Filtering-Correlation-Id: 5e8beeda-8746-4dac-1c58-08db1876958b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nNMglUPfGCHA/eHrWiUowsCW/jjHVmDGqnKRTuU0NNi1ZOExPtUPEPMg/DNhPx0FqoQLAzWLtS9Ne/LrkoBg90buEptbF6t16ZrMTBeBmAZd8Di2D22FW8CcuGmzrKvWOhj5OGhMrjZRAMtKV/SUVSktfPPTB3XTxjyD9roi/q3wh/CZeeM219c3UG6SF+1B4aTznfVazKnoQngLU2qtzXm8SDLxEX+q3rB1NB1wQ8fhvTxXUtfcUmLAeEIhM/9GWqNGDqas3OQVRUfeaxhgYjpS3x1a7K8HcXIkWgE5pM9Gmmqm+rzSzL1HUY0w/1p2kv2gopU5bN/PoPZqSOCHUED5txAbQRKTYWszkRm9mxkiYVX0bbpTVybyrQFje12i2W1MvQbhogwZy7G3K2qyMdOR+RxOUHJBnFDRnPBdXW3AoQcXCc9JLHoudp2vnw4q6LscMm/VpMzfX4CaHJq5atUPslyUAka4pfhDoo9DrEa1z0J5I2i37A1x3LYzhGZ6mzJD1r+ZwdzeKn4agIYN6lk++SHqSBT7qqtrHcY5Prb31mLE2KtJ9Au7Lb+ttcjiWcNROy3nmIBoc+AGf5yJIc66Z14QZ3gVuTyiIyEYZfseLfdo58mDVB7151MbBI41q5JVHcLm+UW85Se3uNx3TzuRSoykN6ZNjIAFgjxXW0grdp+dj8FzDmFYCwzBBOLshOWYmTCXpLQV5LVvnbwpc9h7P0O2SC58tF4/DGYwPX8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(376002)(136003)(396003)(346002)(451199018)(40470700004)(46966006)(36840700001)(186003)(16526019)(26005)(36860700001)(44832011)(70206006)(70586007)(4326008)(8676002)(478600001)(356005)(40460700003)(7696005)(54906003)(86362001)(110136005)(316002)(40480700001)(1076003)(8936002)(5660300002)(36756003)(82740400003)(41300700001)(81166007)(6666004)(336012)(2906002)(2616005)(47076005)(426003)(82310400005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:56:19.6405 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5e8beeda-8746-4dac-1c58-08db1876958b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT109.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5391 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org VNMI feature allows the hypervisor to inject NMI into the guest w/o using Event injection mechanism, The benefit of using VNMI over the event Injection that does not require tracking the Guest's NMI state and intercepting the IRET for the NMI completion. VNMI achieves that by exposing 3 capability bits in VMCB intr_cntrl which helps with virtualizing NMI injection and NMI_Masking. The presence of this feature is indicated via the CPUID function 0x8000000A_EDX[25]. Reviewed-by: Maxim Levitsky Signed-off-by: Santosh Shukla --- arch/x86/include/asm/cpufeatures.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index cdb7e1492311..b3ae49f36008 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -365,6 +365,7 @@ #define X86_FEATURE_VGIF (15*32+16) /* Virtual GIF */ #define X86_FEATURE_X2AVIC (15*32+18) /* Virtual x2apic */ #define X86_FEATURE_V_SPEC_CTRL (15*32+20) /* Virtual SPEC_CTRL */ +#define X86_FEATURE_AMD_VNMI (15*32+25) /* Virtual NMI */ #define X86_FEATURE_SVME_ADDR_CHK (15*32+28) /* "" SVME addr check */ /* Intel-defined CPU features, CPUID level 0x00000007:0 (ECX), word 16 */ From patchwork Mon Feb 27 03:53:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152706 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A58DBC7EE2F for ; Mon, 27 Feb 2023 03:57:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229762AbjB0D5q (ORCPT ); Sun, 26 Feb 2023 22:57:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33528 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230114AbjB0D5V (ORCPT ); Sun, 26 Feb 2023 22:57:21 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1BA401E5FC; Sun, 26 Feb 2023 19:56:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hkGJWwzurKLlbID7eL3KesMpVBmOPwDsxwPo8ytC2MOZW/3CkvcsQ2zpJMF3orkQScisfUvCLKseVeCPuenxCIgj0JJMmExu9+cjsx3ttfq75B6Hlnd3QN55VNlr0frT1Ps8IRasd9y9daxONnQVV6wX5O2CZ+BO98EO4zaYYBOfo5FedA9RnKInT/IF+J/unCvMqSUvZx/jaNkD+sTfkKT0SZyzbfMYh8Hu65MLZso9+mMjoi4J4c5k2/uG3pSzdGacQcfPSyl+jW956wGwsHZ0FHGCvMRIfXfab0R7H7vWL7huECy0HbKpPu3kGnggIhRdzhN8gW2HvQ/47zfH7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OomX125WHtEtfsV+1qUccQcIwk0c/ySbmyUbcxEXG54=; b=e37FbMYJdfTRiNttv1kI/aSsnZUexiN8df6BAZM+in9SCTBEnaVLgF3r0txO2/VOAmq6nDQnMw4+ymcw3J0XrLNk5ajEKFeA0UbneYk46X24u/jV1ezVMDMmeRLJfugOMGTK/AH2FG+A7/ZoASiiU/96Tvnp5BYf8yeT3f4rAMglVxsZGODQvZunQyGTyloq1LkNi9WGs1QTaUhoCGwGT1FcqH6HAodc1yQ0nUuyC47/ALS566i/ctpJZZ9jYOW7mp0ce/T1Kau3hE427ORkqIC6T62sN1yAGihQgzGoOSCa3dCr9RqZXlmVu3T7scn/bM5GxFfHsbiIu8D+Ztrm+w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OomX125WHtEtfsV+1qUccQcIwk0c/ySbmyUbcxEXG54=; b=QoAxpyslnLKCZrzb61gL2f5v1/XD5ZCvqnoBsHZXYA1jREydWEo2n/afzurbQmshk81uD/0nkWJzOob+NA+fVUo2CUoJTAjHLRCx6LZf220sRAvbVOPzzvpQoifFcqdqJjvABDjnKQcuGxy3vd0+NofPNo/zYemm8obsJlXrtG0= Received: from DM6PR18CA0026.namprd18.prod.outlook.com (2603:10b6:5:15b::39) by DS0PR12MB7510.namprd12.prod.outlook.com (2603:10b6:8:132::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.26; Mon, 27 Feb 2023 03:56:48 +0000 Received: from DM6NAM11FT065.eop-nam11.prod.protection.outlook.com (2603:10b6:5:15b:cafe::eb) by DM6PR18CA0026.outlook.office365.com (2603:10b6:5:15b::39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 03:56:48 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT065.mail.protection.outlook.com (10.13.172.109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:56:48 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:56:32 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 08/10] KVM: SVM: Add VNMI bit definition Date: Mon, 27 Feb 2023 09:23:58 +0530 Message-ID: <20230227035400.1498-9-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT065:EE_|DS0PR12MB7510:EE_ X-MS-Office365-Filtering-Correlation-Id: 3deacc2a-e009-47cc-da98-08db1876a689 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1/5wp0imEEvhA8DoHm38NTa13Bhv2y1GBeasVW+7h9Top0g3UnhV6OKwLmPUpRKyLE5WMA6M9V9IkCQ9J3UOZLVjrbJOoHShVoyJpIer8zV2DHB/ghdrV+pmbG94iUqhg8lnFd1Hhz5hzXx7JaSJ+8MA50ssSNGDsLXvkx9hmlEkZ58gUHP0HNSJzYhXU7KAHZaFdfThSaWEHwNWk/ovjqeZbHAbMjiuo0GCNQscLMh48+UL02DtfLyD92rBHwhMrN5XXo3ONsp/3Sms8mgV+d5jujpqPGyyqsWpk1C6cwR9YH6w/C7OyJB50HK4Hczxa3B87fMAYMGGpc56l6/32vIFFcPWJZzm3QK10Fsm7a1KGkP4yhpvY7GFMze9x+dKW51BlXrPePqkq2I3xI9GTzMh2olPrF3YLw14zSOuYuE+kBhKbRsnxMDoX3j6HOyxIIva3w5K9qWsycz3NRJ2sDUuDqJNAtXQUXCe32qP5nP+1eFqNIQx2qcm9fJOxvnr9TXKGPZJQQEBa00mJ99pe6WC1644EWa9l6rRovedvxZZVV/wAPxukL9atAPzrVUs+XaaQ3kDhg30VEvbZT92QSjyEeO1PZvuFl9hMgNbfUo2xY5nXwXXvHznwj7pkImSDylivbbFvJlM76Les0m4Q/kUc6DsIhUgA5OLjiOsneWGr+kMb4jV7SZ+X1oUD7sFSf21QIcG+fXxjQK3tzYDyCl8zKoUKe2vUPGcb3q7cdc= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(346002)(39860400002)(136003)(376002)(451199018)(40470700004)(46966006)(36840700001)(478600001)(110136005)(7696005)(82310400005)(70206006)(356005)(8676002)(41300700001)(4326008)(70586007)(8936002)(40460700003)(36756003)(86362001)(40480700001)(26005)(186003)(6666004)(16526019)(966005)(426003)(82740400003)(47076005)(81166007)(336012)(1076003)(2616005)(2906002)(44832011)(316002)(5660300002)(54906003)(83380400001)(36860700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:56:48.1535 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3deacc2a-e009-47cc-da98-08db1876a689 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT065.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7510 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org VNMI exposes 3 capability bits (V_NMI, V_NMI_MASK, and V_NMI_ENABLE) to virtualize NMI and NMI_MASK, Those capability bits are part of VMCB::intr_ctrl - V_NMI_PENDING_MASK(11) - Indicates whether a virtual NMI is pending in the guest. V_NMI_BLOCKING_MASK(12) - Indicates whether virtual NMI is masked in the guest. V_NMI_ENABLE_MASK(26) - Enables the NMI virtualization feature for the guest. When Hypervisor wants to inject NMI, it will set V_NMI bit, Processor will clear the V_NMI bit and Set the V_NMI_MASK which means the Guest is handling NMI, After the guest handled the NMI, The processor will clear the V_NMI_MASK on the successful completion of IRET instruction Or if VMEXIT occurs while delivering the virtual NMI. To enable the VNMI capability, Hypervisor need to program V_NMI_ENABLE_MASK bit 1. Reviewed-by: Maxim Levitsky Signed-off-by: Santosh Shukla --- v3: - Renamed V_NMI bits per Sean's v2 comment for better readability. https://lore.kernel.org/all/66f93354-22b1-a2aa-f64c-6e70b9b8063c@amd.com/ arch/x86/include/asm/svm.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index cb1ee53ad3b1..9691081d9231 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -183,6 +183,12 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define V_GIF_SHIFT 9 #define V_GIF_MASK (1 << V_GIF_SHIFT) +#define V_NMI_PENDING_SHIFT 11 +#define V_NMI_PENDING_MASK (1 << V_NMI_PENDING_SHIFT) + +#define V_NMI_BLOCKING_SHIFT 12 +#define V_NMI_BLOCKING_MASK (1 << V_NMI_BLOCKING_SHIFT) + #define V_INTR_PRIO_SHIFT 16 #define V_INTR_PRIO_MASK (0x0f << V_INTR_PRIO_SHIFT) @@ -197,6 +203,9 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define V_GIF_ENABLE_SHIFT 25 #define V_GIF_ENABLE_MASK (1 << V_GIF_ENABLE_SHIFT) +#define V_NMI_ENABLE_SHIFT 26 +#define V_NMI_ENABLE_MASK (1 << V_NMI_ENABLE_SHIFT) + #define AVIC_ENABLE_SHIFT 31 #define AVIC_ENABLE_MASK (1 << AVIC_ENABLE_SHIFT) From patchwork Mon Feb 27 03:53:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152707 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2B3A4C64ED8 for ; Mon, 27 Feb 2023 03:58:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229567AbjB0D6R (ORCPT ); Sun, 26 Feb 2023 22:58:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34846 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229539AbjB0D6Q (ORCPT ); Sun, 26 Feb 2023 22:58:16 -0500 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2060.outbound.protection.outlook.com [40.107.102.60]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3F0251D911; Sun, 26 Feb 2023 19:57:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BDkznE1KzkDebmktwu4MaAuP6a85vI3GzfU4C02gxi4AV5E1pT4HOzDL1IPkyssDqR7/3fVkK8jxjRJkrfXMbutHMV+hCs/yx0upfZEa6Ff/74pB4NVty64Uu31c/L7Z5dmAs7z9ga1P6TKQzcEgRu6nkYTS2ilLOSwL4G4dhYxIdU0OA+KC6YG31r0PPAPW0ca/f4lrPPH/FD85pW8WMsOH3KFwC8/+VLXE/Dup7FRpksBdbge/K1BBDaHhW2Gcwd7j7PGKvwIfmvlmK1FRxEDnUX4FhSYi1r1F9Lpq9Sp6gNUoMkU0Z9Le2pkxZ3udeP17TE0cJAYcPHr3vDrmew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LaKperpv4+VdYCfjXKCZB8VJU+3gIjLgyl6XPPUmZVc=; b=Yq+POis78MQcZ0ewEbHqwdnW8HPUQZbRbNfUuj6Z6vl/bS6I+egz3/Bwfja+6I0QMS04ivQGrNnpHIhjhsJmnfP8UxNoj48jLn8CnOMAwr9KkjrRRPg9Dcf22cIYMNJtG7BGS5syb+pIoZLz/KMhXn/ve/m55B3+OZ9G1d+MgJ4rz36AEkCYVCuA3ZnnLSWd+A5GXvyI3B5D4GBsGP4sPuLJcjr0lp7M4EPEGrd3R4a04MFHcrfw5r1RbuECKXy2FPuHLbpqVUSR97EGSNvRDQ6evVBw/HypBLYjwgReqOl/TKZadTeeUM2kq9uEGdNQgRYmOO0jaBMZbDKVUssSPA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LaKperpv4+VdYCfjXKCZB8VJU+3gIjLgyl6XPPUmZVc=; b=UvRNnfXD8woUyT0HjytCQngEr2PxlKNx7UIhNRwaafWkHjAU30CsFiStehXeVFCUHm2Et80BeSEdErqrvoeS+IYJfis6ZbVK0KH9PTq6b9s7YqLFE6BFk8OEhK2TMmUjis3zNx/FTiubADtTZRkqj8NbzpykRRPXAzd0OYJg3Ho= Received: from DS7PR03CA0277.namprd03.prod.outlook.com (2603:10b6:5:3ad::12) by IA1PR12MB8556.namprd12.prod.outlook.com (2603:10b6:208:452::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 03:57:05 +0000 Received: from DM6NAM11FT098.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3ad:cafe::d8) by DS7PR03CA0277.outlook.office365.com (2603:10b6:5:3ad::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 03:57:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT098.mail.protection.outlook.com (10.13.173.61) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 03:57:05 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:57:00 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 09/10] KVM: x86: add support for delayed virtual NMI injection interface Date: Mon, 27 Feb 2023 09:23:59 +0530 Message-ID: <20230227035400.1498-10-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT098:EE_|IA1PR12MB8556:EE_ X-MS-Office365-Filtering-Correlation-Id: 0a90131b-39de-4dfd-7fc7-08db1876b0c8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: QIl97tjc3NDwHaPif8gWKKmlJGwIJutcJGXQx4mvvPicKjhCgXaVYoSvpPaIBK52uzmka3bVGqiYEvcf0/fApobUQjvHEt6NGEQRwrfhuVnPcaEn73qPPYmGchdg5wjPbqShDiVM8PDoxVaNeSSPIB2s4qPiV9iC4tKYKHsnRKvhy9aCVQOxB1WIQyiwxK5qjEZ7FBi2L8jCQ1DoeRcyQj0WYNcrOGN3JNR0LqwoU0bEV2ok08mXhfQVDFLbfX1kr2pKO+Og4RYob7mVpMDf+nW2VO3lwO47YRgMMuVLRNh7EznRHiMWdRsE+LVoGy4jCh9rxR3beNlvg09Nre868fbPEA1lVte92bTGRNH0XZq89Jwkpck2OfVfWl7lpKw2LUz8SWahKZXcaOSO6dE2ELaeth9DqduhF1bZxWi2lUKGXQbX5DPoEkCFNvSc/aVtFB3x8rmtnuORuTT5yJp8WXd+UVdvGw3mEQwyTuL3BzVJ71nttKef4bRYA2xx/AIVn+cHVUzcpVhsmWjQVKG7fgR0nlv9z/Ue9k2TRBLiJHRPhw5Ev1cIzvxvTXO1xsKqVh6PLF7jyJPxHRNMlZMZX+FdzY/8RgF5qOPH8ulsVcnJAdX86i+ovqDkmSfPcFjG9fRDwfklKLzwswQHxisoQil9Ry/dLNwrwNeAKJOHVpIRo+DZNr2s3WmZ+DWIaP6W4P8addbfIJuOysh0Ht9ks++10mmR6c2bNzBbOcIf42A= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(346002)(39860400002)(376002)(136003)(451199018)(40470700004)(46966006)(36840700001)(26005)(186003)(16526019)(1076003)(82310400005)(36860700001)(426003)(47076005)(83380400001)(356005)(40460700003)(86362001)(40480700001)(81166007)(82740400003)(36756003)(2616005)(336012)(41300700001)(70206006)(70586007)(4326008)(8676002)(44832011)(2906002)(8936002)(30864003)(5660300002)(966005)(7696005)(478600001)(110136005)(316002)(54906003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:57:05.3413 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0a90131b-39de-4dfd-7fc7-08db1876b0c8 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT098.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB8556 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Introducing two new vendor callbacks so to support virtual NMI injection example vNMI feature for SVM. - kvm_x86_is_vnmi_pending() - kvm_x86_set_vnmi_pending() Using those callbacks the KVM can take advantage of the hardware's accelerated delayed NMI delivery (currently vNMI on SVM). Once NMI is set to pending via this interface, it is assumed that the hardware will deliver the NMI on its own to the guest once all the x86 conditions for the NMI delivery are met. Note that the 'kvm_x86_set_vnmi_pending()' callback is allowed to fail, in which case a normal NMI injection will be attempted when NMI can be delivered (possibly by using a NMI window). With vNMI that can happen either if vNMI is already pending or if a nested guest is running. When the vNMI injection fails due to the 'vNMI is already pending' condition, the new NMI will be dropped unless the new NMI can be injected immediately, so no NMI window will be requested. Use '.kvm_x86_set_hw_nmi_pending' method to inject the pending NMIs for AMD's VNMI feature. Note that vNMI doesn't need nmi_window_existing feature to pend the new virtual NMI and that KVM will now be able to detect with flag (KVM_VCPUEVENT_VALID_NMI_PENDING) and pend the new NMI by raising KVM_REQ_NMI event. Signed-off-by: Santosh Shukla Co-developed-by: Maxim Levitsky Signed-off-by: Maxim Levitsky --- v3: - Fixed SOB - Merged V_NMI implementation with x86_ops delayed NMI API proposal for better readablity. - Added early WARN_ON for VNMI case in svm_enable_nmi_window. - Indentation and style fixes per v2 comment. - Removed `svm->nmi_masked` check from svm_enable_nmi_window and replaced with svm_get_nmi_mask(). - Note that I am keeping kvm_get_total_nmi_pending() logic like v2.. since `events->nmi.pending` is u8 not a boolean. https://lore.kernel.org/all/Y9mwz%2FG6+G8NSX3+@google.com/ arch/x86/include/asm/kvm-x86-ops.h | 2 + arch/x86/include/asm/kvm_host.h | 11 ++- arch/x86/kvm/svm/svm.c | 113 +++++++++++++++++++++++------ arch/x86/kvm/svm/svm.h | 22 ++++++ arch/x86/kvm/x86.c | 26 ++++++- 5 files changed, 147 insertions(+), 27 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 8dc345cc6318..092ef2398857 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -68,6 +68,8 @@ KVM_X86_OP(get_interrupt_shadow) KVM_X86_OP(patch_hypercall) KVM_X86_OP(inject_irq) KVM_X86_OP(inject_nmi) +KVM_X86_OP_OPTIONAL_RET0(is_vnmi_pending) +KVM_X86_OP_OPTIONAL_RET0(set_vnmi_pending) KVM_X86_OP(inject_exception) KVM_X86_OP(cancel_injection) KVM_X86_OP(interrupt_allowed) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 792a6037047a..f8a44c6c8633 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -878,7 +878,11 @@ struct kvm_vcpu_arch { u64 tsc_scaling_ratio; /* current scaling ratio */ atomic_t nmi_queued; /* unprocessed asynchronous NMIs */ - unsigned nmi_pending; /* NMI queued after currently running handler */ + /* + * NMI queued after currently running handler + * (not including a hardware pending NMI (e.g vNMI)) + */ + unsigned int nmi_pending; bool nmi_injected; /* Trying to inject an NMI this entry */ bool smi_pending; /* SMI queued after currently running handler */ u8 handling_intr_from_guest; @@ -1640,6 +1644,10 @@ struct kvm_x86_ops { int (*nmi_allowed)(struct kvm_vcpu *vcpu, bool for_injection); bool (*get_nmi_mask)(struct kvm_vcpu *vcpu); void (*set_nmi_mask)(struct kvm_vcpu *vcpu, bool masked); + /* returns true, if a NMI is pending injection on hardware level (e.g vNMI) */ + bool (*is_vnmi_pending)(struct kvm_vcpu *vcpu); + /* attempts make a NMI pending via hardware interface (e.g vNMI) */ + bool (*set_vnmi_pending)(struct kvm_vcpu *vcpu); void (*enable_nmi_window)(struct kvm_vcpu *vcpu); void (*enable_irq_window)(struct kvm_vcpu *vcpu); void (*update_cr8_intercept)(struct kvm_vcpu *vcpu, int tpr, int irr); @@ -2004,6 +2012,7 @@ int kvm_pic_set_irq(struct kvm_pic *pic, int irq, int irq_source_id, int level); void kvm_pic_clear_all(struct kvm_pic *pic, int irq_source_id); void kvm_inject_nmi(struct kvm_vcpu *vcpu); +int kvm_get_total_nmi_pending(struct kvm_vcpu *vcpu); void kvm_update_dr7(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index da936723e8ca..84d9d2566629 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -230,6 +230,8 @@ module_param(dump_invalid_vmcb, bool, 0644); bool intercept_smi = true; module_param(intercept_smi, bool, 0444); +bool vnmi = true; +module_param(vnmi, bool, 0444); static bool svm_gp_erratum_intercept = true; @@ -1311,6 +1313,9 @@ static void init_vmcb(struct kvm_vcpu *vcpu) if (kvm_vcpu_apicv_active(vcpu)) avic_init_vmcb(svm, vmcb); + if (vnmi) + svm->vmcb->control.int_ctl |= V_NMI_ENABLE_MASK; + if (vgif) { svm_clr_intercept(svm, INTERCEPT_STGI); svm_clr_intercept(svm, INTERCEPT_CLGI); @@ -3508,6 +3513,38 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu) ++vcpu->stat.nmi_injections; } +static bool svm_is_vnmi_pending(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (!is_vnmi_enabled(svm)) + return false; + + return !!(svm->vmcb->control.int_ctl & V_NMI_BLOCKING_MASK); +} + +static bool svm_set_vnmi_pending(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (!is_vnmi_enabled(svm)) + return false; + + if (svm->vmcb->control.int_ctl & V_NMI_PENDING_MASK) + return false; + + svm->vmcb->control.int_ctl |= V_NMI_PENDING_MASK; + vmcb_mark_dirty(svm->vmcb, VMCB_INTR); + + /* + * NMI isn't yet technically injected but + * this rough estimation should be good enough + */ + ++vcpu->stat.nmi_injections; + + return true; +} + static void svm_inject_irq(struct kvm_vcpu *vcpu, bool reinjected) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3603,6 +3640,35 @@ static void svm_update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr) svm_set_intercept(svm, INTERCEPT_CR8_WRITE); } +static bool svm_get_nmi_mask(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (is_vnmi_enabled(svm)) + return svm->vmcb->control.int_ctl & V_NMI_BLOCKING_MASK; + else + return svm->nmi_masked; +} + +static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (is_vnmi_enabled(svm)) { + if (masked) + svm->vmcb->control.int_ctl |= V_NMI_BLOCKING_MASK; + else + svm->vmcb->control.int_ctl &= ~V_NMI_BLOCKING_MASK; + + } else { + svm->nmi_masked = masked; + if (masked) + svm_set_iret_intercept(svm); + else + svm_clr_iret_intercept(svm); + } +} + bool svm_nmi_blocked(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3614,8 +3680,10 @@ bool svm_nmi_blocked(struct kvm_vcpu *vcpu) if (is_guest_mode(vcpu) && nested_exit_on_nmi(svm)) return false; - return (vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK) || - svm->nmi_masked; + if (svm_get_nmi_mask(vcpu)) + return true; + + return vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK; } static int svm_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection) @@ -3633,24 +3701,6 @@ static int svm_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection) return 1; } -static bool svm_get_nmi_mask(struct kvm_vcpu *vcpu) -{ - return to_svm(vcpu)->nmi_masked; -} - -static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) -{ - struct vcpu_svm *svm = to_svm(vcpu); - - if (masked) { - svm->nmi_masked = true; - svm_set_iret_intercept(svm); - } else { - svm->nmi_masked = false; - svm_clr_iret_intercept(svm); - } -} - bool svm_interrupt_blocked(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3731,7 +3781,14 @@ static void svm_enable_nmi_window(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); - if (svm->nmi_masked && !svm->awaiting_iret_completion) + /* + * NMI window not needed with vNMI enabled + * and if reached here then better WARN and + * continue to single step. + */ + WARN_ON_ONCE(is_vnmi_enabled(svm)); + + if (svm_get_nmi_mask(vcpu) && !svm->awaiting_iret_completion) return; /* IRET will cause a vm exit */ if (!gif_set(svm)) { @@ -3745,8 +3802,8 @@ static void svm_enable_nmi_window(struct kvm_vcpu *vcpu) * problem (IRET or exception injection or interrupt shadow) */ svm->nmi_singlestep_guest_rflags = svm_get_rflags(vcpu); - svm->nmi_singlestep = true; svm->vmcb->save.rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF); + svm->nmi_singlestep = true; } static void svm_flush_tlb_current(struct kvm_vcpu *vcpu) @@ -4780,6 +4837,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .patch_hypercall = svm_patch_hypercall, .inject_irq = svm_inject_irq, .inject_nmi = svm_inject_nmi, + .is_vnmi_pending = svm_is_vnmi_pending, + .set_vnmi_pending = svm_set_vnmi_pending, .inject_exception = svm_inject_exception, .cancel_injection = svm_cancel_injection, .interrupt_allowed = svm_interrupt_allowed, @@ -5070,6 +5129,16 @@ static __init int svm_hardware_setup(void) pr_info("Virtual GIF supported\n"); } + vnmi = vgif && vnmi && boot_cpu_has(X86_FEATURE_AMD_VNMI); + if (vnmi) + pr_info("Virtual NMI enabled\n"); + + if (!vnmi) { + svm_x86_ops.is_vnmi_pending = NULL; + svm_x86_ops.set_vnmi_pending = NULL; + } + + if (lbrv) { if (!boot_cpu_has(X86_FEATURE_LBRV)) lbrv = false; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 839809972da1..fb48c347bbe0 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -36,6 +36,7 @@ extern bool npt_enabled; extern int vgif; extern bool intercept_smi; extern bool x2avic_enabled; +extern bool vnmi; /* * Clean bits in VMCB. @@ -548,6 +549,27 @@ static inline bool is_x2apic_msrpm_offset(u32 offset) (msr < (APIC_BASE_MSR + 0x100)); } +static inline struct vmcb *get_vnmi_vmcb_l1(struct vcpu_svm *svm) +{ + if (!vnmi) + return NULL; + + if (is_guest_mode(&svm->vcpu)) + return NULL; + else + return svm->vmcb01.ptr; +} + +static inline bool is_vnmi_enabled(struct vcpu_svm *svm) +{ + struct vmcb *vmcb = get_vnmi_vmcb_l1(svm); + + if (vmcb) + return !!(vmcb->control.int_ctl & V_NMI_ENABLE_MASK); + else + return false; +} + /* svm.c */ #define MSR_INVALID 0xffffffffU diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index b22074f467e0..b5354249fe00 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5113,7 +5113,7 @@ static void kvm_vcpu_ioctl_x86_get_vcpu_events(struct kvm_vcpu *vcpu, events->interrupt.shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu); events->nmi.injected = vcpu->arch.nmi_injected; - events->nmi.pending = vcpu->arch.nmi_pending; + events->nmi.pending = kvm_get_total_nmi_pending(vcpu); events->nmi.masked = static_call(kvm_x86_get_nmi_mask)(vcpu); /* events->sipi_vector is never valid when reporting to user space */ @@ -5201,9 +5201,9 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, vcpu->arch.nmi_injected = events->nmi.injected; if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING) { - vcpu->arch.nmi_pending = events->nmi.pending; - if (vcpu->arch.nmi_pending) - kvm_make_request(KVM_REQ_NMI, vcpu); + vcpu->arch.nmi_pending = 0; + atomic_set(&vcpu->arch.nmi_queued, events->nmi.pending); + kvm_make_request(KVM_REQ_NMI, vcpu); } static_call(kvm_x86_set_nmi_mask)(vcpu, events->nmi.masked); @@ -10156,13 +10156,31 @@ static void process_nmi(struct kvm_vcpu *vcpu) else limit = 2; + /* + * Adjust the limit to account for pending virtual NMIs, which aren't + * tracked in vcpu->arch.nmi_pending. + */ + if (static_call(kvm_x86_is_vnmi_pending)(vcpu)) + limit--; + vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0); vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit); + if (vcpu->arch.nmi_pending && + (static_call(kvm_x86_set_vnmi_pending)(vcpu))) + vcpu->arch.nmi_pending--; + if (vcpu->arch.nmi_pending) kvm_make_request(KVM_REQ_EVENT, vcpu); } +/* Return total number of NMIs pending injection to the VM */ +int kvm_get_total_nmi_pending(struct kvm_vcpu *vcpu) +{ + return vcpu->arch.nmi_pending + static_call(kvm_x86_is_vnmi_pending)(vcpu); +} + + void kvm_make_scan_ioapic_request_mask(struct kvm *kvm, unsigned long *vcpu_bitmap) { From patchwork Mon Feb 27 03:54:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Santosh Shukla X-Patchwork-Id: 13152711 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CD921C64ED6 for ; Mon, 27 Feb 2023 04:00:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229627AbjB0EA5 (ORCPT ); Sun, 26 Feb 2023 23:00:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38754 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229545AbjB0EA4 (ORCPT ); Sun, 26 Feb 2023 23:00:56 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2083.outbound.protection.outlook.com [40.107.237.83]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85CCD449D; Sun, 26 Feb 2023 20:00:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nRRUPLrpzZdP9kpRkU+2WiztXWJ6Lc7WErLA0n8BvRfdU7NMvmetHZSNPvnTepLPM0n0M3dD5CyIECSsStZemJPS5SIUVijeXTgPFc3y8SiJsPkv44mCJQBWjXvhBSEhe31kdDlEsfbSIVzTn8ElYwW0A5cLB9LGXXBYkTnb/oeMoQ5mcMBSaetUUBOeoXbVmg4MzrtpGEQWyAJGCMAWk9SZ2okV3zNPRW++vKQinzNOBWNFNIeVKmOZkO00r8sEXakOA4IQtx5NxIGoMUQJxsq/zSza4vpBbLZL3XFSq42uiMt9f286U5upmIWBNM8EprKAM0qkd9fD71UiJh6q2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9u4xVXYBKQLka0SdRLlVEKG9tVqHgP9QE+7II39nWow=; b=TRUpU11cDXga+IPJ1RnHk8V8loc69zlAU43pbZz1D9oFF0mBWqJDYsQj5YaYgaMQGd5YpjdhfX2fxessUk3Y17CiJZI46vmAA5n1GcKwt/mxNSgDY0oO5DiFDV9c+tYqTAanP1iU+mTrRhD4X2pznxgmAw2L9AD1pki5OtdWB6G1Q5FrHP5M12SVDuYE28VHBju9dLFIo0pt+XIMjSIZszzXeLPvwXpcpel/oCRfhJGrxH2x6ZrUd9iV0ixPvSP9MtTuXrSnxMaIx9R6l+slbfCTjIgs45/shc48gMKTMrSU8jnmj8ckeec2ESz1IkJ190+GLcXqQVXk4UocsBwSEw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9u4xVXYBKQLka0SdRLlVEKG9tVqHgP9QE+7II39nWow=; b=iPBQSgjT8p3oPG8cF9NqRCiriWHDRRvNOZ63DiN6w8O4A/gyEQTAZWbmjmQmBv9mkZ03dsjKuAiyUO6Ma/BD7/fCkd9K6HmOl9fP63AYYFkOgyIQ9aM6Hju8ADhBnkJ0bzia2r9UF7V0yo16WaH9LilGbpXj4mU6E7agFb1i89I= Received: from DS7PR03CA0227.namprd03.prod.outlook.com (2603:10b6:5:3ba::22) by IA0PR12MB7724.namprd12.prod.outlook.com (2603:10b6:208:430::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.25; Mon, 27 Feb 2023 03:57:23 +0000 Received: from DM6NAM11FT114.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3ba:cafe::9d) by DS7PR03CA0227.outlook.office365.com (2603:10b6:5:3ba::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 03:57:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT114.mail.protection.outlook.com (10.13.172.206) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.12 via Frontend Transport; Mon, 27 Feb 2023 03:57:23 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Sun, 26 Feb 2023 21:57:18 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv3 10/10] KVM: nSVM: implement support for nested VNMI Date: Mon, 27 Feb 2023 09:24:00 +0530 Message-ID: <20230227035400.1498-11-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227035400.1498-1-santosh.shukla@amd.com> References: <20230227035400.1498-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT114:EE_|IA0PR12MB7724:EE_ X-MS-Office365-Filtering-Correlation-Id: 2f73c24a-64dd-45b3-b459-08db1876bb6c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: b2FYZ68RVOM26ioss4wsAUt+vA8/nqGkL4iaygKZAHJTbFQFYn5u0sazX3zDyi9HLrE8yQjq4JU963kJ77JxvfeNObsetK9pYarKw9TzhVRLRfTdOP1Kvtq0yzENbnX0p82eALmcx0ec7gxpbjHzeSHg2J4dybBfd69NhK+ScEo4eGQ+mBzGLI4ZPgU3Ef3WWq37410F4NDLiXh2h1DvUXpo4L5WsZ3br00xu9305beyk3ZWgoYwYmWGCP0Pw669PKeaJBq5KhV6SKC55ElpBYl3aBcXXc9d0LgHz/ZjJNm8IAUYuRtuhuYn24ATa6kD3pD1G+EmXQMQYICcef5N6gzbCj6u3ZUlaSr2PNAbZnKl/RvzU8lmymwdq3+/+LB718RTRx3iz+28+yw63V9ePXvEIoXfAOD12ixUdhbs8SFx0mo7ISmLJyk2V07tt2F6fqqt2P+K/DCk13Vsy/r5DfYyFWgHDYsQCQEM6hmxkgwmU6/KfQC8Za4/v3+24IyW1D7v0ZhvS7qz1mQd6bJrshk+nlTNRo9+ffYCUQkTCWgM1H6IOBn1iSvEcVSYNwXsy1DHXCP58d1apbFIUuKnp6ocj9lX0kJUawT9htOfy5K90BtUE7dG7L8OqpqFcOGMhO7yOKNaP7s+2WCCWeOstHPfhcMjygS/9I5wZqsIi/n0lygWGYyK4XpCZPVPdFbo9CH9tr06swZmRMO3dVm/tvHWtlPhTJ0kvjJXYZTfV54= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(39860400002)(136003)(346002)(376002)(451199018)(46966006)(40470700004)(36840700001)(40460700003)(16526019)(82740400003)(81166007)(356005)(4326008)(8936002)(41300700001)(70586007)(8676002)(2906002)(70206006)(36860700001)(5660300002)(40480700001)(336012)(26005)(478600001)(7696005)(44832011)(1076003)(186003)(426003)(2616005)(6666004)(47076005)(966005)(83380400001)(316002)(36756003)(82310400005)(86362001)(54906003)(110136005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 03:57:23.1946 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2f73c24a-64dd-45b3-b459-08db1876bb6c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT114.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB7724 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Allows L1 to use vNMI to accelerate its injection of NMI to L2 by passing through vNMI int_ctl bits from vmcb12 to/from vmcb02. In case of L1 and L2 both using VNMI- Copy VNMI bits from vmcb12 to vmcb02 during entry and vice-versa during exit. And in case of L1 uses VNMI and L2 doesn't- Copy VNMI bits from vmcb01 to vmcb02 during entry and vice-versa during exit. Tested with the KVM-unit-test and Nested Guest scenario. Co-developed-by: Maxim Levitsky Signed-off-by: Maxim Levitsky Signed-off-by: Santosh Shukla --- v3: - Fix identiation and style issue. - Fix SOB - Removed `svm->nmi_masked` var use for nested svm case. - Reworded the commit description. https://lore.kernel.org/all/Y9m15P8xQ2dxvIzd@google.com/ arch/x86/kvm/svm/nested.c | 33 +++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 5 +++++ arch/x86/kvm/svm/svm.h | 6 ++++++ 3 files changed, 44 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 74e9e9e76d77..b018fe2fdf88 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -281,6 +281,11 @@ static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, if (CC(!nested_svm_check_tlb_ctl(vcpu, control->tlb_ctl))) return false; + if (CC((control->int_ctl & V_NMI_ENABLE_MASK) && + !vmcb12_is_intercept(control, INTERCEPT_NMI))) { + return false; + } + return true; } @@ -436,6 +441,9 @@ void nested_sync_control_from_vmcb02(struct vcpu_svm *svm) if (nested_vgif_enabled(svm)) mask |= V_GIF_MASK; + if (nested_vnmi_enabled(svm)) + mask |= V_NMI_BLOCKING_MASK | V_NMI_PENDING_MASK; + svm->nested.ctl.int_ctl &= ~mask; svm->nested.ctl.int_ctl |= svm->vmcb->control.int_ctl & mask; } @@ -655,6 +663,17 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, else int_ctl_vmcb01_bits |= (V_GIF_MASK | V_GIF_ENABLE_MASK); + if (vnmi) { + if (vmcb01->control.int_ctl & V_NMI_PENDING_MASK) { + svm->vcpu.arch.nmi_pending++; + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); + } + if (nested_vnmi_enabled(svm)) + int_ctl_vmcb12_bits |= (V_NMI_PENDING_MASK | + V_NMI_ENABLE_MASK | + V_NMI_BLOCKING_MASK); + } + /* Copied from vmcb01. msrpm_base can be overwritten later. */ vmcb02->control.nested_ctl = vmcb01->control.nested_ctl; vmcb02->control.iopm_base_pa = vmcb01->control.iopm_base_pa; @@ -1058,6 +1077,20 @@ int nested_svm_vmexit(struct vcpu_svm *svm) svm_update_lbrv(vcpu); } + if (vnmi) { + if (vmcb02->control.int_ctl & V_NMI_BLOCKING_MASK) + vmcb01->control.int_ctl |= V_NMI_BLOCKING_MASK; + else + vmcb01->control.int_ctl &= ~V_NMI_BLOCKING_MASK; + + if (vcpu->arch.nmi_pending) { + vcpu->arch.nmi_pending--; + vmcb01->control.int_ctl |= V_NMI_PENDING_MASK; + } else + vmcb01->control.int_ctl &= ~V_NMI_PENDING_MASK; + + } + /* * On vmexit the GIF is set to false and * no event can be injected in L1. diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 84d9d2566629..08b7856e2da2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4226,6 +4226,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) svm->vgif_enabled = vgif && guest_cpuid_has(vcpu, X86_FEATURE_VGIF); + svm->vnmi_enabled = vnmi && guest_cpuid_has(vcpu, X86_FEATURE_AMD_VNMI); + svm_recalc_instruction_intercepts(vcpu, svm); /* For sev guests, the memory encryption bit is not reserved in CR3. */ @@ -4981,6 +4983,9 @@ static __init void svm_set_cpu_caps(void) if (vgif) kvm_cpu_cap_set(X86_FEATURE_VGIF); + if (vnmi) + kvm_cpu_cap_set(X86_FEATURE_AMD_VNMI); + /* Nested VM can receive #VMEXIT instead of triggering #GP */ kvm_cpu_cap_set(X86_FEATURE_SVME_ADDR_CHK); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index fb48c347bbe0..e229eadbf1ce 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -266,6 +266,7 @@ struct vcpu_svm { bool pause_filter_enabled : 1; bool pause_threshold_enabled : 1; bool vgif_enabled : 1; + bool vnmi_enabled : 1; u32 ldr_reg; u32 dfr_reg; @@ -540,6 +541,11 @@ static inline bool nested_npt_enabled(struct vcpu_svm *svm) return svm->nested.ctl.nested_ctl & SVM_NESTED_CTL_NP_ENABLE; } +static inline bool nested_vnmi_enabled(struct vcpu_svm *svm) +{ + return svm->vnmi_enabled && (svm->nested.ctl.int_ctl & V_NMI_ENABLE_MASK); +} + static inline bool is_x2apic_msrpm_offset(u32 offset) { /* 4 msrs per u8, and 4 u8 in u32 */