hvm vmx: Support 'virtual NMI' feature of VMX.

author kfraser@localhost.localdomain <kfraser@localhost.localdomain>

Tue, 3 Jul 2007 17:46:00 +0000 (18:46 +0100)

committer kfraser@localhost.localdomain <kfraser@localhost.localdomain>

Tue, 3 Jul 2007 17:46:00 +0000 (18:46 +0100)
author kfraser@localhost.localdomain <kfraser@localhost.localdomain>
Tue, 3 Jul 2007 17:46:00 +0000 (18:46 +0100)
committer kfraser@localhost.localdomain <kfraser@localhost.localdomain>
Tue, 3 Jul 2007 17:46:00 +0000 (18:46 +0100)
diff --git a/xen/arch/x86/hvm/vmx/intr.c b/xen/arch/x86/hvm/vmx/intr.c

index 359960d3504a1a59e23d62b8698623a67e83a183..f1265219c7fb9986bdeae05c67dbe200a7e3fcc9 100644 (file)
--- a/xen/arch/x86/hvm/vmx/intr.c
+++ b/xen/arch/x86/hvm/vmx/intr.c
@@ -71,13 +71,38 @@
   * the effect is cleared. (i.e., MOV-SS-blocking 'dominates' STI-blocking).
   */
  
-static void enable_irq_window(struct vcpu *v)
+static void enable_intr_window(struct vcpu *v, enum hvm_intack intr_source)
  {
-    u32  *cpu_exec_control = &v->arch.hvm_vcpu.u.vmx.exec_control;
-    
-    if ( !(*cpu_exec_control & CPU_BASED_VIRTUAL_INTR_PENDING) )
+    u32 *cpu_exec_control = &v->arch.hvm_vcpu.u.vmx.exec_control;
+    u32 ctl = CPU_BASED_VIRTUAL_INTR_PENDING;
+
+    if ( unlikely(intr_source == hvm_intack_none) )
+        return;
+
+    if ( unlikely(intr_source == hvm_intack_nmi) && cpu_has_vmx_vnmi )
      {
-        *cpu_exec_control |= CPU_BASED_VIRTUAL_INTR_PENDING;
+        /*
+         * We set MOV-SS blocking in lieu of STI blocking when delivering an
+         * NMI. This is because it is processor-specific whether STI-blocking
+         * blocks NMIs. Hence we *must* check for STI-blocking on NMI delivery
+         * (otherwise vmentry will fail on processors that check for STI-
+         * blocking) but if the processor does not check for STI-blocking then
+         * we may immediately vmexit and hance make no progress!
+         * (see SDM 3B 21.3, "Other Causes of VM Exits").
+         */
+        u32 intr_shadow = __vmread(GUEST_INTERRUPTIBILITY_INFO);
+        if ( intr_shadow & VMX_INTR_SHADOW_STI )
+        {
+            /* Having both STI-blocking and MOV-SS-blocking fails vmentry. */
+            intr_shadow &= ~VMX_INTR_SHADOW_STI;
+            intr_shadow |= VMX_INTR_SHADOW_MOV_SS;
+        }
+        ctl = CPU_BASED_VIRTUAL_NMI_PENDING;
+    }
+
+    if ( !(*cpu_exec_control & ctl) )
+    {
+        *cpu_exec_control |= ctl;
          __vmwrite(CPU_BASED_VM_EXEC_CONTROL, *cpu_exec_control);
      }
  }
@@ -120,8 +145,7 @@ asmlinkage void vmx_intr_assist(void)
          if ( unlikely(v->arch.hvm_vmx.vector_injected) )
          {
              v->arch.hvm_vmx.vector_injected = 0;
-            if ( unlikely(intr_source != hvm_intack_none) )
-                enable_irq_window(v);
+            enable_intr_window(v, intr_source);
              return;
          }
  
@@ -129,7 +153,9 @@ asmlinkage void vmx_intr_assist(void)
          idtv_info_field = __vmread(IDT_VECTORING_INFO_FIELD);
          if ( unlikely(idtv_info_field & INTR_INFO_VALID_MASK) )
          {
-            __vmwrite(VM_ENTRY_INTR_INFO_FIELD, idtv_info_field);
+            /* See SDM 3B 25.7.1.1 and .2 for info about masking resvd bits. */
+            __vmwrite(VM_ENTRY_INTR_INFO_FIELD,
+                      idtv_info_field & ~INTR_INFO_RESVD_BITS_MASK);
  
              /*
               * Safe: the length will only be interpreted for software
@@ -143,8 +169,16 @@ asmlinkage void vmx_intr_assist(void)
              if ( unlikely(idtv_info_field & 0x800) ) /* valid error code */
                  __vmwrite(VM_ENTRY_EXCEPTION_ERROR_CODE,
                            __vmread(IDT_VECTORING_ERROR_CODE));
-            if ( unlikely(intr_source != hvm_intack_none) )
-                enable_irq_window(v);
+            enable_intr_window(v, intr_source);
+
+            /*
+             * Clear NMI-blocking interruptibility info if an NMI delivery
+             * faulted. Re-delivery will re-set it (see SDM 3B 25.7.1.2).
+             */
+            if ( (idtv_info_field&INTR_INFO_INTR_TYPE_MASK) == INTR_TYPE_NMI )
+                __vmwrite(GUEST_INTERRUPTIBILITY_INFO,
+                          __vmread(GUEST_INTERRUPTIBILITY_INFO) &
+                          ~VMX_INTR_SHADOW_NMI);
  
              HVM_DBG_LOG(DBG_LEVEL_1, "idtv_info_field=%x", idtv_info_field);
              return;
@@ -153,14 +187,9 @@ asmlinkage void vmx_intr_assist(void)
          if ( likely(intr_source == hvm_intack_none) )
              return;
  
-        /*
-         * TODO: Better NMI handling. Shouldn't wait for EFLAGS.IF==1, but
-         * should wait for exit from 'NMI blocking' window (NMI injection to
-         * next IRET). This requires us to use the new 'virtual NMI' support.
-         */
          if ( !hvm_interrupts_enabled(v, intr_source) )
          {
-            enable_irq_window(v);
+            enable_intr_window(v, intr_source);
              return;
          }
      } while ( !hvm_vcpu_ack_pending_irq(v, intr_source, &intr_vector) );
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c

index 263db6a0bf211ef4241986d5f684ae8eaadc49e2..40e9891e7542aecb60415a5489dfaee51ee5ace7 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -75,7 +75,7 @@ void vmx_init_vmcs_config(void)
  
      min = (PIN_BASED_EXT_INTR_MASK |
             PIN_BASED_NMI_EXITING);
-    opt = 0; /*PIN_BASED_VIRTUAL_NMIS*/
+    opt = PIN_BASED_VIRTUAL_NMIS;
      _vmx_pin_based_exec_control = adjust_vmx_controls(
          min, opt, MSR_IA32_VMX_PINBASED_CTLS);
  
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c

index b2a01e89acf24291b232d8e2c6c8d47d59fb4c95..50e757ac145d4898332aaeefa0260709e9721906 100644 (file)
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -1106,15 +1106,17 @@ static int vmx_interrupts_enabled(struct vcpu *v, enum hvm_intack type)
  
      ASSERT(v == current);
  
-    intr_shadow  = __vmread(GUEST_INTERRUPTIBILITY_INFO);
-    intr_shadow &= VMX_INTR_SHADOW_STI|VMX_INTR_SHADOW_MOV_SS;
+    intr_shadow = __vmread(GUEST_INTERRUPTIBILITY_INFO);
  
      if ( type == hvm_intack_nmi )
-        return !intr_shadow;
+        return !(intr_shadow & (VMX_INTR_SHADOW_STI|
+                                VMX_INTR_SHADOW_MOV_SS|
+                                VMX_INTR_SHADOW_NMI));
  
      ASSERT((type == hvm_intack_pic) || (type == hvm_intack_lapic));
      eflags = __vmread(GUEST_RFLAGS);
-    return !irq_masked(eflags) && !intr_shadow;
+    return (!irq_masked(eflags) &&
+            !(intr_shadow & (VMX_INTR_SHADOW_STI|VMX_INTR_SHADOW_MOV_SS)));
  }
  
  static void vmx_update_host_cr3(struct vcpu *v)
@@ -2911,6 +2913,17 @@ asmlinkage void vmx_vmexit_handler(struct cpu_user_regs *regs)
  
          vector = intr_info & INTR_INFO_VECTOR_MASK;
  
+        /*
+         * Re-set the NMI shadow if vmexit caused by a guest IRET fault (see 3B
+         * 25.7.1.2, "Resuming Guest Software after Handling an Exception").
+         * (NB. If we emulate this IRET for any reason, we should re-clear!)
+         */
+        if ( unlikely(intr_info & INTR_INFO_NMI_UNBLOCKED_BY_IRET) &&
+             !(__vmread(IDT_VECTORING_INFO_FIELD) & INTR_INFO_VALID_MASK) &&
+             (vector != TRAP_double_fault) )
+            __vmwrite(GUEST_INTERRUPTIBILITY_INFO,
+                    __vmread(GUEST_INTERRUPTIBILITY_INFO)|VMX_INTR_SHADOW_NMI);
+
          perfc_incra(cause_vector, vector);
  
          switch ( vector )
diff --git a/xen/include/asm-x86/hvm/vmx/vmcs.h b/xen/include/asm-x86/hvm/vmx/vmcs.h

index 25662f17494ec165bae6f22441ea07ba8741f89e..e4174e10b6d52a56016f1faeb2f678a174b74a5d 100644 (file)
--- a/xen/include/asm-x86/hvm/vmx/vmcs.h
+++ b/xen/include/asm-x86/hvm/vmx/vmcs.h
@@ -137,6 +137,8 @@ extern bool_t cpu_has_vmx_ins_outs_instr_info;
      (vmx_secondary_exec_control & SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)
  #define cpu_has_vmx_tpr_shadow \
      (vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW)
+#define cpu_has_vmx_vnmi \
+    (vmx_pin_based_exec_control & PIN_BASED_VIRTUAL_NMIS)
  #define cpu_has_vmx_msr_bitmap \
      (vmx_cpu_based_exec_control & CPU_BASED_ACTIVATE_MSR_BITMAP)
  extern char *vmx_msr_bitmap;
diff --git a/xen/include/asm-x86/hvm/vmx/vmx.h b/xen/include/asm-x86/hvm/vmx/vmx.h

index 157f7ba31a144a96607dd709084bbe0f2c246749..5e41cb243b0f38d1db0ceae037cbba6a5cc5d41c 100644 (file)
--- a/xen/include/asm-x86/hvm/vmx/vmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vmx.h
@@ -90,7 +90,9 @@ void vmx_vlapic_msr_changed(struct vcpu *v);
  #define INTR_INFO_VECTOR_MASK           0xff            /* 7:0 */
  #define INTR_INFO_INTR_TYPE_MASK        0x700           /* 10:8 */
  #define INTR_INFO_DELIVER_CODE_MASK     0x800           /* 11 */
+#define INTR_INFO_NMI_UNBLOCKED_BY_IRET 0x1000          /* 12 */
  #define INTR_INFO_VALID_MASK            0x80000000      /* 31 */
+#define INTR_INFO_RESVD_BITS_MASK       0x7ffff000
  
  #define INTR_TYPE_EXT_INTR              (0 << 8)    /* external interrupt */
  #define INTR_TYPE_NMI                   (2 << 8)    /* NMI                */
author	kfraser@localhost.localdomain <kfraser@localhost.localdomain>
	Tue, 3 Jul 2007 17:46:00 +0000 (18:46 +0100)
committer	kfraser@localhost.localdomain <kfraser@localhost.localdomain>
	Tue, 3 Jul 2007 17:46:00 +0000 (18:46 +0100)
xen/arch/x86/hvm/vmx/intr.c		patch \| blob \| history
xen/arch/x86/hvm/vmx/vmcs.c		patch \| blob \| history
xen/arch/x86/hvm/vmx/vmx.c		patch \| blob \| history
xen/include/asm-x86/hvm/vmx/vmcs.h		patch \| blob \| history
xen/include/asm-x86/hvm/vmx/vmx.h		patch \| blob \| history