[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v10 04/11] x86/hvm: Permit guests direct access to MSR_{SPEC_CTRL, PRED_CMD}
For performance reasons, HVM guests should have direct access to these MSRs when possible. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Kevin Tian <kevin.tian@xxxxxxxxx> --- v7: * Drop excess brackets v9: * Re-implement it light of Intels new spec. Drop R-by's. * Spelling fixes v10: * More spelling fixes --- xen/arch/x86/domctl.c | 19 +++++++++++++++++++ xen/arch/x86/hvm/svm/svm.c | 5 +++++ xen/arch/x86/hvm/vmx/vmx.c | 17 +++++++++++++++++ 3 files changed, 41 insertions(+) diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 1a15a34..2c4447b 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -53,6 +53,7 @@ static int update_domain_cpuid_info(struct domain *d, struct cpuid_policy *p = d->arch.cpuid; const struct cpuid_leaf leaf = { ctl->eax, ctl->ebx, ctl->ecx, ctl->edx }; int old_vendor = p->x86_vendor; + unsigned int old_7d0 = p->feat.raw[0].d, old_e8b = p->extd.raw[8].b; bool call_policy_changed = false; /* Avoid for_each_vcpu() unnecessarily */ /* @@ -218,6 +219,14 @@ static int update_domain_cpuid_info(struct domain *d, d->arch.pv_domain.cpuidmasks->_7ab0 = mask; } + + /* + * If the IBRS/IBPB policy has changed, we need to recalculate the MSR + * interception bitmaps. + */ + call_policy_changed = (is_hvm_domain(d) && + ((old_7d0 ^ p->feat.raw[0].d) & + cpufeat_mask(X86_FEATURE_IBRSB))); break; case 0xa: @@ -292,6 +301,16 @@ static int update_domain_cpuid_info(struct domain *d, d->arch.pv_domain.cpuidmasks->e1cd = mask; } break; + + case 0x80000008: + /* + * If the IBPB policy has changed, we need to recalculate the MSR + * interception bitmaps. + */ + call_policy_changed = (is_hvm_domain(d) && + ((old_e8b ^ p->extd.raw[8].b) & + cpufeat_mask(X86_FEATURE_IBPB))); + break; } if ( call_policy_changed ) diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 6509b90..231074e 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -617,6 +617,7 @@ static void svm_cpuid_policy_changed(struct vcpu *v) { struct arch_svm_struct *arch_svm = &v->arch.hvm_svm; struct vmcb_struct *vmcb = arch_svm->vmcb; + const struct cpuid_policy *cp = v->domain->arch.cpuid; u32 bitmap = vmcb_get_exception_intercepts(vmcb); if ( opt_hvm_fep || @@ -626,6 +627,10 @@ static void svm_cpuid_policy_changed(struct vcpu *v) bitmap &= ~(1U << TRAP_invalid_op); vmcb_set_exception_intercepts(vmcb, bitmap); + + /* Give access to MSR_PRED_CMD if the guest has been told about it. */ + svm_intercept_msr(v, MSR_PRED_CMD, + cp->extd.ibpb ? MSR_INTERCEPT_NONE : MSR_INTERCEPT_RW); } static void svm_sync_vmcb(struct vcpu *v) diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index e036303..1546c2a 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -656,6 +656,8 @@ void vmx_update_exception_bitmap(struct vcpu *v) static void vmx_cpuid_policy_changed(struct vcpu *v) { + const struct cpuid_policy *cp = v->domain->arch.cpuid; + if ( opt_hvm_fep || (v->domain->arch.cpuid->x86_vendor != boot_cpu_data.x86_vendor) ) v->arch.hvm_vmx.exception_bitmap |= (1U << TRAP_invalid_op); @@ -665,6 +667,21 @@ static void vmx_cpuid_policy_changed(struct vcpu *v) vmx_vmcs_enter(v); vmx_update_exception_bitmap(v); vmx_vmcs_exit(v); + + /* + * We can safely pass MSR_SPEC_CTRL through to the guest, even if STIBP + * isn't enumerated in hardware, as SPEC_CTRL_STIBP is ignored. + */ + if ( cp->feat.ibrsb ) + vmx_clear_msr_intercept(v, MSR_SPEC_CTRL, VMX_MSR_RW); + else + vmx_set_msr_intercept(v, MSR_SPEC_CTRL, VMX_MSR_RW); + + /* MSR_PRED_CMD is safe to pass through if the guest knows about it. */ + if ( cp->feat.ibrsb || cp->extd.ibpb ) + vmx_clear_msr_intercept(v, MSR_PRED_CMD, VMX_MSR_RW); + else + vmx_set_msr_intercept(v, MSR_PRED_CMD, VMX_MSR_RW); } int vmx_guest_x86_mode(struct vcpu *v) -- 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |