From patchwork Mon Feb 27 08:40:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153114 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 57638C64ED6 for ; Mon, 27 Feb 2023 09:05:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229830AbjB0JFf (ORCPT ); Mon, 27 Feb 2023 04:05:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59824 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229515AbjB0JFV (ORCPT ); Mon, 27 Feb 2023 04:05:21 -0500 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2060a.outbound.protection.outlook.com [IPv6:2a01:111:f400:7eab::60a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0187E1F932; Mon, 27 Feb 2023 00:55:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VE6k4FXKGya4dEl9LXtQgytAxPldWzdINkPmU8L5UmEHgAInwZ9VtBM2eDL2D5lTLQ17O+/3hrRsfODW7sHrZpcwulVz17PEmRWubYlwuIZ7nrFz5SDVV5fIP64eGI9Y/OrwOC3Twtr52OJe+f4R11CEv/hsP/PDFcX+RkkeF921MgDHulZsWtBTd/XcT5CSVH5FhcWuOYj2CMDCypBOf3JBz5BhL9sK6ciphEiIVD6QcPzEQJGmL7K85F0PSiMaUW986WkJYdT2xIBE1mnC2zSP/o9/F//4/ywdQOmri4M4Vx1bPU7Q9EkzwmslbPm/oIYucuw6N2PrY9ND94r7eQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rxnFIqUQ+cmEzzQR6Ld4Tbpvux413oM9nXqAupa0lDM=; b=VtAIqK9SLfyX7tpwjWTuUCYZTHiMVTH0VAATWVIHGMttJ0b9XBxpFjjD5POf8g+LCggi3UobxtM0va/3ofUk6qB3DFNhld3JAmVzcbnlbYtl8Umd4MtaipPS5LeHkuuWUxa02SsylCmPy6BxSC275nsYLYeVifPY8DReaK/lL6K1u5fTo7P58lFNRIg4CH5fiVpOSl8TpV7avtBRTcjO6K8++lFIhKs6lNRdTewaZPrUsjmYH9m5Fiv4NYcEKCXci5DDFR97qtY68nBSjSBx9QHn3XAiCL8oSa/UkZ1leQx1X3gE6Ik+Bd80Z06WqLcoRHUp+54x3uH6Zo5VViTLyA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rxnFIqUQ+cmEzzQR6Ld4Tbpvux413oM9nXqAupa0lDM=; b=sQlVTYGhYRLRuIOijBzbtSPIWWvavmOI1EZycmLPSb17Yj3C+vTQor62DuvaYab1VKFuJX+Xj/mgs9WeewfSVkxhEodHe4aDt9hxdo1lHn6dfdgXrSYMPTr7TervmLLgJenORj5NKQLZ2AcNIUQxqC0SovjPGkXrXBMPMy8vcGs= Received: from MW4PR03CA0157.namprd03.prod.outlook.com (2603:10b6:303:8d::12) by MW4PR12MB7484.namprd12.prod.outlook.com (2603:10b6:303:212::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.25; Mon, 27 Feb 2023 08:40:48 +0000 Received: from CO1NAM11FT035.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8d:cafe::24) by MW4PR03CA0157.outlook.office365.com (2603:10b6:303:8d::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28 via Frontend Transport; Mon, 27 Feb 2023 08:40:48 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT035.mail.protection.outlook.com (10.13.175.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 08:40:47 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:40:43 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 01/11] KVM: nSVM: Don't sync vmcb02 V_IRQ back to vmcb12 if KVM (L0) is intercepting VINTR Date: Mon, 27 Feb 2023 14:10:06 +0530 Message-ID: <20230227084016.3368-2-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT035:EE_|MW4PR12MB7484:EE_ X-MS-Office365-Filtering-Correlation-Id: 22cab38b-e67e-427b-5ace-08db189e531d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1mUDF6RmcMdfVpGAGflBe9m1DMuNCst/1461WhREenmVPepTOjpVea/327UmvLBMncp+q75UKlb+4VY7f04Nvby5NuMdOPF3kZNEdmTMqG7Wz6bdRRAYzivWnpkt/5B4tf5lTjtBPrXDO/YmQXijiAs8x9JYMcUANEoR+63ElHHwBY6S3+aDoogtXVyk3zx7EBG1Qt9MtnA5QIpyC56uMuRu1jTJSKLGMrz1zcfkgHj4+sV/wZ4yR4plryC48tiTL21ZBfBvVTz5fnCrY1/Q2l3CY3Z5PBAg4l0xRN8CF6Ul7N5uO5hQE+2WnNX8YpUqqWUL2eyUSEG3okBLbJwZj74kqS95f83eaKmb3i32ZjQDlTjtVpQk6xFjeGEuThIo4rARaWH2cPxEBA0i1yPOegcfmB//t4MKU0yxeFMVpQDnykqYCFJQQKgj9qDLXzboO3+rkKZ7QsxAic8RMQPguloW7O6iM1nfN/T81LUQhZYbMFrS83wu95nx6nvbfr6gexB99Z1bHZUiqYt8FHz3TSMqj2sS789BgyHxzhcetaxoayG8Ub5b+YDtL2+vVjaYAdkRfRkRwriZqjySl15yTGsqZPLOUPHDcFdy4DDB773gvHw0ne3a5AXWr/aTC0htyw5t9KBvJZVeCEcQZR4QhSoNO3p77SkT1mFvfZZZCrk5OrW/GSBmHSwMyGN4/IeD8ujOLsTGTjccMcIyts/RzykpmrclPUTMPKpViBwqFNs= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(396003)(136003)(376002)(39860400002)(451199018)(46966006)(40470700004)(36840700001)(83380400001)(966005)(316002)(36756003)(54906003)(110136005)(82310400005)(86362001)(40460700003)(16526019)(44832011)(2906002)(7696005)(36860700001)(8936002)(70586007)(5660300002)(8676002)(70206006)(41300700001)(4326008)(1076003)(6666004)(186003)(2616005)(26005)(47076005)(478600001)(336012)(40480700001)(426003)(81166007)(356005)(82740400003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:40:47.9670 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 22cab38b-e67e-427b-5ace-08db189e531d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT035.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7484 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Santosh Shukla Don't sync vmcb02 V_IRQ back to vmcb12 if KVM (L0) is intercepting virtual interrupts in order to request an interrupt window, as KVM has usurped vmcb02's int_ctl. If an interrupt window opens before the next VM-Exit, svm_clear_vintr() will restore vmcb12's int_ctl. If no window opens, V_IRQ will be correctly preserved in vmcb12's int_ctl (because it was never recognized while L2 was running). Suggested-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v4: https://lore.kernel.org/all/Y9hybI65So5X2LFg@google.com/ suggested by Sean. arch/x86/kvm/svm/nested.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 05d38944a6c0..fbade158d368 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -416,18 +416,17 @@ void nested_sync_control_from_vmcb02(struct vcpu_svm *svm) /* Only a few fields of int_ctl are written by the processor. */ mask = V_IRQ_MASK | V_TPR_MASK; - if (!(svm->nested.ctl.int_ctl & V_INTR_MASKING_MASK) && - svm_is_intercept(svm, INTERCEPT_VINTR)) { - /* - * In order to request an interrupt window, L0 is usurping - * svm->vmcb->control.int_ctl and possibly setting V_IRQ - * even if it was clear in L1's VMCB. Restoring it would be - * wrong. However, in this case V_IRQ will remain true until - * interrupt_window_interception calls svm_clear_vintr and - * restores int_ctl. We can just leave it aside. - */ + /* + * Don't sync vmcb02 V_IRQ back to vmcb12 if KVM (L0) is intercepting + * virtual interrupts in order to request an interrupt window, as KVM + * has usurped vmcb02's int_ctl. If an interrupt window opens before + * the next VM-Exit, svm_clear_vintr() will restore vmcb12's int_ctl. + * If no window opens, V_IRQ will be correctly preserved in vmcb12's + * int_ctl (because it was never recognized while L2 was running). + */ + if (svm_is_intercept(svm, INTERCEPT_VINTR) && + !test_bit(INTERCEPT_VINTR, (unsigned long *)svm->nested.ctl.intercepts)) mask &= ~V_IRQ_MASK; - } if (nested_vgif_enabled(svm)) mask |= V_GIF_MASK; From patchwork Mon Feb 27 08:40:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153088 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5D759C64ED8 for ; Mon, 27 Feb 2023 08:50:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231528AbjB0Iuq (ORCPT ); Mon, 27 Feb 2023 03:50:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36640 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230292AbjB0IuP (ORCPT ); Mon, 27 Feb 2023 03:50:15 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2062b.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8a::62b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AEB79A26D; Mon, 27 Feb 2023 00:42:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kLJ/c25XFm4noYvXpSzXgVejeVBx3luFl/sUtDAvloe2cR9sFWUoD/7QrKJn/8TN7ih/KODIyMeR5gfvvwOcbGqnFlDJYqeHbNOG34fnQIPC5CzRq6DfhRNsodC3nUQq5xlG+9LApahwZonVONLUNB8TJtVHH7kj+tUltoViozxwiaLCVg2blNazG0NRk/NkZH+HtExcHZrOhCuoiy9Ef+6rDfnvPVdJxqst41cWPTQYY0j3M5+CstExbbhqsuUA5O8huxga32jbHPh9P43+oR5EZCm50gEkHsWYba1vlDW7G2uO3aJ+1MJFIPcaDdgm3kf/CvOkQ9XIisb6t71BOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gd7MYIu4mHbFu38bGyi94/NKEegCYzVzkeE5RgtBi8o=; b=VGlk9MC8uvMgfdu9ZWHcKWaFB6WKfKH509wL6WoU6uRqd/7YRVIJ3WVAuWe94Ri0l1Yyu/DTJ9E5KFcaNuN4XxSC/S2ZYRVgt9PYixWQ8kD5nhV6qw95kMvqa1uCZGxEtG9n/3mTtL2LuIc53Ajv07bZ0Js4cXSg8xEEb2YeaxY6LZOwn51QiOCCZTU2x3yRVDwkMhEZe52Y4eqTNhmeW/RjCnzRQsOlR/Rz2kB2PF7CGM3RngRlP8Zp8vKaVMI4F0WsCIhbFe+DXUNW7U0Y5N90/xoTEJd41WMTNhX2hg8DUik4jwNxjDpRYVrWniEy1Pz0wHSi9feP+wEkMvhUXw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gd7MYIu4mHbFu38bGyi94/NKEegCYzVzkeE5RgtBi8o=; b=Fxn8ixa2a7UNywUGiLCqN5A1NXRx46rCFMBgqS6NQ4hRW4ktsNhjYggi4ibn9IbWS50Klla2pPgEZonKdtgQlDeFPYdewisaNISpqWawfaaCQd1+8GdRBj0Z0zzQoSPFUyNIDV5wW3fdKOghKGmrIOTdFGQnJnehfZO5ZVeD35U= Received: from MW4PR02CA0018.namprd02.prod.outlook.com (2603:10b6:303:16d::17) by DM4PR12MB7576.namprd12.prod.outlook.com (2603:10b6:8:10c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 08:41:21 +0000 Received: from CO1NAM11FT036.eop-nam11.prod.protection.outlook.com (2603:10b6:303:16d:cafe::fa) by MW4PR02CA0018.outlook.office365.com (2603:10b6:303:16d::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27 via Frontend Transport; Mon, 27 Feb 2023 08:41:21 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT036.mail.protection.outlook.com (10.13.174.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 08:41:21 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:41:14 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 02/11] KVM: nSVM: Disable intercept of VINTR if saved RFLAG.IF is 0 Date: Mon, 27 Feb 2023 14:10:07 +0530 Message-ID: <20230227084016.3368-3-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT036:EE_|DM4PR12MB7576:EE_ X-MS-Office365-Filtering-Correlation-Id: c564e090-dc91-4a6d-6cf6-08db189e6733 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: rECC4YCr4ELFVE91c3kEzKwo2IGQWQUehNvAlEeUNzdCMDlM7V/pbLQfFCNnP5W7+Bf7RLQUuuZr0E5IG5M/v9l2PphS5vJN+rmZYNQDwAZH0aACIo8z2XA9wow1DfG5iiUYPlqdH1Vff7rTuMH5uHXhUFHU4O/Kcmu26sgUYDSaAWHJYTBvVCCK21tTxIIoQREet9ZB38XGFLgkX7rPj6GkLeS1JnkXfmnq9bTb2tz7+gFzqhKlfZqnojJV4q7NUIzIrafcHnI1GBSFMMCTMwSB6GZEVBEOpgw3EA6IqaALg+1LMOqeEEvPdaqqyaPQdYlFgCTUOg1Ey/ITt7iRR9FuAnBC5LfTb5krQlbUtA2MkVwCAEBBhxcE0tJWHFUh9BsWQHl0Q/sqIE1chkP/BB0u4zkeGQ/LxytFXrS8qEqo8bLTSkXleg34Oa4Lyn1EyJL2GtdbGfoG0wYafxfcqK0JaGIW5OKmuC0MBI3R8P0T3pJvV+GfO7klLLdHVI//mPtcwM1vdz1PB6cRp4s+cVcggwPa5nSzWST1i+/v5PxoRkx3y0t0Jdt8eopNg+zESIV8GUSbw9orzw6Aa3ILvqxJ8YRByBywG/yjCyXc1aUFqs6nnt0JZCgpts98lCyRdGSG9qcb7qZ5IrM17Vf1pPeMrlEqT098/4396Z8L2LyIceEQTDL2KAFQn8qXsZiDIk4LediW5TLV6D0pygTsQTYxXifE/4JvgGiYyhinqYo= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(396003)(136003)(346002)(39860400002)(451199018)(46966006)(40470700004)(36840700001)(336012)(47076005)(426003)(110136005)(54906003)(316002)(40460700003)(36756003)(40480700001)(86362001)(356005)(81166007)(36860700001)(82740400003)(1076003)(82310400005)(6666004)(83380400001)(2616005)(186003)(26005)(16526019)(5660300002)(2906002)(8936002)(966005)(7696005)(478600001)(4326008)(41300700001)(44832011)(8676002)(70586007)(70206006)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:41:21.6817 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c564e090-dc91-4a6d-6cf6-08db189e6733 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT036.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB7576 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Santosh Shukla Disable intercept of virtual interrupts (used to detect interrupt windows) if the saved RFLAGS.IF is '0', as the effective RFLAGS.IF for L1 interrupts will never be set while L2 is running (L2's RFLAGS.IF doesn't affect L1 IRQs). Suggested-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v3: https://lore.kernel.org/all/Y9hybI65So5X2LFg@google.com/ suggested by Sean. arch/x86/kvm/svm/nested.c | 15 ++++++++++----- arch/x86/kvm/svm/svm.c | 10 ++++++++++ 2 files changed, 20 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index fbade158d368..107258ed46ee 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -139,13 +139,18 @@ void recalc_intercepts(struct vcpu_svm *svm) if (g->int_ctl & V_INTR_MASKING_MASK) { /* - * Once running L2 with HF_VINTR_MASK, EFLAGS.IF and CR8 - * does not affect any interrupt we may want to inject; - * therefore, writes to CR8 are irrelevant to L0, as are - * interrupt window vmexits. + * If L2 is active and V_INTR_MASKING is enabled in vmcb12, + * disable intercept of CR8 writes as L2's CR8 does not affect + * any interrupt KVM may want to inject. + * + * Similarly, disable intercept of virtual interrupts (used to + * detect interrupt windows) if the saved RFLAGS.IF is '0', as + * the effective RFLAGS.IF for L1 interrupts will never be set + * while L2 is running (L2's RFLAGS.IF doesn't affect L1 IRQs). */ vmcb_clr_intercept(c, INTERCEPT_CR8_WRITE); - vmcb_clr_intercept(c, INTERCEPT_VINTR); + if (!(svm->vmcb01.ptr->save.rflags & X86_EFLAGS_IF)) + vmcb_clr_intercept(c, INTERCEPT_VINTR); } /* diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b43775490074..cf6ae093ed19 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1583,6 +1583,16 @@ static void svm_set_vintr(struct vcpu_svm *svm) svm_set_intercept(svm, INTERCEPT_VINTR); + /* + * Recalculating intercepts may have clear the VINTR intercept. If + * V_INTR_MASKING is enabled in vmcb12, then the effective RFLAGS.IF + * for L1 physical interrupts is L1's RFLAGS.IF at the time of VMRUN. + * Requesting an interrupt window if save.RFLAGS.IF=0 is pointless as + * interrupts will never be unblocked while L2 is running. + */ + if (!svm_is_intercept(svm, INTERCEPT_VINTR)) + return; + /* * This is just a dummy VINTR to actually cause a vmexit to happen. * Actual injection of virtual interrupts happens through EVENTINJ. From patchwork Mon Feb 27 08:40:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153089 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AA343C64ED8 for ; Mon, 27 Feb 2023 08:51:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231347AbjB0IvF (ORCPT ); Mon, 27 Feb 2023 03:51:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42328 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229693AbjB0Iua (ORCPT ); Mon, 27 Feb 2023 03:50:30 -0500 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on20614.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5b::614]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 30EF210266; Mon, 27 Feb 2023 00:43:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B8DVkhNGIhDcpBdknfslgrLf/omZyqlTRHYE0GSM+cK1+9yogsRHoHb4wFTB2VpAb7ZMkQjsACkt5ud67cUHutJKy7z6gXGeKSB9DKmv5FZd84oA0WwwlUU4OFg2O3fzelqnsM6YXd81D8Xkgqa6ZK9aRm46GmtrxNRQViM59fkdIkbgrg1bkhRnB/yHGZi7nc6pcc+DzzHJrpvom3Uw++0OBWPVRLhN4G0+718d9jI/YqLYt7uo0hTQA38qy0NSIFzOdFcIrVpx8tjkqOk7ntA8w1/RlKqx8wwJi+8WMBEl8uUTeby2JEA7+oAB/zDw+TWV9XVP57eqmC7297VKJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wCjtjmUdub70yTg9UFMKx1gKdxsTkWLFgb+6eHx1Yxw=; b=TRGnSIG+OwUvuFCxrRwf2D2N+VwAgyXWtIDJx7MR+X20eKosdCTXg+tmUKISXtxOIF+uw6r92bgI0MYA9za6TQlkxMz6sIuYcsdim1MQmwokh4pcA0RAD/vPE0IBVjDGttD0R5V7g6oDrVjeZEhP1IFA9nHVNRU5PSS5f5ETTBcWMNxX2y4xIbS8V8SVlpXK5d8m65d57+oGMVipk+rprG4vkFj1Q42QQLnR/Vu48sfFmKWR3kKQY0Xj0nbkt9Qn/3eKqwFI/gxwT4Fe/JdLlVGkHBZ6AiljvNzVf1g86wuZ9DNrVXpk3wW0ycuQN0fYhF/rzYrU4FjYJzp+cLP5Yw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wCjtjmUdub70yTg9UFMKx1gKdxsTkWLFgb+6eHx1Yxw=; b=pByBlHiVt508TxuSyt0wKFkfxXPML2KlszyJllFn672vtvNkaOxJJMa3erxKz03pJ5DuLtgtpdsKATKOGwoRYHsfs9/86Ds5QsIWZH2uqEf6l6f9oMyvJ6X+bN2BzbVTLyKM8KKW6c8vULUNnQkRgIZFQ3fW/sTf8zyj9bI8S8M= Received: from MW4PR03CA0034.namprd03.prod.outlook.com (2603:10b6:303:8e::9) by MW3PR12MB4476.namprd12.prod.outlook.com (2603:10b6:303:2d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 08:41:36 +0000 Received: from CO1NAM11FT071.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8e:cafe::51) by MW4PR03CA0034.outlook.office365.com (2603:10b6:303:8e::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 08:41:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT071.mail.protection.outlook.com (10.13.175.56) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 08:41:36 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:41:32 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 03/11] KVM: nSVM: Raise event on nested VM exit if L1 doesn't intercept IRQs Date: Mon, 27 Feb 2023 14:10:08 +0530 Message-ID: <20230227084016.3368-4-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT071:EE_|MW3PR12MB4476:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c251765-0b27-4559-eea8-08db189e6fe5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jsf+jeg94uvSIUjn+2B8hcY1mc4UTBTM38YyfWtZDaH7c2gm/tlDYAwzM7RphDvSe4jNe/CnCaX9iQTGCpAo0YdXRO/c7BL+qe1nEwdt0xnPawwmJOnKAzc2SDZ9GSbetGCu342eyu7FulEiEx7AocHKDq6/sgcp6NiuhBBs3c7G/G0p6ctd2yA5RoOXlNFnkEKw35v8UPh+lgqJrowWkjh1k8EP4ptFzvtFeR5jTsvXmpzMvqpygk89j/ybfHEpA7RUh4V/rfmj+dKCGQ8YISvZ1B0QTAucRhLrdUTMymXVrnO3GOZ3ZlYqODLa9H2mp2elbSewBekCye8UFrVQqiJGDVuEzIFho101aR2S/gO35gojxgKAHFadvrz3GsT1jsYG6ppIxV2zUhM8tKE3qjafHQooEIAshBDGM3qjaPj2Nw+6ajU3Vu4MMKky/Ur+/bDJQ2xKHh/XrLs6oucU3oWsZ1Teh1/jt5lc/EAn94Ekh6H2EuCOJTJ2YYrL2zzza2BTjX2IAxSb3AYhw59mYFiGnj8pcKl6Df8TRSCkI/hrcippnJ3ZKedqIdUhLTKro6YxFl/yLwfaPD1bbG4JijDvtHyJFrruUzp7/Uradplq/uMw04Z8ZQyodAO3itOQpxCwW4v9/VzPevYTH7Ft4k3bIercxo6KOiVNAePsQdT4bgVm5XOKbhHLvvx+iG3L1X5VjtZ36Qf2dd3tmCjkkgj2XBPhgqbHGHVIge+QHCs= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(346002)(376002)(39860400002)(396003)(136003)(451199018)(46966006)(40470700004)(36840700001)(2906002)(44832011)(1076003)(5660300002)(8936002)(36756003)(41300700001)(110136005)(40460700003)(54906003)(70206006)(70586007)(316002)(86362001)(40480700001)(966005)(7696005)(4326008)(8676002)(356005)(478600001)(82740400003)(6666004)(81166007)(36860700001)(82310400005)(26005)(186003)(2616005)(16526019)(336012)(47076005)(426003)(83380400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:41:36.2889 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c251765-0b27-4559-eea8-08db189e6fe5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT071.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4476 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Maxim Levitsky If the L1 doesn't intercept interrupts, then the KVM will use vmcb02's V_IRQ for L1 (to detect an interrupt window) In this case on nested VM exit KVM might need to copy the V_IRQ bit from the vmcb02 to the vmcb01, to continue waiting for the interrupt window. To make it simple, just raise the KVM_REQ_EVENT request, which execution will lead to the reenabling of the interrupt window if needed. Note that this is a theoretical bug because KVM already does raise KVM_REQ_EVENT request on each nested VM exit because the nested VM exit resets RFLAGS and the kvm_set_rflags() raises the KVM_REQ_EVENT request in the response. However raising this request explicitly, together with documenting why this is needed, is still preferred. Signed-off-by: Maxim Levitsky [reworded description as per Sean's v2 comment] Signed-off-by: Santosh Shukla --- v3: Reworded commit description per Sean's v2 comment: https://lore.kernel.org/all/Y9RypRsfpLteK51v@google.com/ arch/x86/kvm/svm/nested.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 107258ed46ee..74e9e9e76d77 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1025,6 +1025,31 @@ int nested_svm_vmexit(struct vcpu_svm *svm) svm_switch_vmcb(svm, &svm->vmcb01); + /* Note about synchronizing some of int_ctl bits from vmcb02 to vmcb01: + * + * V_IRQ, V_IRQ_VECTOR, V_INTR_PRIO_MASK, V_IGN_TPR: + * If the L1 doesn't intercept interrupts, then + * (even if the L1 does use virtual interrupt masking), + * KVM will use the vmcb02's V_INTR to detect interrupt window. + * + * In this case, the KVM raises KVM_REQ_EVENT to ensure that interrupt + * window is not lost and KVM implicitly V_IRQ bit from vmcb02 to vmcb01 + * + * V_TPR: + * If the L1 doesn't use virtual interrupt masking, then the L1's vTPR + * is stored in the vmcb02 but its value doesn't need to be copied + * from/to vmcb01 because it is copied from/to the TPR APIC's register + * on each VM entry/exit. + * + * V_GIF: + * If the nested vGIF is not used, KVM uses vmcb02's V_GIF for L1's + * V_GIF, however, the L1 vGIF is reset to false on each VM exit, thus + * there is no need to copy it from vmcb02 to vmcb01. + */ + + if (!nested_exit_on_intr(svm)) + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); + if (unlikely(svm->lbrv_enabled && (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { svm_copy_lbrs(vmcb12, vmcb02); svm_update_lbrv(vcpu); From patchwork Mon Feb 27 08:40:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153096 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8CD8C7EE2D for ; Mon, 27 Feb 2023 08:55:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229833AbjB0IzI (ORCPT ); Mon, 27 Feb 2023 03:55:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42792 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230040AbjB0Iyi (ORCPT ); Mon, 27 Feb 2023 03:54:38 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2069.outbound.protection.outlook.com [40.107.92.69]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 296F0244AA; Mon, 27 Feb 2023 00:47:02 -0800 (PST) Received: from BN9PR12MB5193.namprd12.prod.outlook.com (2603:10b6:408:11a::16) by SJ0PR12MB5437.namprd12.prod.outlook.com (2603:10b6:a03:302::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 08:45:56 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YRcvW7Tr3ziuC+nZsE26W+JBFxKIJBmjM6Os9EXr3+oHhJMuPBODeBHRwBtVez2CwtCNqGqEBYJbTbAbA2xEMOwiEOm0utaf166Nmq9Hchw2eZtwPjKbHAPDdsYZ0gOQyvYN8iPnF5113kCypUj+r6YBHxrbDXztiwM4fd9h5u8kgKXHrtWOcas2LhK4QaYDjmpmGeoFaW7CKWGeNF8DcfR4V59bbxxgdKntPnMJB8CW57cYaGDVTaY4/ylM55pM8vbzH/ijd9+kS+VSscZdhJrKWICn75P1dErr5iOsFWtgsAwZCThZkzWUy6LUtAi6w043deERZh76Topwz03LVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0C70PocJfV/reUiwwtAtsnNB6NQdmrqStftvuewzAMM=; b=QLJNenXRfL93qpKLg2q7nXI3lvNwXPn0hTIpNAezu+41MCqdRNAzdqmk7UVz4R50Lh0qI+krfp+rqGZXERF9dPayo/l+W8J5HmAY/Q6urCYNHpflnT6hl+IbLFtHFPsMzw7HmYgCkxBaz1krKQg/heh/4CgbHRx8VO05AjwaORtQXsOPf16H69P5avtqV5GIt27qv7euNyNF03jCEOrXzpqZW+5pe/i0RjbyV3I/NKxHyzU1hYv57ia509YuTrYMSexzcitP6pztgnm5VGfaTuedqqQ2Ha3J5uhyGTK1BMxmhj7psDb9Ed5yqGvxsPn4t0EBFL/DaAzjo/P/nYVufQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0C70PocJfV/reUiwwtAtsnNB6NQdmrqStftvuewzAMM=; b=MynLOsqcSVeR5ebpBIZGZYq8VxH27jYadxpqp69EwVAdp+tHThQXX2ZoDluxbvvLAjep3nQSAutKeAHWO2wQ6SEA3YfQ4Z40ch4pXL+X21MeMynWigzh5bzspj1LelABmTuzMHzUlubY8z+pnVNrCb3ML/cKSxCu7nC6Y/4qbvA= Received: from MW4PR04CA0301.namprd04.prod.outlook.com (2603:10b6:303:82::6) by BN9PR12MB5193.namprd12.prod.outlook.com (2603:10b6:408:11a::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6043.38; Mon, 27 Feb 2023 08:42:34 +0000 Received: from CO1NAM11FT004.eop-nam11.prod.protection.outlook.com (2603:10b6:303:82:cafe::d1) by MW4PR04CA0301.outlook.office365.com (2603:10b6:303:82::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28 via Frontend Transport; Mon, 27 Feb 2023 08:42:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT004.mail.protection.outlook.com (10.13.175.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.14 via Frontend Transport; Mon, 27 Feb 2023 08:42:33 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:41:49 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 04/11] KVM: SVM: add wrappers to enable/disable IRET interception Date: Mon, 27 Feb 2023 14:10:09 +0530 Message-ID: <20230227084016.3368-5-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT004:EE_|BN9PR12MB5193:EE_|SJ0PR12MB5437:EE_ X-MS-Office365-Filtering-Correlation-Id: b4acb7c8-f365-45f9-8348-08db189e924c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Wq68ZNKDXJT6C7BVpVGVxkx0cShBWBd3P1KaslbIKGh8QNekxif05SDDzMjmDJvgF/atbSk/Z3NFt3jobV9okTgZL8fxnO8OHpBfdKw1G0fIrishNPHBmayil8UsYkFhuOvzX9yTd8OHSFgTBZbSvnKSIXKmU3VA13dnWdoLPleHfhyw+Uis5lJk8H4IAvqCgmC8H2Jj0ex4VPaNH4KxZnYhi/OgB5QegZ+v1fdkZFrQCFeeZCPkJku8b/PBg6D+go3U3cRULlDhJDizmJI5aKjMaD7jk8hwvlCVioYhBQxK8eaRyiKv6LIMJBSNmBizmC7SdICV973q9vDSGsYHTrnZd4lWKZv7O6usscwn/KzpbqIsNawceH+KF/qpU3+0FSZncAmGnLRL86kG11aFWXT03ZBAaH1KWnxUD247nyXQ3PnAKaH/n8wAC5wJaSbCCpEOXGQEHrnLAErmQ0zdAFycgRPY+Z4fzi0XjlaTJFyMGGJwpnoVAoXa3DQLdsM38p4pSwi6uBYDFDJJlqzJRNolJOZ10xjyp4KLbEFuYohYu6lQJPYGC8tO1BFX8Uqv3eAOvf1/L8bqWosFa/12ZyHBzYSR6dsIUrbEZp3kD+uwus/HfWfeJBjr8bxAB6jxyuoHdBecCap1QUDq4+9T1ZqKDPHSWTgW30iUKYMkuCwvUMtCtIdhHh7apLuMzj4fqE6oTs9VuJWEt66n1HjhpxspB5RK07mH9PnuM7e+9L4= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(376002)(346002)(39860400002)(451199018)(40470700004)(46966006)(36840700001)(83380400001)(478600001)(110136005)(26005)(36860700001)(81166007)(54906003)(47076005)(86362001)(82310400005)(356005)(40480700001)(2616005)(82740400003)(316002)(6666004)(186003)(5660300002)(336012)(70586007)(4326008)(966005)(16526019)(426003)(7696005)(36756003)(2906002)(8936002)(40460700003)(41300700001)(44832011)(1076003)(70206006)(8676002)(36900700001);DIR:OUT;SFP:1101; X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:42:33.9882 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b4acb7c8-f365-45f9-8348-08db189e924c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT004.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5193 X-OriginatorOrg: amd.com Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Maxim Levitsky SEV-ES guests don't use IRET interception for the detection of an end of a NMI. Therefore it makes sense to create a wrapper to avoid repeating the check for the SEV-ES. No functional change is intended. Suggested-by: Sean Christopherson Signed-off-by: Maxim Levitsky [Renamed iret intercept API of style svm_{clr,set}_iret_intercept()] Signed-off-by: Santosh Shukla --- v3: - renamed iret_intercept API https://lore.kernel.org/all/a5d8307b-ffe6-df62-5e22-dffd19755baa@amd.com/ arch/x86/kvm/svm/svm.c | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index cf6ae093ed19..da936723e8ca 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2490,16 +2490,29 @@ static int task_switch_interception(struct kvm_vcpu *vcpu) has_error_code, error_code); } +static void svm_clr_iret_intercept(struct vcpu_svm *svm) +{ + if (!sev_es_guest(svm->vcpu.kvm)) + svm_clr_intercept(svm, INTERCEPT_IRET); +} + +static void svm_set_iret_intercept(struct vcpu_svm *svm) +{ + if (!sev_es_guest(svm->vcpu.kvm)) + svm_set_intercept(svm, INTERCEPT_IRET); +} + static int iret_interception(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); ++vcpu->stat.nmi_window_exits; svm->awaiting_iret_completion = true; - if (!sev_es_guest(vcpu->kvm)) { - svm_clr_intercept(svm, INTERCEPT_IRET); + + svm_clr_iret_intercept(svm); + if (!sev_es_guest(vcpu->kvm)) svm->nmi_iret_rip = kvm_rip_read(vcpu); - } + kvm_make_request(KVM_REQ_EVENT, vcpu); return 1; } @@ -3491,8 +3504,7 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu) return; svm->nmi_masked = true; - if (!sev_es_guest(vcpu->kvm)) - svm_set_intercept(svm, INTERCEPT_IRET); + svm_set_iret_intercept(svm); ++vcpu->stat.nmi_injections; } @@ -3632,12 +3644,10 @@ static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) if (masked) { svm->nmi_masked = true; - if (!sev_es_guest(vcpu->kvm)) - svm_set_intercept(svm, INTERCEPT_IRET); + svm_set_iret_intercept(svm); } else { svm->nmi_masked = false; - if (!sev_es_guest(vcpu->kvm)) - svm_clr_intercept(svm, INTERCEPT_IRET); + svm_clr_iret_intercept(svm); } } From patchwork Mon Feb 27 08:40:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153090 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BB7BBC64ED6 for ; Mon, 27 Feb 2023 08:52:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230388AbjB0IwA (ORCPT ); Mon, 27 Feb 2023 03:52:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230420AbjB0Ivc (ORCPT ); Mon, 27 Feb 2023 03:51:32 -0500 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EFF0B23652; Mon, 27 Feb 2023 00:44:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Seg6W8/ULpnnkp7jw2zvrn7PmCR4hlYihQuSOvbawf9/5s2BxjutvRP3uwm4Z5J6dkV2ew1Drdv4w9DGKhWDrya+L+6uZvOPbf07XUDSWSg2ve/WGIBLAJxEjlxju5FKn+4dNpsXRBCm/7wZk8I/Iv7SD/DgBmvBoS8eMiSXj4OzlO+zQTsqRIBfluKPR/cZYmyADeHoxmfofxutRJbBswhnan8u4ml+Polu7dldOkWfqmwqHm6UrZUQH6UekjY50Txz75bTtBiiH5TwMoBwVbJTPhZy0ajROsqlOdxcadytGv8a/tERPXNTgJaxeU183aZ88aC4z9cZMV4hFP/NcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=quQzSxoaA04Q4hplPZTYF++P0g/hUtDayzv8PGpOC+I=; b=hTik2kua63rCPbqbcc1iL9eccCLtgxjeoDU3a84nDbRNk5cx2QememzgTZe4q/VPSpJYiZYpP6+B/ice/lH7N+g4leIl5ayTIXpFV5QeNSX24b8m1qw23042R/CeWGDuU955JdRRDUStYM5KHcZt+Ga5TreyXZcF7UidCwWH2+Z5P59PwDGAIUb+ovO8aroxC/qhRNE03dlx43hIt5jay4DrLMkfn+uYPD5T+kRGKVYZZBLGQ9ZQwGJfg+HRlOMbSqXqHysDJW4rsSfAqStSgJcvbmtd6QIC4yiovy375cVRHisPHC9DUQCYMEkS3kUK7u4pTrU7POMJIqFWjJ4TwA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=quQzSxoaA04Q4hplPZTYF++P0g/hUtDayzv8PGpOC+I=; b=fpoqefpWHWOvcr1GOaqH5my8j+Rb/JxNsb1c3y5ixueS7QuF5YdzqCU5SkiHSxyz76iWRhjXsViQbwzR4AM6/CSsMwQ/nQfV6wILnOs3IgLdd2xdN9pcb358NdJxUbmspbP0feu5y3vX2kYNd7+BhDK4uhZTVc23SK7WwJgwacM= Received: from MW4PR03CA0138.namprd03.prod.outlook.com (2603:10b6:303:8c::23) by DS7PR12MB8231.namprd12.prod.outlook.com (2603:10b6:8:db::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 08:42:45 +0000 Received: from CO1NAM11FT100.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8c:cafe::6d) by MW4PR03CA0138.outlook.office365.com (2603:10b6:303:8c::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28 via Frontend Transport; Mon, 27 Feb 2023 08:42:45 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT100.mail.protection.outlook.com (10.13.175.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 08:42:45 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:42:40 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 05/11] KVM: x86: Raise an event request when processing NMIs if an NMI is pending Date: Mon, 27 Feb 2023 14:10:10 +0530 Message-ID: <20230227084016.3368-6-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT100:EE_|DS7PR12MB8231:EE_ X-MS-Office365-Filtering-Correlation-Id: 7b09f0c0-15ae-4f02-44c1-08db189e98db X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9+bNI6njI2sO2T81id/9HMv8mf/m5NKVUOqHC/1vJ+OkR++cCotNRKWKz9vqiRg1qN0nbxLhtMvXsbvbtPrFtqp76e5lHlsXYr/+XdsYpSESu3JrJIS46hKtOkr07Qy/hq5ur1bhkAmcnmsUZ7ZorfMX5N+IyTBPum7TjePuBS5NRrG79aViKs+anO2QMrKXP8o3wiAMlMOXD1314+eW0QQnxrtDrmv88MUEkczD9esnSCYv2voUg3dvd+WboJ3ejV/i/j3Wz7C3n3SXT1yl6XIA2Ih4Gi73yqLu5EA62yXL8F94FQwnJXjzsXcRLkPtQeVBnAMxF22iY7N5HwakwygLFLb/xFwNNLQWolzRiH01g2OsBCsZE5+4iIdEehmIW7Uu2ORagnTpeFYnl+Fz5HN3YMHh6JaiViEdq9u11uuv7OyXAUUpbZqlJLN+LrLjzLjH80xRjBs87QMoFIIBjK9JnZ6B1g5oDeIgL2ku2uTuPdk37a2IBM5z/1X/67TkEuDWtJcSO6x9mpG8YPzv46MTZq0wvmZU+r+XdHo4GbHoPixZSW35tGWjX4VdnHPmcRjFmc89KCw1J6oCRis3n3noN7YULj9wCD0H9M5K1wgsEERaHhxTNnZrB4pJBtn/bPNmLfQI9T+slucGGdI8uZoYS8bDUViYrMVvBEznJyFmkXirAB40Qd1ShoaOAHKTRwSnPOAdLqKDG8uw3L/xy2MoJTwPSI4BXOQa+exIXU0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(346002)(396003)(376002)(451199018)(40470700004)(46966006)(36840700001)(8936002)(2906002)(5660300002)(41300700001)(44832011)(70206006)(70586007)(4326008)(8676002)(110136005)(316002)(54906003)(478600001)(7696005)(6666004)(82310400005)(36860700001)(426003)(47076005)(26005)(16526019)(186003)(1076003)(336012)(2616005)(40480700001)(86362001)(82740400003)(36756003)(81166007)(83380400001)(40460700003)(356005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:42:45.0057 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7b09f0c0-15ae-4f02-44c1-08db189e98db X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT100.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB8231 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Don't raise KVM_REQ_EVENT if no NMIs are pending at the end of process_nmi(). Finishing process_nmi() without a pending NMI will become much more likely when KVM gains support for AMD's vNMI, which allows pending vNMIs in hardware, i.e. doesn't require explicit injection. Signed-off-by: Sean Christopherson Signed-off-by: Santosh Shukla --- arch/x86/kvm/x86.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index f706621c35b8..1cd9cadc82af 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10148,7 +10148,9 @@ static void process_nmi(struct kvm_vcpu *vcpu) vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0); vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit); - kvm_make_request(KVM_REQ_EVENT, vcpu); + + if (vcpu->arch.nmi_pending) + kvm_make_request(KVM_REQ_EVENT, vcpu); } void kvm_make_scan_ioapic_request_mask(struct kvm *kvm, From patchwork Mon Feb 27 08:40:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153093 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 39F1CC7EE2D for ; Mon, 27 Feb 2023 08:53:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231648AbjB0Ixf (ORCPT ); Mon, 27 Feb 2023 03:53:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45574 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230410AbjB0IxG (ORCPT ); Mon, 27 Feb 2023 03:53:06 -0500 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2088.outbound.protection.outlook.com [40.107.212.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EACB723C78; Mon, 27 Feb 2023 00:45:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ge2Z2nuZdx1fDBuWC1035CtT+M7aUu202tP41Xy2PLxz0zINcpXWuPBWLB/EdXoWXYMeYpWcqlKLlPcghWXDJTb200z4I8NJylYr1b8jdDXurIplR6v9w7XU1h/fO4C9zt0BvSV/FEon+uZQZqB39Nk5ukrV56aEimkKXIVXEWutN7x5d1xFltB7etOLlc5dRU4Zrd+KsTs0IPiiEkSvZ31eXdRd+1spoqfoJPZggSfq8vG4IE9FegfHyCy6xOsvEhwCz+tsRmb9EXsLrJtLBKdP3m0J2ilqFrBfj49SGGf19jmXX57SGS1wbYaRDcONN6uzJbHNv8Y2epwGXia9EQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oR7zheTrX5qMmDFyKQ7qK0DSOkugApnTFBoUnooBEdU=; b=iNBDsLGlbEWgN4fDZBw7WhBuqy4D8ASL1wzQyOv64I0plE+Qcj0gHEouXCCFfBhBXlFC82PHSB2Nhwx9c13ov627NWBP7WAHodhZ0H5JUiaFlEn9Ag+cN0vvyMQIlU5eqOewNTKngkG1dxMn2uofJu1E9OgPO9wDHD6OyIgXsAbwLJ0DLU8PmIjr9I30Z/PYVj8u1pvS7eFtaLp9CPX/heML9MvHeXiJpBf4+G1iYxkiwZLrOLxBtL30FBwW82FTYI+ByHCzhmxGud5j8z0bPTIYyBx5GL9LHzulc/ew7WZrYHIfwfLxeC9n9Km70NSUEQFZY2j97oGBmpkHoi9MzQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oR7zheTrX5qMmDFyKQ7qK0DSOkugApnTFBoUnooBEdU=; b=TnzVFfo//PYFxS+9Fh0jVITgki1BYRkzlgq027E4pFCGdLEQ4napLN7nBJqe5zXxg3hmYIdqywfrOgfYtfJOHoOOehubeG+hRtDBsd9eZZI5S5cs/v2FLTs/2blo6sx9GmCjdtW+zp+TF2dYWChJe+8gF1W7X7hy9J65PNzArww= Received: from MW4PR03CA0291.namprd03.prod.outlook.com (2603:10b6:303:b5::26) by DM6PR12MB4108.namprd12.prod.outlook.com (2603:10b6:5:220::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.27; Mon, 27 Feb 2023 08:43:03 +0000 Received: from CO1NAM11FT103.eop-nam11.prod.protection.outlook.com (2603:10b6:303:b5:cafe::be) by MW4PR03CA0291.outlook.office365.com (2603:10b6:303:b5::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 08:43:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT103.mail.protection.outlook.com (10.13.174.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.12 via Frontend Transport; Mon, 27 Feb 2023 08:43:02 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:42:58 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 06/11] KVM: x86: Tweak the code and comment related to handling concurrent NMIs Date: Mon, 27 Feb 2023 14:10:11 +0530 Message-ID: <20230227084016.3368-7-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT103:EE_|DM6PR12MB4108:EE_ X-MS-Office365-Filtering-Correlation-Id: d54c9dd8-3f85-4f7c-5081-08db189ea381 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3LKgvx6RKAC0mWAp3cNY/9ourjEjufUmq1ziWhoqHcXp6rrspRIoDndA97F+HbCLj0KgL8NWuBINYlJ3W+BJ/9vpCzqP8Tacw6HkD95zQmugK5HOdeyXIszuXoqfW+TysI+vPfTeEreScXQjkaqwjIJpbVpWvE6KsZ0pKrQcgb6lPc1KGFWBusbuhNNnaWrGLoPzHNP2i3XDV9UflYQk6PxjY66s7F3RCJRsGX2bT2NXumM0RVNrG6+4x7lGJRkcKDSUMBD2cUMRuvLt8VdRk3hNxUWgtKEsA1bv5bLYvGUNNpj8euQOKGfOqh344FwJ8hXj1cxLeKDzQuj7Bze5TmA5TygLK9BN2MyWiUUxUNBcRMocL3EO3KD2TTWVS7IRPH6IymIYaifvpPwNZWReKgCygvQjp0jrHTYWuia5lh0cHOIhmTL3L/yoqLK3fB/4vz3wRrTGnaCfOQf43o7Qcef0IUQyM0aQR43ipQTXMSTl+W2w9ge/zoeYWfBX4aEw4RvJCd3J0RWxZnbQcbhlTe/Dm7kp21LJqwNBrBQ9i+IL3kzanRpE3zE0+eZduz2O3qs6yZf3skdFdv8PNje/5zPbNBt7OSi5yj+PpP0a8KMUpnfbW//JaPQW236wdPRJaPiLYrvsqA0OIt/myCU4NrTNN2v6c6x7btAQAciguPjdXfQkMtQop7JAw5z0HQ7mxXdYyjlnMV6tbrQWCVezPyVEkPQqfi1ggJQpGC4PrB0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(396003)(136003)(346002)(376002)(451199018)(36840700001)(40470700004)(46966006)(66899018)(83380400001)(16526019)(426003)(47076005)(44832011)(2906002)(36756003)(6666004)(26005)(1076003)(54906003)(86362001)(478600001)(110136005)(966005)(41300700001)(82310400005)(7696005)(36860700001)(81166007)(82740400003)(186003)(40480700001)(5660300002)(356005)(70206006)(336012)(2616005)(316002)(4326008)(8676002)(40460700003)(8936002)(70586007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:43:02.8398 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d54c9dd8-3f85-4f7c-5081-08db189ea381 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT103.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4108 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Tweak the code and comment that deals with concurrent NMIs to explicitly call out that x86 allows exactly one pending NMI, but that KVM needs to temporarily allow two pending NMIs in order to workaround the fact that the target vCPU cannot immediately recognize an incoming NMI, unlike bare metal. No functional change intended. Signed-off-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v3: https://lore.kernel.org/all/Y9mtGV+q0P2U9+M1@google.com/ from Sean comment. arch/x86/kvm/x86.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 1cd9cadc82af..16590e094899 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10136,15 +10136,22 @@ static int kvm_check_and_inject_events(struct kvm_vcpu *vcpu, static void process_nmi(struct kvm_vcpu *vcpu) { - unsigned limit = 2; + unsigned int limit; /* - * x86 is limited to one NMI running, and one NMI pending after it. - * If an NMI is already in progress, limit further NMIs to just one. - * Otherwise, allow two (and we'll inject the first one immediately). + * x86 is limited to one NMI pending, but because KVM can't react to + * incoming NMIs as quickly as bare metal, e.g. if the vCPU is + * scheduled out, KVM needs to play nice with two queued NMIs showing + * up at the same time. To handle this scenario, allow two NMIs to be + * (temporarily) pending so long as NMIs are not blocked and KVM is not + * waiting for a previous NMI injection to complete (which effectively + * blocks NMIs). KVM will immediately inject one of the two NMIs, and + * will request an NMI window to handle the second NMI. */ if (static_call(kvm_x86_get_nmi_mask)(vcpu) || vcpu->arch.nmi_injected) limit = 1; + else + limit = 2; vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0); vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit); From patchwork Mon Feb 27 08:40:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153095 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BFA55C64ED8 for ; Mon, 27 Feb 2023 08:54:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231599AbjB0IyR (ORCPT ); Mon, 27 Feb 2023 03:54:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43150 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230458AbjB0Ixh (ORCPT ); Mon, 27 Feb 2023 03:53:37 -0500 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2070.outbound.protection.outlook.com [40.107.93.70]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AC62D1DBA5; Mon, 27 Feb 2023 00:46:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=auPiX5rHe4PtXAzvoKekv7yWbcq279Eiv98LoiQymWgto1EyQSjGmaiiCM+8t68g9SSsBIwlBInKFp01WLCAueGc6A7ZFQjWepfqV+OLNdq2PKrp4K+a1yU9gEwctORppbYIPiCdvXD70FW97dPHA+V1AmON40MG6on7UOdOLb5ooWn/7iiZQ87NEth2+Zs3hSxhO4b/4lrajEZ++fNKUXK6qr9OCL4A6oHrJtt+5hDt44uHazdRABJvE8N9WOr/g584TMpYnPiVt4nMFSCcAwfckSRmIHgmtNEUVLoBIvHpV+mVMyHZkjeh3p9Z6hViWm5DyJjUc6xEN4QOOtoeLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oJxDAL7B6BGNFzhYPk2HQCW6NU5Grxu1KnAxytCZ7Ss=; b=IgIF5qVdYv4lzqdHeMw0k8sZWtSgzwHc4HvIuQ6jAZeyD3FVzfKWRbzWzcast6D875XqciTLEXFlgw93yIcgTmsc1Rn9viF1mvgzUw7/t4Kq7sesng/9jqnUYCB66EH8lFclEenImmvr6uQmCfKbQhM+jB8G4pWzaEpG4nUci9sLcInFo5UdIdLQ+NIAu6MJRCTemL77bIKQhXoG8tftFpWviKisE0D7/nFGWbTrlXug6hyXGE+xksKLqiNT1q+Je//532B55I25viilkHy2lPVEWYAktzj0hlM8370jv6y7awRFsi9gJB+PiBsar0V2y6o7haeiJLB+naxL2R0PqQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oJxDAL7B6BGNFzhYPk2HQCW6NU5Grxu1KnAxytCZ7Ss=; b=hbWjXnIn9kJZQ6osko5SunrhlntJNsbBdFr7y6xMISiqdkQr8BuiHXnlQVhp5yOyPOz7SwTYgwaTwV2dulhkq39v1n8J4XxdCV+258qyZp0cWWqg4yymh4p0pfnULI6QDlovsODyyMxNmRWsQRg0IXOmpN3r0DnbCAaFrwJ+HE4= Received: from MW4PR03CA0077.namprd03.prod.outlook.com (2603:10b6:303:b6::22) by SA1PR12MB7038.namprd12.prod.outlook.com (2603:10b6:806:24d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 08:43:40 +0000 Received: from CO1NAM11FT087.eop-nam11.prod.protection.outlook.com (2603:10b6:303:b6:cafe::5e) by MW4PR03CA0077.outlook.office365.com (2603:10b6:303:b6::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 08:43:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT087.mail.protection.outlook.com (10.13.174.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.12 via Frontend Transport; Mon, 27 Feb 2023 08:43:39 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:43:36 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 07/11] KVM: x86: Save/restore all NMIs when multiple NMIs are pending Date: Mon, 27 Feb 2023 14:10:12 +0530 Message-ID: <20230227084016.3368-8-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT087:EE_|SA1PR12MB7038:EE_ X-MS-Office365-Filtering-Correlation-Id: 143a2865-3a76-42e5-7d1b-08db189eb99b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7vFnjTaS2X330dNXgu8CpJO7SCaxNe6Jm8ryo1eZPhzCxlG/kdZBWpBLLYUy8DFL8ekdeHAVocROOBUKP7BlwF/zkLDsA9tekf0Yg90/nosvDeSTQdsROXuNtj4h/1CgtO9Qpdi3aiLQiIc+7jQ0STlcPFQVO0E2O4HBOUCto97jbZgeACr/6LD8bZIn2btUEFFsmHl4f3OhsRoLADhG+ZRUpwanQLt3M4WUnt6G9Mtjq3Su3B1cyUETG0nLzJ09pEYOij1c5j0/gFgQJauEUHQtSfjr4ZuHoaOydgIzoKa4vv8nQdjUC2FysKXqco4MQKlL+0UAbQsqJsKLvqZ3UrJ31bFIgZeOlNuj3e3aQrHxKxZXt7qIGxcipX2EaV3fnSCOsfZdDbd5woXbaXj7zgpByXi+eIlphTVpBqTTeTvL718Vs+dBe3NxqqbHi9NZDz++11+3sUUmyHSfc7/AuMfngPZbmIOIZXB17RxiRD/mYI8a2QS6TmP+C0diqR//62le3oacC3a0T+CgDML0Rq/k/x3QTZtUtVnMiOu6hPblsez2bUMVG3CapxnY5uUa49zXCyVkKPYZZaNvhdQUdauudSjb7EyGd/RyJEXHjQoxFkTpuuK5FQksWTxWdGnwR8D/imolI/gPct/DPJ56SROjoQ8+XtUcGUV5wfuHfurxUHihYRZzFO515qIOeGuRo3k6SdsXWy7pKnxpgG5X7+jbICiYcJdvxKNDiIC0Fw4= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(376002)(396003)(136003)(346002)(451199018)(40470700004)(36840700001)(46966006)(81166007)(82740400003)(316002)(36860700001)(2906002)(36756003)(44832011)(40460700003)(5660300002)(8936002)(40480700001)(86362001)(1076003)(70206006)(70586007)(16526019)(186003)(26005)(4326008)(110136005)(54906003)(8676002)(41300700001)(356005)(2616005)(336012)(82310400005)(83380400001)(47076005)(426003)(478600001)(7696005)(6666004)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:43:39.9525 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 143a2865-3a76-42e5-7d1b-08db189eb99b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT087.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7038 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Save all pending NMIs in KVM_GET_VCPU_EVENTS, and queue KVM_REQ_NMI if one or more NMIs are pending after KVM_SET_VCPU_EVENTS in order to re-evaluate pending NMIs with respect to NMI blocking. KVM allows multiple NMIs to be pending in order to faithfully emulate bare metal handling of simultaneous NMIs (on bare metal, truly simultaneous NMIs are impossible, i.e. one will always arrive first and be consumed). Support for simultaneous NMIs botched the save/restore though. KVM only saves one pending NMI, but allows userspace to restore 255 pending NMIs as kvm_vcpu_events.nmi.pending is a u8, and KVM's internal state is stored in an unsigned int. Fixes: 7460fb4a3400 ("KVM: Fix simultaneous NMIs") Signed-off-by: Sean Christopherson Signed-off-by: Santosh Shukla --- v3: - There is checkpatch warning about the Fixes tag like below WARNING: Unknown commit id '7460fb4a3400', maybe rebased or not pulled? #19: Fixes: 7460fb4a3400 ("KVM: Fix simultaneous NMIs") total: 0 errors, 1 warnings, 20 lines checked Although this patch is part of kernel v3.2 onwards arch/x86/kvm/x86.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 16590e094899..b22074f467e0 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5113,7 +5113,7 @@ static void kvm_vcpu_ioctl_x86_get_vcpu_events(struct kvm_vcpu *vcpu, events->interrupt.shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu); events->nmi.injected = vcpu->arch.nmi_injected; - events->nmi.pending = vcpu->arch.nmi_pending != 0; + events->nmi.pending = vcpu->arch.nmi_pending; events->nmi.masked = static_call(kvm_x86_get_nmi_mask)(vcpu); /* events->sipi_vector is never valid when reporting to user space */ @@ -5200,8 +5200,11 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, events->interrupt.shadow); vcpu->arch.nmi_injected = events->nmi.injected; - if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING) + if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING) { vcpu->arch.nmi_pending = events->nmi.pending; + if (vcpu->arch.nmi_pending) + kvm_make_request(KVM_REQ_NMI, vcpu); + } static_call(kvm_x86_set_nmi_mask)(vcpu, events->nmi.masked); if (events->flags & KVM_VCPUEVENT_VALID_SIPI_VECTOR && From patchwork Mon Feb 27 08:40:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153091 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0428EC64ED6 for ; Mon, 27 Feb 2023 08:53:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231499AbjB0IxR (ORCPT ); Mon, 27 Feb 2023 03:53:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43416 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229842AbjB0Iwq (ORCPT ); Mon, 27 Feb 2023 03:52:46 -0500 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on20611.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8b::611]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E8351EBF7; Mon, 27 Feb 2023 00:45:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VyB+WpaDaEiHX3Boil9LPddzHLuSofNHnHKxSCCjQX+YGhFRLo0+0O0pDV9RGyg4hnTJAuAq7HZSWECqb+ro3ccVo4XxHMaoXMhADYt5n4rp0dV4aPBEB7fp2/os4V+92AFRXxHNcVF+7PPtR7t8YnFOkVftrivhYtypqMfM6miS7y11O2z7OPqa08Ae4kgke3sVeoPkg2CJHg+RsDG9J0XvpveTOJs8hnG3UKeP9jAkwcsuePZYfPVhByrrStlhF/+6RiwzXlHO8/MBXvnOXb86PcPphMKDT6xKKls9JQjcHAfasKEP+x7NoP5uevFIHmDXI79P81hjU2pLiZcBog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5ZoJBnY5c1ZWHmeG/NH0VLZt3i7xb5uH/tahYI69Vkw=; b=HPmGlwMQTpsi1NMRsMXM3m/qlBNP2DyQ/ZI+HzRBMbVyhFcmDnsFgVhXQOvKeCw2q5BczDy9HjkVBWldg0eM0F6bmXi/9dUdT9+miRp+hMROXID2Uu/EbFqVZRSsfAcVkSCgAiyLb1TYtpUG2Ue+35/KBhsd4HJ79DrywJz9Wf5KqxGroeXaqhNUQlpdOOdNqWowdgLcCaArfpNSaRBFyonsI6gzEZLLlmSAf3ZUjSV2NYQ7Cj1JKngIcIZB+4f/BxNeU0mqLlWsSKrj+Y+x5Gg8JUqcy57v+8WKtcQ5N5uhPSHsmtNJ2eBjd+ZeUJLzvYJNr6QFZxUU/CW6rIM3fA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5ZoJBnY5c1ZWHmeG/NH0VLZt3i7xb5uH/tahYI69Vkw=; b=2i+CezfS3JsBcqyB99gBSxOcLwZYFmzCY70cBrfQpXNAA6GTr5lRZ6pa6OIDdtsDJ1UaVcjg9d21g9PInxYV71j8S9uKO2QFzQEqTf6QVdZtL34vSNKJLwy3WiW59zmFlDjEXtXFb1rzs8ROHDFleKHJGq/244yv2MqhMM6AO0s= Received: from MW4PR03CA0226.namprd03.prod.outlook.com (2603:10b6:303:b9::21) by PH8PR12MB8430.namprd12.prod.outlook.com (2603:10b6:510:259::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.26; Mon, 27 Feb 2023 08:43:59 +0000 Received: from CO1NAM11FT033.eop-nam11.prod.protection.outlook.com (2603:10b6:303:b9:cafe::78) by MW4PR03CA0226.outlook.office365.com (2603:10b6:303:b9::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28 via Frontend Transport; Mon, 27 Feb 2023 08:43:58 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT033.mail.protection.outlook.com (10.13.174.247) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 08:43:58 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:43:54 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 08/11] x86/cpu: Add CPUID feature bit for VNMI Date: Mon, 27 Feb 2023 14:10:13 +0530 Message-ID: <20230227084016.3368-9-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT033:EE_|PH8PR12MB8430:EE_ X-MS-Office365-Filtering-Correlation-Id: c0f226e7-fc0d-4ac6-a7e6-08db189ec4c3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZKLCUgdd0JWRnhdxmsS3IgIIGlw5rAT8csXkbFWQTHNFxWxbjZaBUwNF+9I9Kvy8glrQClK6WYmQg1flVKPA1pXR/2oqEech7WDXiP7gxbSCXPsrx8YBORC017vLRX7knWhmJplFgA6q4L2IXe3WgmuYYdhp6wGZgvaF0pYf8b3Zq8PQJP3AKHGsPqzJtt6TGYsEXOyUYbFKD89wnif+R1P0wGhVrqowimPuwLI+DnkjeZIDEUOx5xk3L2PpDYRRgzO1dij1hOVXFinT9vDqS9LkJrueNTNxXsnHTQxQuBPk/daWUlCAEqA82l96qoHklOMq3Ho+On13s9sNeJYaQXTHxHW1wR0sNfat06kQDaHsHFgouQBTyv8t8AlL9Abhq7qWlhi/CnuvZ8ec+ALdTWP6A48RR8UdnD2fqk7t5lZKL4z1BbUVuY3Sfjw/QR6fX2Hfvg+kUNfAm5hSGh4S7wsdkHJzZiBuIsQGWWffjEDOjVohpZ6FsaJbNPyEm8Q1Mk0Qbt3UOvjCWrpI5np/MoM8kdKK4gmkazm1QVNRYJcWn8tALyqDqv5QelwzrinFRnqCrfLp/jprY7w37inKEg1Ziec5dyo1ntDz4kR6mKv8bQtu6pasmelzu+F32Q6h+Yg2aVfOxUnVPVwD84rOM6F7jeDbMJQgy0uYr9XNjQMCa/dC28E5ABT0VAQK6ZXJqrUfozRN2f034P4A4ncTUbJ0A7NIrp3f+ya7Tyr30ZI= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(39860400002)(136003)(396003)(346002)(451199018)(36840700001)(46966006)(40470700004)(44832011)(36860700001)(82310400005)(426003)(8936002)(5660300002)(47076005)(82740400003)(2906002)(81166007)(336012)(2616005)(41300700001)(70586007)(70206006)(8676002)(356005)(186003)(16526019)(4326008)(6666004)(26005)(1076003)(36756003)(478600001)(7696005)(54906003)(110136005)(40480700001)(86362001)(316002)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:43:58.6550 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c0f226e7-fc0d-4ac6-a7e6-08db189ec4c3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT033.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB8430 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org VNMI feature allows the hypervisor to inject NMI into the guest w/o using Event injection mechanism, The benefit of using VNMI over the event Injection that does not require tracking the Guest's NMI state and intercepting the IRET for the NMI completion. VNMI achieves that by exposing 3 capability bits in VMCB intr_cntrl which helps with virtualizing NMI injection and NMI_Masking. The presence of this feature is indicated via the CPUID function 0x8000000A_EDX[25]. Reviewed-by: Maxim Levitsky Signed-off-by: Santosh Shukla Signed-off-by: Sean Christopherson --- arch/x86/include/asm/cpufeatures.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index cdb7e1492311..b3ae49f36008 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -365,6 +365,7 @@ #define X86_FEATURE_VGIF (15*32+16) /* Virtual GIF */ #define X86_FEATURE_X2AVIC (15*32+18) /* Virtual x2apic */ #define X86_FEATURE_V_SPEC_CTRL (15*32+20) /* Virtual SPEC_CTRL */ +#define X86_FEATURE_AMD_VNMI (15*32+25) /* Virtual NMI */ #define X86_FEATURE_SVME_ADDR_CHK (15*32+28) /* "" SVME addr check */ /* Intel-defined CPU features, CPUID level 0x00000007:0 (ECX), word 16 */ From patchwork Mon Feb 27 08:40:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153092 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52D86C64ED6 for ; Mon, 27 Feb 2023 08:53:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231593AbjB0Ixe (ORCPT ); Mon, 27 Feb 2023 03:53:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44988 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230348AbjB0IxE (ORCPT ); Mon, 27 Feb 2023 03:53:04 -0500 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on20607.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8b::607]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 05AFF211FB; Mon, 27 Feb 2023 00:45:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Hz+MXSDoe2oujSPOi94HVmDgaxRuMXiDnxet6cCojqytDWDV/uQRwM5FXoC5W0val4wo5/PbPGftOKpX/LuSoKOu7Nlul6a/6ifISyNO5SCqcdW5aKKBLZqoWMbyKA0/yHArHrZhQh9UfvxtmqjEeZXj27xJh2mzts1N6Tstju0fEZ7O47pGVAj8R6nrdmph26kQF2zdWjmLJX7ikeCPX5ctJHQqARRqVOrA6wxI4PRJZjfQtABkzQre5QX82mp0pJjLKyLsaJ4YHqCDS6Aq+5JEljkxmLJ4rqX3n8Wk+HubJKVEgGbVq5jwpBG4kEC2tEJlwwpwK1tKf1h3s0tIhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OomX125WHtEtfsV+1qUccQcIwk0c/ySbmyUbcxEXG54=; b=AkPb0rRl3fVRoKoisMSCwg1rrmXZrSo+N2BDPGTqFywcRVpsbrifWeDZ3t05Z2cI09EEx0w/4TNTZM7JrZLhSyYIRiJvPLDdycsu+EUtqYkEA8oHyBdZY3g3ynPvqRvHu47aAvigtJ7Stec5xPpJfEqYgw7edf8RoXbEeKR0aRCGTsDDF1IL82onPCqjy2f7WOsZLuEbyQaP7GZ1F6pjMXXnk46kvf7BvTHfnVPwrtfBOuGHRlirip59diVKo8M2vyI50SvHxfGkF9gECg/dmLt0Dk9ToxW0BAFTYVj1OCJHzijoC3yeNNYjWdqipnnLUxrLA5k0vLf3fXNUs0KkXA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OomX125WHtEtfsV+1qUccQcIwk0c/ySbmyUbcxEXG54=; b=ARtGMiuf85BkIPjCskzIrT5mTNBH4CigycbN6AjRVvJdG6qjGF0mozHk8+tIBU+URkx294oIkDVLJ//mzCDCTU2VXanHTqMcn+nZ1nIl9EaEeEF/Gz47S4WkIIADbgC0Bil9dO1FVXQL7CvHgyYuiaX5X49Rziyu+TFOcIqtu2o= Received: from BN9PR03CA0504.namprd03.prod.outlook.com (2603:10b6:408:130::29) by CY8PR12MB7753.namprd12.prod.outlook.com (2603:10b6:930:85::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.24; Mon, 27 Feb 2023 08:44:17 +0000 Received: from BN8NAM11FT092.eop-nam11.prod.protection.outlook.com (2603:10b6:408:130:cafe::cb) by BN9PR03CA0504.outlook.office365.com (2603:10b6:408:130::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 08:44:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT092.mail.protection.outlook.com (10.13.176.180) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 08:44:16 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:44:12 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 09/11] KVM: SVM: Add VNMI bit definition Date: Mon, 27 Feb 2023 14:10:14 +0530 Message-ID: <20230227084016.3368-10-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT092:EE_|CY8PR12MB7753:EE_ X-MS-Office365-Filtering-Correlation-Id: ffaabbe0-0f78-4190-8d6c-08db189ecf8e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: IjkIPTM+LJUeYtmdB1dV/S4/0Eln0FwUuNeknoRvRqBXAj+CsGvxSJAPITf5l6WDUcmyvg2AdYfJlZMKqod/j2iAD3vG9iMs0sycJz5RedzGZXAinDO894JmRzDeNHVfbtD8gCFw2wAeLztjAhfI2Q6BGsiwpRMpcqY3vhYMnqdTVxPp48cYs+17U2yWxNOgAAA2oHp3w/hUVcajwwZbBIIoHo6B8e90lwzqKOxikMfEvPfZonZkPQkO6HEtNjPr435HRqP74i7isFuXcC2OPd2XeNjvEs19H7IKuVwn24/NlcM7IPM0WKzUIg+d3aiAd3O5q1caI2QI2jIHQVmVLNG2OTGPHhgmrSxb7OhbU6v2EQNmv+nmcIxloNSaPrS/vmaYEwK/1HvfcTWdqMaNTEY9bkQEG7ifFtJ0bvif+tlLztNN3T4caZ9s6bJZczGcQCvl4PGQLPWXHQK8WDY9chHRxhn5fUcRvAUStSUOdP0p0fRJtaT/f+37VJh62CFk2iqSZYFPXAgQPVx02SrZfgri1YpqrqT8OYwanugpc2llqpCcR7xUW7aqM6RULpCUcYmaIRGh+4h/NJaoO8MK+JkbLfcOozIErNlEriDlzJrCQXa+OAxxIUxRSL+K5UGDUmN+gyiPkf5xRpGenIw7C++5x9jgUq9yS4G1qVKEijFsBH8CFaptQTOsA8Wv7FCkmJBme9UVaWNNV5OZeE/O6Hb2u3PQpvb/zOEYUMKASoU= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(136003)(396003)(346002)(376002)(39860400002)(451199018)(40470700004)(36840700001)(46966006)(8936002)(54906003)(16526019)(81166007)(26005)(336012)(36756003)(186003)(316002)(1076003)(356005)(478600001)(40460700003)(7696005)(966005)(44832011)(2906002)(40480700001)(86362001)(2616005)(110136005)(5660300002)(82740400003)(82310400005)(47076005)(426003)(83380400001)(70206006)(70586007)(8676002)(41300700001)(36860700001)(4326008)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:44:16.8713 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ffaabbe0-0f78-4190-8d6c-08db189ecf8e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT092.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7753 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org VNMI exposes 3 capability bits (V_NMI, V_NMI_MASK, and V_NMI_ENABLE) to virtualize NMI and NMI_MASK, Those capability bits are part of VMCB::intr_ctrl - V_NMI_PENDING_MASK(11) - Indicates whether a virtual NMI is pending in the guest. V_NMI_BLOCKING_MASK(12) - Indicates whether virtual NMI is masked in the guest. V_NMI_ENABLE_MASK(26) - Enables the NMI virtualization feature for the guest. When Hypervisor wants to inject NMI, it will set V_NMI bit, Processor will clear the V_NMI bit and Set the V_NMI_MASK which means the Guest is handling NMI, After the guest handled the NMI, The processor will clear the V_NMI_MASK on the successful completion of IRET instruction Or if VMEXIT occurs while delivering the virtual NMI. To enable the VNMI capability, Hypervisor need to program V_NMI_ENABLE_MASK bit 1. Reviewed-by: Maxim Levitsky Signed-off-by: Santosh Shukla --- v3: - Renamed V_NMI bits per Sean's v2 comment for better readability. https://lore.kernel.org/all/66f93354-22b1-a2aa-f64c-6e70b9b8063c@amd.com/ arch/x86/include/asm/svm.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index cb1ee53ad3b1..9691081d9231 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -183,6 +183,12 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define V_GIF_SHIFT 9 #define V_GIF_MASK (1 << V_GIF_SHIFT) +#define V_NMI_PENDING_SHIFT 11 +#define V_NMI_PENDING_MASK (1 << V_NMI_PENDING_SHIFT) + +#define V_NMI_BLOCKING_SHIFT 12 +#define V_NMI_BLOCKING_MASK (1 << V_NMI_BLOCKING_SHIFT) + #define V_INTR_PRIO_SHIFT 16 #define V_INTR_PRIO_MASK (0x0f << V_INTR_PRIO_SHIFT) @@ -197,6 +203,9 @@ struct __attribute__ ((__packed__)) vmcb_control_area { #define V_GIF_ENABLE_SHIFT 25 #define V_GIF_ENABLE_MASK (1 << V_GIF_ENABLE_SHIFT) +#define V_NMI_ENABLE_SHIFT 26 +#define V_NMI_ENABLE_MASK (1 << V_NMI_ENABLE_SHIFT) + #define AVIC_ENABLE_SHIFT 31 #define AVIC_ENABLE_MASK (1 << AVIC_ENABLE_SHIFT) From patchwork Mon Feb 27 08:40:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153102 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4AC1DC7EE2D for ; Mon, 27 Feb 2023 08:56:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231431AbjB0I4h (ORCPT ); Mon, 27 Feb 2023 03:56:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230320AbjB0I4D (ORCPT ); Mon, 27 Feb 2023 03:56:03 -0500 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on20611.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e8a::611]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F0716B46C; Mon, 27 Feb 2023 00:47:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LKWqdnVAmHqV/niBcG+TsgwEn1A3bfRHmA1ijd/TyM4KMVSaCACayayWpnBanKiFlHm/gpPUFluk6NjcEgYUzio8ghNhPquQ1B4loONoaGE+pnaN/RqmfeVhWfpOpRvSjZ4nMB8vdZoxa9+PoZvLx0fMHRkvWVJKRFpxxE4A0Glv53WQJQlWCVPz9BYMKpRNXC9p9b9TzotLULcKcC6Z2wyRZjG2VswLKjpI+ZlBdMEXj/P4tBhKB3C3OVXl5Q8mzJBupJqB8mmGIAzwtO3r1yIDso59aZb0wosExhlJr0KRfHWtbDuf4Eqe5Jm7x7avYYsh8MevZYdqq+DbalfbBg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LaKperpv4+VdYCfjXKCZB8VJU+3gIjLgyl6XPPUmZVc=; b=ew+ojDOmDXfzqs7XrZB8RToSxcIGs3C8jBIcdaRrekeXoAHtemuyWn3fPoRwRBJs0XnIdZMa2c9mfHuHsDkT5NM52fo/d85wrV0p97yAhdHo2x7mdIQH004iZekGUSOkMUW7EMX7BBqP1JIzS2dkcRYkC0+ZwdhJTnqd7zkkQ0FUIAGvo9RotwzvK75vLW687xG3g8yMcaDWJ1QdTeYIPfWqnUE7wU1ArJHdOy8kckO7ro+U/2EkPbcX4zdAEyxV34+HtwuocGOyHe5pcrMhf09RA3zA5gnNOxJF96PTgW1eIxPstZaiSV+YaM8VNzxTMFn2BWLcmF4w+3+PQWzqQQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LaKperpv4+VdYCfjXKCZB8VJU+3gIjLgyl6XPPUmZVc=; b=nkAL0/izMsDVn477/1XctXTcUWZNV8S4jfhqnRShfymAnvEhkwoB/cJ12Ur3BsFy6jGAY4K93sgNrWv0sXdV6l2XRFaKOMkUipfLSzJSZtOadqhJj03UtcnqNlLjmUDM4Y/9FewiYBEUEZS5zTx8OcnOTR4GMKK2oKuFHH5lDfg= Received: from BN8PR07CA0002.namprd07.prod.outlook.com (2603:10b6:408:ac::15) by CH3PR12MB7524.namprd12.prod.outlook.com (2603:10b6:610:146::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29; Mon, 27 Feb 2023 08:44:35 +0000 Received: from BN8NAM11FT073.eop-nam11.prod.protection.outlook.com (2603:10b6:408:ac:cafe::bc) by BN8PR07CA0002.outlook.office365.com (2603:10b6:408:ac::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 08:44:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT073.mail.protection.outlook.com (10.13.177.231) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.12 via Frontend Transport; Mon, 27 Feb 2023 08:44:35 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:44:30 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 10/11] KVM: x86: add support for delayed virtual NMI injection interface Date: Mon, 27 Feb 2023 14:10:15 +0530 Message-ID: <20230227084016.3368-11-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT073:EE_|CH3PR12MB7524:EE_ X-MS-Office365-Filtering-Correlation-Id: d4f7ff13-1758-4259-bc83-08db189eda78 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: CLy/Aqv8yVPtnCI7RB6OIwH9SjB652R5H+KHlP73AkMdtgDNCyf3PYx+f/nh+HpjLE+y1OEFNavbBxb+Tw56hp9h0dUWzvZRQOHXvC0g7jOuKXMHOBRSQosc53m59QQkD4y50TWMaVpugAAMf+rIRcmeVzc/byUyGv83394hCtU1gqbkGkf0cWiMKxb2N914SaYim/9H7g8oeQ5Zdx8mIaUUus1iB8NiePikarKwbeF1AxzXW79oKxa8sNWcyaMzPOXmRJu7Tc45M/6US2ZyR6bOwxLrTf0T0GTpR7DOW0L4khv1SKCWgnWfOAeWUgIw65NkwORGPQoQfl8E70rY/hMlD8afQLZohSOZhGCzt7fnjKgbq4/E4SFPVPxCKkHPfGUw/96xAZKUIxoJc/cxANkUSRX2/rRb4Dxuj2jENravMHWjoLndX/KxRHA7RgDnE0tHyJqkny18FUIPlKwDeqadJxuag3RZ9qYaQADhOAm8wtETmZ90b4Om/36pW4vIiZMi5Z+vcqXX5ABMbH0MD/1JGdc4U5YsxvJXCFkV9Y+0ZCqbAfLyXULkfbGjnVf14OMTem9z8t4/WY4mCuMekxWAm57EDb0Tz06XeqIWfd6/f8oI+SG6ibOoUEaltPot86ITHXT2DrMT3R8WClsOYkZQghlqX+QAfA1kZaTDnNtlaqh2YMlOqKgN6HzBVNB5TipJxbL7/8Rk+BFh6yoQ5TdmfzRGTuOUR93lfpwZ5Cs= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(396003)(346002)(136003)(39860400002)(451199018)(46966006)(36840700001)(40470700004)(26005)(186003)(16526019)(1076003)(6666004)(82310400005)(36860700001)(426003)(47076005)(83380400001)(356005)(40460700003)(86362001)(40480700001)(82740400003)(36756003)(81166007)(2616005)(336012)(41300700001)(70206006)(70586007)(4326008)(8676002)(44832011)(2906002)(8936002)(30864003)(5660300002)(966005)(7696005)(110136005)(316002)(54906003)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:44:35.1833 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d4f7ff13-1758-4259-bc83-08db189eda78 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT073.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7524 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Introducing two new vendor callbacks so to support virtual NMI injection example vNMI feature for SVM. - kvm_x86_is_vnmi_pending() - kvm_x86_set_vnmi_pending() Using those callbacks the KVM can take advantage of the hardware's accelerated delayed NMI delivery (currently vNMI on SVM). Once NMI is set to pending via this interface, it is assumed that the hardware will deliver the NMI on its own to the guest once all the x86 conditions for the NMI delivery are met. Note that the 'kvm_x86_set_vnmi_pending()' callback is allowed to fail, in which case a normal NMI injection will be attempted when NMI can be delivered (possibly by using a NMI window). With vNMI that can happen either if vNMI is already pending or if a nested guest is running. When the vNMI injection fails due to the 'vNMI is already pending' condition, the new NMI will be dropped unless the new NMI can be injected immediately, so no NMI window will be requested. Use '.kvm_x86_set_hw_nmi_pending' method to inject the pending NMIs for AMD's VNMI feature. Note that vNMI doesn't need nmi_window_existing feature to pend the new virtual NMI and that KVM will now be able to detect with flag (KVM_VCPUEVENT_VALID_NMI_PENDING) and pend the new NMI by raising KVM_REQ_NMI event. Signed-off-by: Santosh Shukla Co-developed-by: Maxim Levitsky Signed-off-by: Maxim Levitsky --- v3: - Fixed SOB - Merged V_NMI implementation with x86_ops delayed NMI API proposal for better readablity. - Added early WARN_ON for VNMI case in svm_enable_nmi_window. - Indentation and style fixes per v2 comment. - Removed `svm->nmi_masked` check from svm_enable_nmi_window and replaced with svm_get_nmi_mask(). - Note that I am keeping kvm_get_total_nmi_pending() logic like v2.. since `events->nmi.pending` is u8 not a boolean. https://lore.kernel.org/all/Y9mwz%2FG6+G8NSX3+@google.com/ arch/x86/include/asm/kvm-x86-ops.h | 2 + arch/x86/include/asm/kvm_host.h | 11 ++- arch/x86/kvm/svm/svm.c | 113 +++++++++++++++++++++++------ arch/x86/kvm/svm/svm.h | 22 ++++++ arch/x86/kvm/x86.c | 26 ++++++- 5 files changed, 147 insertions(+), 27 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 8dc345cc6318..092ef2398857 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -68,6 +68,8 @@ KVM_X86_OP(get_interrupt_shadow) KVM_X86_OP(patch_hypercall) KVM_X86_OP(inject_irq) KVM_X86_OP(inject_nmi) +KVM_X86_OP_OPTIONAL_RET0(is_vnmi_pending) +KVM_X86_OP_OPTIONAL_RET0(set_vnmi_pending) KVM_X86_OP(inject_exception) KVM_X86_OP(cancel_injection) KVM_X86_OP(interrupt_allowed) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 792a6037047a..f8a44c6c8633 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -878,7 +878,11 @@ struct kvm_vcpu_arch { u64 tsc_scaling_ratio; /* current scaling ratio */ atomic_t nmi_queued; /* unprocessed asynchronous NMIs */ - unsigned nmi_pending; /* NMI queued after currently running handler */ + /* + * NMI queued after currently running handler + * (not including a hardware pending NMI (e.g vNMI)) + */ + unsigned int nmi_pending; bool nmi_injected; /* Trying to inject an NMI this entry */ bool smi_pending; /* SMI queued after currently running handler */ u8 handling_intr_from_guest; @@ -1640,6 +1644,10 @@ struct kvm_x86_ops { int (*nmi_allowed)(struct kvm_vcpu *vcpu, bool for_injection); bool (*get_nmi_mask)(struct kvm_vcpu *vcpu); void (*set_nmi_mask)(struct kvm_vcpu *vcpu, bool masked); + /* returns true, if a NMI is pending injection on hardware level (e.g vNMI) */ + bool (*is_vnmi_pending)(struct kvm_vcpu *vcpu); + /* attempts make a NMI pending via hardware interface (e.g vNMI) */ + bool (*set_vnmi_pending)(struct kvm_vcpu *vcpu); void (*enable_nmi_window)(struct kvm_vcpu *vcpu); void (*enable_irq_window)(struct kvm_vcpu *vcpu); void (*update_cr8_intercept)(struct kvm_vcpu *vcpu, int tpr, int irr); @@ -2004,6 +2012,7 @@ int kvm_pic_set_irq(struct kvm_pic *pic, int irq, int irq_source_id, int level); void kvm_pic_clear_all(struct kvm_pic *pic, int irq_source_id); void kvm_inject_nmi(struct kvm_vcpu *vcpu); +int kvm_get_total_nmi_pending(struct kvm_vcpu *vcpu); void kvm_update_dr7(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index da936723e8ca..84d9d2566629 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -230,6 +230,8 @@ module_param(dump_invalid_vmcb, bool, 0644); bool intercept_smi = true; module_param(intercept_smi, bool, 0444); +bool vnmi = true; +module_param(vnmi, bool, 0444); static bool svm_gp_erratum_intercept = true; @@ -1311,6 +1313,9 @@ static void init_vmcb(struct kvm_vcpu *vcpu) if (kvm_vcpu_apicv_active(vcpu)) avic_init_vmcb(svm, vmcb); + if (vnmi) + svm->vmcb->control.int_ctl |= V_NMI_ENABLE_MASK; + if (vgif) { svm_clr_intercept(svm, INTERCEPT_STGI); svm_clr_intercept(svm, INTERCEPT_CLGI); @@ -3508,6 +3513,38 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu) ++vcpu->stat.nmi_injections; } +static bool svm_is_vnmi_pending(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (!is_vnmi_enabled(svm)) + return false; + + return !!(svm->vmcb->control.int_ctl & V_NMI_BLOCKING_MASK); +} + +static bool svm_set_vnmi_pending(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (!is_vnmi_enabled(svm)) + return false; + + if (svm->vmcb->control.int_ctl & V_NMI_PENDING_MASK) + return false; + + svm->vmcb->control.int_ctl |= V_NMI_PENDING_MASK; + vmcb_mark_dirty(svm->vmcb, VMCB_INTR); + + /* + * NMI isn't yet technically injected but + * this rough estimation should be good enough + */ + ++vcpu->stat.nmi_injections; + + return true; +} + static void svm_inject_irq(struct kvm_vcpu *vcpu, bool reinjected) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3603,6 +3640,35 @@ static void svm_update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr) svm_set_intercept(svm, INTERCEPT_CR8_WRITE); } +static bool svm_get_nmi_mask(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (is_vnmi_enabled(svm)) + return svm->vmcb->control.int_ctl & V_NMI_BLOCKING_MASK; + else + return svm->nmi_masked; +} + +static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + if (is_vnmi_enabled(svm)) { + if (masked) + svm->vmcb->control.int_ctl |= V_NMI_BLOCKING_MASK; + else + svm->vmcb->control.int_ctl &= ~V_NMI_BLOCKING_MASK; + + } else { + svm->nmi_masked = masked; + if (masked) + svm_set_iret_intercept(svm); + else + svm_clr_iret_intercept(svm); + } +} + bool svm_nmi_blocked(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3614,8 +3680,10 @@ bool svm_nmi_blocked(struct kvm_vcpu *vcpu) if (is_guest_mode(vcpu) && nested_exit_on_nmi(svm)) return false; - return (vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK) || - svm->nmi_masked; + if (svm_get_nmi_mask(vcpu)) + return true; + + return vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK; } static int svm_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection) @@ -3633,24 +3701,6 @@ static int svm_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection) return 1; } -static bool svm_get_nmi_mask(struct kvm_vcpu *vcpu) -{ - return to_svm(vcpu)->nmi_masked; -} - -static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked) -{ - struct vcpu_svm *svm = to_svm(vcpu); - - if (masked) { - svm->nmi_masked = true; - svm_set_iret_intercept(svm); - } else { - svm->nmi_masked = false; - svm_clr_iret_intercept(svm); - } -} - bool svm_interrupt_blocked(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3731,7 +3781,14 @@ static void svm_enable_nmi_window(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); - if (svm->nmi_masked && !svm->awaiting_iret_completion) + /* + * NMI window not needed with vNMI enabled + * and if reached here then better WARN and + * continue to single step. + */ + WARN_ON_ONCE(is_vnmi_enabled(svm)); + + if (svm_get_nmi_mask(vcpu) && !svm->awaiting_iret_completion) return; /* IRET will cause a vm exit */ if (!gif_set(svm)) { @@ -3745,8 +3802,8 @@ static void svm_enable_nmi_window(struct kvm_vcpu *vcpu) * problem (IRET or exception injection or interrupt shadow) */ svm->nmi_singlestep_guest_rflags = svm_get_rflags(vcpu); - svm->nmi_singlestep = true; svm->vmcb->save.rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF); + svm->nmi_singlestep = true; } static void svm_flush_tlb_current(struct kvm_vcpu *vcpu) @@ -4780,6 +4837,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .patch_hypercall = svm_patch_hypercall, .inject_irq = svm_inject_irq, .inject_nmi = svm_inject_nmi, + .is_vnmi_pending = svm_is_vnmi_pending, + .set_vnmi_pending = svm_set_vnmi_pending, .inject_exception = svm_inject_exception, .cancel_injection = svm_cancel_injection, .interrupt_allowed = svm_interrupt_allowed, @@ -5070,6 +5129,16 @@ static __init int svm_hardware_setup(void) pr_info("Virtual GIF supported\n"); } + vnmi = vgif && vnmi && boot_cpu_has(X86_FEATURE_AMD_VNMI); + if (vnmi) + pr_info("Virtual NMI enabled\n"); + + if (!vnmi) { + svm_x86_ops.is_vnmi_pending = NULL; + svm_x86_ops.set_vnmi_pending = NULL; + } + + if (lbrv) { if (!boot_cpu_has(X86_FEATURE_LBRV)) lbrv = false; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 839809972da1..fb48c347bbe0 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -36,6 +36,7 @@ extern bool npt_enabled; extern int vgif; extern bool intercept_smi; extern bool x2avic_enabled; +extern bool vnmi; /* * Clean bits in VMCB. @@ -548,6 +549,27 @@ static inline bool is_x2apic_msrpm_offset(u32 offset) (msr < (APIC_BASE_MSR + 0x100)); } +static inline struct vmcb *get_vnmi_vmcb_l1(struct vcpu_svm *svm) +{ + if (!vnmi) + return NULL; + + if (is_guest_mode(&svm->vcpu)) + return NULL; + else + return svm->vmcb01.ptr; +} + +static inline bool is_vnmi_enabled(struct vcpu_svm *svm) +{ + struct vmcb *vmcb = get_vnmi_vmcb_l1(svm); + + if (vmcb) + return !!(vmcb->control.int_ctl & V_NMI_ENABLE_MASK); + else + return false; +} + /* svm.c */ #define MSR_INVALID 0xffffffffU diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index b22074f467e0..b5354249fe00 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5113,7 +5113,7 @@ static void kvm_vcpu_ioctl_x86_get_vcpu_events(struct kvm_vcpu *vcpu, events->interrupt.shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu); events->nmi.injected = vcpu->arch.nmi_injected; - events->nmi.pending = vcpu->arch.nmi_pending; + events->nmi.pending = kvm_get_total_nmi_pending(vcpu); events->nmi.masked = static_call(kvm_x86_get_nmi_mask)(vcpu); /* events->sipi_vector is never valid when reporting to user space */ @@ -5201,9 +5201,9 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, vcpu->arch.nmi_injected = events->nmi.injected; if (events->flags & KVM_VCPUEVENT_VALID_NMI_PENDING) { - vcpu->arch.nmi_pending = events->nmi.pending; - if (vcpu->arch.nmi_pending) - kvm_make_request(KVM_REQ_NMI, vcpu); + vcpu->arch.nmi_pending = 0; + atomic_set(&vcpu->arch.nmi_queued, events->nmi.pending); + kvm_make_request(KVM_REQ_NMI, vcpu); } static_call(kvm_x86_set_nmi_mask)(vcpu, events->nmi.masked); @@ -10156,13 +10156,31 @@ static void process_nmi(struct kvm_vcpu *vcpu) else limit = 2; + /* + * Adjust the limit to account for pending virtual NMIs, which aren't + * tracked in vcpu->arch.nmi_pending. + */ + if (static_call(kvm_x86_is_vnmi_pending)(vcpu)) + limit--; + vcpu->arch.nmi_pending += atomic_xchg(&vcpu->arch.nmi_queued, 0); vcpu->arch.nmi_pending = min(vcpu->arch.nmi_pending, limit); + if (vcpu->arch.nmi_pending && + (static_call(kvm_x86_set_vnmi_pending)(vcpu))) + vcpu->arch.nmi_pending--; + if (vcpu->arch.nmi_pending) kvm_make_request(KVM_REQ_EVENT, vcpu); } +/* Return total number of NMIs pending injection to the VM */ +int kvm_get_total_nmi_pending(struct kvm_vcpu *vcpu) +{ + return vcpu->arch.nmi_pending + static_call(kvm_x86_is_vnmi_pending)(vcpu); +} + + void kvm_make_scan_ioapic_request_mask(struct kvm *kvm, unsigned long *vcpu_bitmap) { From patchwork Mon Feb 27 08:40:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Shukla, Santosh" X-Patchwork-Id: 13153107 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2831EC64ED8 for ; Mon, 27 Feb 2023 09:02:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229759AbjB0JCe (ORCPT ); Mon, 27 Feb 2023 04:02:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60250 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229547AbjB0JCR (ORCPT ); Mon, 27 Feb 2023 04:02:17 -0500 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2077.outbound.protection.outlook.com [40.107.93.77]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C4AB136C9; Mon, 27 Feb 2023 00:52:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cpk9RetzQDWPus5jbn3ZDjfUzZv3WThTVCWe0Y5RQAY6htTwelodGAeefoseHiJC7MyUDIqap3XbRf+W7iwWYaCqn9Fy18nT6mVBHkV3yZ/h0w06nSYt4YJBZyYB8j9tzRT21mwVdz4VKRzHQhn/WPyfoPKJPywQW19PywK/2wNcXq/IN5s7Mabzz7KSoRjrHnvYC+tyIANhCT1ZT1U7ahjx+omNWCXkIVZzwKR1t5YzFnccWmdXRsgllkife2MwQAx/P6DnPZbfIyxfB++5kANoPuIQ9t+RRBbGdN7evkH5yrqdFkkscW4ld+jVuQqp25nCHSzPs8B6m/F8ZvFyqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9u4xVXYBKQLka0SdRLlVEKG9tVqHgP9QE+7II39nWow=; b=QV3TuCAajaRvRpVViaiuXtxpPvtXPRibmhAyesDUZwt9VUzhR8V1ER6gpYdMeEDmCpjI0zxdL1xdoR2QQXr9Ki10udf2iP76+BbqHGa7fS4ydxZM7zF1bNCrTXt18hROJI2wAhbo05iwOqHwFHFw88mtrZvPF0BkZkY1YIRXys53f/+sivfNFoxza/7YoWL4hxUoJPnuilkj2LmcV1/U6ydCFKnSE1/fdgYaC5qAdj68Ix+rtpBnWR2HSC0NciwDsKE4poI5XFLaT9YwDB3dsr1jfvECoJ0CNkDsuSAk3CP95j75AZrJLDQdHYNYVzVZClv6+u6eEXU8KLIC5tq9nA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9u4xVXYBKQLka0SdRLlVEKG9tVqHgP9QE+7II39nWow=; b=NnpgHqYu/fg7Ie4soZ9jNyNeuq8GrYWN07EusPd3ETWh7cfxuH7j081Ws0nelo5DhVW8zXbCFdV8PWH5bFTPD7wLJOfE4vNXgMg+lb+RaLnTge0FbdmHJFnqG4Se1B9ry/3jZ0hsE1xBf6wPZsiiGbcQIAuf/t48E/LdOmktSFA= Received: from BN9PR03CA0345.namprd03.prod.outlook.com (2603:10b6:408:f6::20) by PH0PR12MB8049.namprd12.prod.outlook.com (2603:10b6:510:28f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.28; Mon, 27 Feb 2023 08:44:54 +0000 Received: from BN8NAM11FT106.eop-nam11.prod.protection.outlook.com (2603:10b6:408:f6:cafe::f8) by BN9PR03CA0345.outlook.office365.com (2603:10b6:408:f6::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.29 via Frontend Transport; Mon, 27 Feb 2023 08:44:53 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT106.mail.protection.outlook.com (10.13.177.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6156.16 via Frontend Transport; Mon, 27 Feb 2023 08:44:53 +0000 Received: from BLR-L-SASHUKLA.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 27 Feb 2023 02:44:49 -0600 From: Santosh Shukla To: , CC: , , , , , , , Subject: [PATCHv4 11/11] KVM: nSVM: implement support for nested VNMI Date: Mon, 27 Feb 2023 14:10:16 +0530 Message-ID: <20230227084016.3368-12-santosh.shukla@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230227084016.3368-1-santosh.shukla@amd.com> References: <20230227084016.3368-1-santosh.shukla@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT106:EE_|PH0PR12MB8049:EE_ X-MS-Office365-Filtering-Correlation-Id: ec6c12ee-b1a5-49a2-8ea8-08db189ee563 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: H+IFMJ8QfL3+iTrwpywyAFdYE8PDo3qyHOqAuldFXiiEquO/117RfqRYPgfjtqL0IPyTEm+DnLUaY+OlVEYDCDJeuqJVsRymGu7pFALT6sT3DSeipyL2QQEJm2fWWcaamT8zl5maAL/HRJiAmR5h9VvYAJ8xV+u7vFbxYVVPAHePqWRQWVjwMThyPCDHNnTQprK989bBxeF4p7mD1AnjIcEMFrRf+SoO+nDgJhb+wVqXxWWGK0Sa/UeawhCyWnv3qT8OI3161K9CRliyKPfd3q15FNA7s2J/u8A1NXlgBZbUV23EpMgHZuUUSiWlAvJ5vOwkOufsUYDFk2XVDIsC19dvXEzVz7hM7OgqGJOTBUvGmtp2+ahHyqFVisFYbK2w2I1U+MeePgYnuSXS4vc0FsOIB3eHj4nITPsK99QzS+K8uDv9k5ha9SNcuODcFSNpNdlNCaRkPgRSvwvQajiul58U62MDT1XfqjHGgTUkIFHnGfvWk5vQ6HUSHINan9RDvb/G0sBtMuG2b2QcTM5nKu5zNh5egOUnh+SXm7B3sRBQyIjozJjHHOax6eQLKICAfcwdtzvBGqoJ3FpTgKkVozcd/f+EG+qNk28ck/pGRLKdpgFmRsF9fVuQXKmv31F7zTgKvyk8M43TA8DasKeXJ/pfddSJZwIwyNoYZRwBMGdztKgM2mi3nfgJB1uFunc2w37mmyQLmgsn+Y3QBhA4dtqBHa9z+uusvncsvKAwF7Y= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(396003)(39860400002)(136003)(346002)(376002)(451199018)(46966006)(40470700004)(36840700001)(40460700003)(16526019)(186003)(81166007)(82740400003)(83380400001)(356005)(8936002)(4326008)(70586007)(70206006)(41300700001)(2906002)(8676002)(36860700001)(5660300002)(7696005)(40480700001)(44832011)(478600001)(47076005)(1076003)(426003)(26005)(336012)(6666004)(966005)(2616005)(316002)(110136005)(36756003)(82310400005)(86362001)(54906003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2023 08:44:53.4994 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ec6c12ee-b1a5-49a2-8ea8-08db189ee563 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT106.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB8049 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Allows L1 to use vNMI to accelerate its injection of NMI to L2 by passing through vNMI int_ctl bits from vmcb12 to/from vmcb02. In case of L1 and L2 both using VNMI- Copy VNMI bits from vmcb12 to vmcb02 during entry and vice-versa during exit. And in case of L1 uses VNMI and L2 doesn't- Copy VNMI bits from vmcb01 to vmcb02 during entry and vice-versa during exit. Tested with the KVM-unit-test and Nested Guest scenario. Co-developed-by: Maxim Levitsky Signed-off-by: Maxim Levitsky Signed-off-by: Santosh Shukla --- v3: - Fix identiation and style issue. - Fix SOB - Removed `svm->nmi_masked` var use for nested svm case. - Reworded the commit description. https://lore.kernel.org/all/Y9m15P8xQ2dxvIzd@google.com/ arch/x86/kvm/svm/nested.c | 33 +++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 5 +++++ arch/x86/kvm/svm/svm.h | 6 ++++++ 3 files changed, 44 insertions(+) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 74e9e9e76d77..b018fe2fdf88 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -281,6 +281,11 @@ static bool __nested_vmcb_check_controls(struct kvm_vcpu *vcpu, if (CC(!nested_svm_check_tlb_ctl(vcpu, control->tlb_ctl))) return false; + if (CC((control->int_ctl & V_NMI_ENABLE_MASK) && + !vmcb12_is_intercept(control, INTERCEPT_NMI))) { + return false; + } + return true; } @@ -436,6 +441,9 @@ void nested_sync_control_from_vmcb02(struct vcpu_svm *svm) if (nested_vgif_enabled(svm)) mask |= V_GIF_MASK; + if (nested_vnmi_enabled(svm)) + mask |= V_NMI_BLOCKING_MASK | V_NMI_PENDING_MASK; + svm->nested.ctl.int_ctl &= ~mask; svm->nested.ctl.int_ctl |= svm->vmcb->control.int_ctl & mask; } @@ -655,6 +663,17 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, else int_ctl_vmcb01_bits |= (V_GIF_MASK | V_GIF_ENABLE_MASK); + if (vnmi) { + if (vmcb01->control.int_ctl & V_NMI_PENDING_MASK) { + svm->vcpu.arch.nmi_pending++; + kvm_make_request(KVM_REQ_EVENT, &svm->vcpu); + } + if (nested_vnmi_enabled(svm)) + int_ctl_vmcb12_bits |= (V_NMI_PENDING_MASK | + V_NMI_ENABLE_MASK | + V_NMI_BLOCKING_MASK); + } + /* Copied from vmcb01. msrpm_base can be overwritten later. */ vmcb02->control.nested_ctl = vmcb01->control.nested_ctl; vmcb02->control.iopm_base_pa = vmcb01->control.iopm_base_pa; @@ -1058,6 +1077,20 @@ int nested_svm_vmexit(struct vcpu_svm *svm) svm_update_lbrv(vcpu); } + if (vnmi) { + if (vmcb02->control.int_ctl & V_NMI_BLOCKING_MASK) + vmcb01->control.int_ctl |= V_NMI_BLOCKING_MASK; + else + vmcb01->control.int_ctl &= ~V_NMI_BLOCKING_MASK; + + if (vcpu->arch.nmi_pending) { + vcpu->arch.nmi_pending--; + vmcb01->control.int_ctl |= V_NMI_PENDING_MASK; + } else + vmcb01->control.int_ctl &= ~V_NMI_PENDING_MASK; + + } + /* * On vmexit the GIF is set to false and * no event can be injected in L1. diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 84d9d2566629..08b7856e2da2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4226,6 +4226,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) svm->vgif_enabled = vgif && guest_cpuid_has(vcpu, X86_FEATURE_VGIF); + svm->vnmi_enabled = vnmi && guest_cpuid_has(vcpu, X86_FEATURE_AMD_VNMI); + svm_recalc_instruction_intercepts(vcpu, svm); /* For sev guests, the memory encryption bit is not reserved in CR3. */ @@ -4981,6 +4983,9 @@ static __init void svm_set_cpu_caps(void) if (vgif) kvm_cpu_cap_set(X86_FEATURE_VGIF); + if (vnmi) + kvm_cpu_cap_set(X86_FEATURE_AMD_VNMI); + /* Nested VM can receive #VMEXIT instead of triggering #GP */ kvm_cpu_cap_set(X86_FEATURE_SVME_ADDR_CHK); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index fb48c347bbe0..e229eadbf1ce 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -266,6 +266,7 @@ struct vcpu_svm { bool pause_filter_enabled : 1; bool pause_threshold_enabled : 1; bool vgif_enabled : 1; + bool vnmi_enabled : 1; u32 ldr_reg; u32 dfr_reg; @@ -540,6 +541,11 @@ static inline bool nested_npt_enabled(struct vcpu_svm *svm) return svm->nested.ctl.nested_ctl & SVM_NESTED_CTL_NP_ENABLE; } +static inline bool nested_vnmi_enabled(struct vcpu_svm *svm) +{ + return svm->vnmi_enabled && (svm->nested.ctl.int_ctl & V_NMI_ENABLE_MASK); +} + static inline bool is_x2apic_msrpm_offset(u32 offset) { /* 4 msrs per u8, and 4 u8 in u32 */