nested vmx: enable secondary processor-based VM-Execution controls

author Dongxiao Xu <dongxiao.xu@intel.com>

Fri, 30 Nov 2012 09:23:22 +0000 (09:23 +0000)

committer Dongxiao Xu <dongxiao.xu@intel.com>

Fri, 30 Nov 2012 09:23:22 +0000 (09:23 +0000)
author Dongxiao Xu <dongxiao.xu@intel.com>
Fri, 30 Nov 2012 09:23:22 +0000 (09:23 +0000)
committer Dongxiao Xu <dongxiao.xu@intel.com>
Fri, 30 Nov 2012 09:23:22 +0000 (09:23 +0000)
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c

index 00ca124ddd52b2ec9945428ea727cf9d6af0dbf3..3bb0d99a4b6335f490f323aa9a2dce96add60aeb 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -344,7 +344,7 @@ void vmx_update_cpu_exec_control(struct vcpu *v)
          __vmwrite(CPU_BASED_VM_EXEC_CONTROL, v->arch.hvm_vmx.exec_control);
  }
  
-static void vmx_update_secondary_exec_control(struct vcpu *v)
+void vmx_update_secondary_exec_control(struct vcpu *v)
  {
      if ( nestedhvm_vcpu_in_guestmode(v) )
          nvmx_update_secondary_exec_control(v,
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen/arch/x86/hvm/vmx/vvmx.c

index 8f75bf44cf591f7e8dde6db2d27825ed35f2b466..14a3d62e5531e777e88ed4efc8874ecb172b81d9 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -244,6 +244,17 @@ static inline u32 __n2_exec_control(struct vcpu *v)
      return __get_vvmcs(nvcpu->nv_vvmcx, CPU_BASED_VM_EXEC_CONTROL);
  }
  
+static inline u32 __n2_secondary_exec_control(struct vcpu *v)
+{
+    struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
+    u64 second_ctrl = 0;
+
+    if ( __n2_exec_control(v) & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS )
+        second_ctrl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL);
+
+    return second_ctrl;
+}
+
  static int vmx_inst_check_privilege(struct cpu_user_regs *regs, int vmxop_check)
  {
      struct vcpu *v = current;
@@ -454,7 +465,6 @@ void nvmx_update_exec_control(struct vcpu *v, u32 host_cntrl)
      /* Enforce the removed features */
      shadow_cntrl &= ~(CPU_BASED_TPR_SHADOW
                        | CPU_BASED_ACTIVATE_MSR_BITMAP
-                      | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS
                        | CPU_BASED_ACTIVATE_IO_BITMAP
                        | CPU_BASED_UNCOND_IO_EXITING);
      shadow_cntrl |= host_cntrl;
@@ -487,7 +497,12 @@ void nvmx_update_exec_control(struct vcpu *v, u32 host_cntrl)
  void nvmx_update_secondary_exec_control(struct vcpu *v,
                                              unsigned long value)
  {
-    set_shadow_control(v, SECONDARY_VM_EXEC_CONTROL, value);
+    u32 shadow_cntrl;
+    struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
+
+    shadow_cntrl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL);
+    shadow_cntrl |= value;
+    set_shadow_control(v, SECONDARY_VM_EXEC_CONTROL, shadow_cntrl);
  }
  
  static void nvmx_update_pin_control(struct vcpu *v, unsigned long host_cntrl)
@@ -714,6 +729,7 @@ static void load_shadow_control(struct vcpu *v)
       */
      nvmx_update_pin_control(v, vmx_pin_based_exec_control);
      vmx_update_cpu_exec_control(v);
+    vmx_update_secondary_exec_control(v);
      nvmx_update_exit_control(v, vmx_vmexit_control);
      nvmx_update_entry_control(v);
      vmx_update_exception_bitmap(v);
@@ -923,6 +939,7 @@ static void virtual_vmexit(struct cpu_user_regs *regs)
          v->arch.hvm_vcpu.guest_efer &= ~(EFER_LMA | EFER_LME);
  
      vmx_update_cpu_exec_control(v);
+    vmx_update_secondary_exec_control(v);
      vmx_update_exception_bitmap(v);
  
      load_vvmcs_host_state(v);
@@ -1274,12 +1291,20 @@ int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content)
                 CPU_BASED_UNCOND_IO_EXITING |
                 CPU_BASED_RDTSC_EXITING |
                 CPU_BASED_MONITOR_TRAP_FLAG |
-               CPU_BASED_VIRTUAL_NMI_PENDING;
+               CPU_BASED_VIRTUAL_NMI_PENDING |
+               CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
          /* bit 1, 4-6,8,13-16,26 must be 1 (refer G4 of SDM) */
          tmp = ( (1<<26) | (0xf << 13) | 0x100 | (0x7 << 4) | 0x2);
          /* 0-settings */
          data = ((data | tmp) << 32) | (tmp);
          break;
+    case MSR_IA32_VMX_PROCBASED_CTLS2:
+        /* 1-seetings */
+        data = 0;
+        /* 0-settings */
+        tmp = 0;
+        data = (data << 32) | tmp;
+        break;
      case MSR_IA32_VMX_EXIT_CTLS:
          /* 1-seetings */
          /* bit 0-8, 10,11,13,14,16,17 must be 1 (refer G4 of SDM) */
diff --git a/xen/include/asm-x86/hvm/vmx/vmx.h b/xen/include/asm-x86/hvm/vmx/vmx.h

index edde077c1db6ea299ae8b730918efc93379596cb..c4c2fe8b0cb1e78b47778a4a604aee02cdd221c9 100644 (file)
--- a/xen/include/asm-x86/hvm/vmx/vmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vmx.h
@@ -70,6 +70,7 @@ void vmx_realmode(struct cpu_user_regs *regs);
  void vmx_update_debug_state(struct vcpu *v);
  void vmx_update_exception_bitmap(struct vcpu *v);
  void vmx_update_cpu_exec_control(struct vcpu *v);
+void vmx_update_secondary_exec_control(struct vcpu *v);
  
  
  /*
author	Dongxiao Xu <dongxiao.xu@intel.com>
	Fri, 30 Nov 2012 09:23:22 +0000 (09:23 +0000)
committer	Dongxiao Xu <dongxiao.xu@intel.com>
	Fri, 30 Nov 2012 09:23:22 +0000 (09:23 +0000)
xen/arch/x86/hvm/vmx/vmx.c		patch \| blob \| history
xen/arch/x86/hvm/vmx/vvmx.c		patch \| blob \| history
xen/include/asm-x86/hvm/vmx/vmx.h		patch \| blob \| history