1 files changed, 69 insertions, 67 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index a45d8580f91e..5cede40e2552 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -422,6 +422,7 @@ struct nested_vmx {
        struct list_head vmcs02_pool;
        int vmcs02_num;
        u64 vmcs01_tsc_offset;
+        bool change_vmcs01_virtual_x2apic_mode;
        /* L2 must run next, and mustn't decide to exit to L1. */
        bool nested_run_pending;
        /*
@@ -435,6 +436,8 @@ struct nested_vmx {
        bool pi_pending;
        u16 posted_intr_nv;
+        unsigned long *msr_bitmap;
        struct hrtimer preemption_timer;
        bool preemption_timer_expired;
@@ -924,7 +927,6 @@ static unsigned long *vmx_msr_bitmap_legacy;
 static unsigned long *vmx_msr_bitmap_longmode;
 static unsigned long *vmx_msr_bitmap_legacy_x2apic;
 static unsigned long *vmx_msr_bitmap_longmode_x2apic;
-static unsigned long *vmx_msr_bitmap_nested;
 static unsigned long *vmx_vmread_bitmap;
 static unsigned long *vmx_vmwrite_bitmap;
@@ -2198,6 +2200,12 @@ static void vmx_vcpu_pi_load(struct kvm_vcpu *vcpu, int cpu)
                        new.control) != old.control);
 }
+static void decache_tsc_multiplier(struct vcpu_vmx *vmx)
+{
+        vmx->current_tsc_ratio = vmx->vcpu.arch.tsc_scaling_ratio;
+        vmcs_write64(TSC_MULTIPLIER, vmx->current_tsc_ratio);
+}
 /*
 * Switches to specified vcpu, until a matching vcpu_put(), but assumes
 * vcpu mutex is already taken.
@@ -2256,10 +2264,8 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
        /* Setup TSC multiplier */
        if (kvm_has_tsc_control &&
-            vmx->current_tsc_ratio != vcpu->arch.tsc_scaling_ratio) {
+            vmx->current_tsc_ratio != vcpu->arch.tsc_scaling_ratio)
-                vmx->current_tsc_ratio = vcpu->arch.tsc_scaling_ratio;
+                decache_tsc_multiplier(vmx);
-                vmcs_write64(TSC_MULTIPLIER, vmx->current_tsc_ratio);
-        }
        vmx_vcpu_pi_load(vcpu, cpu);
        vmx->host_pkru = read_pkru();
@@ -2508,7 +2514,7 @@ static void vmx_set_msr_bitmap(struct kvm_vcpu *vcpu)
        unsigned long *msr_bitmap;
        if (is_guest_mode(vcpu))
-                msr_bitmap = vmx_msr_bitmap_nested;
+                msr_bitmap = to_vmx(vcpu)->nested.msr_bitmap;
        else if (cpu_has_secondary_exec_ctrls() &&
                 (vmcs_read32(SECONDARY_VM_EXEC_CONTROL) &
                  SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE)) {
@@ -6363,13 +6369,6 @@ static __init int hardware_setup(void)
        if (!vmx_msr_bitmap_longmode_x2apic)
                goto out4;
-        if (nested) {
-                vmx_msr_bitmap_nested =
-                        (unsigned long *)__get_free_page(GFP_KERNEL);
-                if (!vmx_msr_bitmap_nested)
-                        goto out5;
-        }
        vmx_vmread_bitmap = (unsigned long *)__get_free_page(GFP_KERNEL);
        if (!vmx_vmread_bitmap)
                goto out6;
@@ -6392,8 +6391,6 @@ static __init int hardware_setup(void)
        memset(vmx_msr_bitmap_legacy, 0xff, PAGE_SIZE);
        memset(vmx_msr_bitmap_longmode, 0xff, PAGE_SIZE);
-        if (nested)
-                memset(vmx_msr_bitmap_nested, 0xff, PAGE_SIZE);
        if (setup_vmcs_config(&vmcs_config) < 0) {
                r = -EIO;
@@ -6529,9 +6526,6 @@ out8:
 out7:
        free_page((unsigned long)vmx_vmread_bitmap);
 out6:
-        if (nested)
-                free_page((unsigned long)vmx_msr_bitmap_nested);
-out5:
        free_page((unsigned long)vmx_msr_bitmap_longmode_x2apic);
 out4:
        free_page((unsigned long)vmx_msr_bitmap_longmode);
@@ -6557,8 +6551,6 @@ static __exit void hardware_unsetup(void)
        free_page((unsigned long)vmx_io_bitmap_a);
        free_page((unsigned long)vmx_vmwrite_bitmap);
        free_page((unsigned long)vmx_vmread_bitmap);
-        if (nested)
-                free_page((unsigned long)vmx_msr_bitmap_nested);
        free_kvm_area();
 }
@@ -6995,16 +6987,21 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
                return 1;
        }
+        if (cpu_has_vmx_msr_bitmap()) {
+                vmx->nested.msr_bitmap =
+                                (unsigned long *)__get_free_page(GFP_KERNEL);
+                if (!vmx->nested.msr_bitmap)
+                        goto out_msr_bitmap;
+        }
        vmx->nested.cached_vmcs12 = kmalloc(VMCS12_SIZE, GFP_KERNEL);
        if (!vmx->nested.cached_vmcs12)
-                return -ENOMEM;
+                goto out_cached_vmcs12;
        if (enable_shadow_vmcs) {
                shadow_vmcs = alloc_vmcs();
-                if (!shadow_vmcs) {
+                if (!shadow_vmcs)
-                        kfree(vmx->nested.cached_vmcs12);
+                        goto out_shadow_vmcs;
-                        return -ENOMEM;
-                }
                /* mark vmcs as shadow */
                shadow_vmcs->revision_id |= (1u << 31);
                /* init shadow vmcs */
@@ -7024,6 +7021,15 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
        skip_emulated_instruction(vcpu);
        nested_vmx_succeed(vcpu);
        return 1;
+out_shadow_vmcs:
+        kfree(vmx->nested.cached_vmcs12);
+out_cached_vmcs12:
+        free_page((unsigned long)vmx->nested.msr_bitmap);
+out_msr_bitmap:
+        return -ENOMEM;
 }
 /*
@@ -7098,6 +7104,10 @@ static void free_nested(struct vcpu_vmx *vmx)
        vmx->nested.vmxon = false;
        free_vpid(vmx->nested.vpid02);
        nested_release_vmcs12(vmx);
+        if (vmx->nested.msr_bitmap) {
+                free_page((unsigned long)vmx->nested.msr_bitmap);
+                vmx->nested.msr_bitmap = NULL;
+        }
        if (enable_shadow_vmcs)
                free_vmcs(vmx->nested.current_shadow_vmcs);
        kfree(vmx->nested.cached_vmcs12);
@@ -8419,6 +8429,12 @@ static void vmx_set_virtual_x2apic_mode(struct kvm_vcpu *vcpu, bool set)
 {
        u32 sec_exec_control;
+        /* Postpone execution until vmcs01 is the current VMCS. */
+        if (is_guest_mode(vcpu)) {
+                to_vmx(vcpu)->nested.change_vmcs01_virtual_x2apic_mode = true;
+                return;
+        }
        /*
         * There is not point to enable virtualize x2apic without enable
         * apicv
@@ -9472,8 +9488,10 @@ static inline bool nested_vmx_merge_msr_bitmap(struct kvm_vcpu *vcpu,
 {
        int msr;
        struct page *page;
-        unsigned long *msr_bitmap;
+        unsigned long *msr_bitmap_l1;
+        unsigned long *msr_bitmap_l0 = to_vmx(vcpu)->nested.msr_bitmap;
+        /* This shortcut is ok because we support only x2APIC MSRs so far. */
        if (!nested_cpu_has_virt_x2apic_mode(vmcs12))
                return false;
@@ -9482,63 +9500,37 @@ static inline bool nested_vmx_merge_msr_bitmap(struct kvm_vcpu *vcpu,
                WARN_ON(1);
                return false;
        }
-        msr_bitmap = (unsigned long *)kmap(page);
+        msr_bitmap_l1 = (unsigned long *)kmap(page);
-        if (!msr_bitmap) {
+        if (!msr_bitmap_l1) {
                nested_release_page_clean(page);
                WARN_ON(1);
                return false;
        }
+        memset(msr_bitmap_l0, 0xff, PAGE_SIZE);
        if (nested_cpu_has_virt_x2apic_mode(vmcs12)) {
                if (nested_cpu_has_apic_reg_virt(vmcs12))
                        for (msr = 0x800; msr <= 0x8ff; msr++)
                                nested_vmx_disable_intercept_for_msr(
-                                        msr_bitmap,
+                                        msr_bitmap_l1, msr_bitmap_l0,
-                                        vmx_msr_bitmap_nested,
                                        msr, MSR_TYPE_R);
-                /* TPR is allowed */
-                nested_vmx_disable_intercept_for_msr(msr_bitmap,
+                nested_vmx_disable_intercept_for_msr(
-                                vmx_msr_bitmap_nested,
+                                msr_bitmap_l1, msr_bitmap_l0,
                                APIC_BASE_MSR + (APIC_TASKPRI >> 4),
                                MSR_TYPE_R | MSR_TYPE_W);
                if (nested_cpu_has_vid(vmcs12)) {
-                        /* EOI and self-IPI are allowed */
                        nested_vmx_disable_intercept_for_msr(
-                                msr_bitmap,
+                                msr_bitmap_l1, msr_bitmap_l0,
-                                vmx_msr_bitmap_nested,
                                APIC_BASE_MSR + (APIC_EOI >> 4),
                                MSR_TYPE_W);
                        nested_vmx_disable_intercept_for_msr(
-                                msr_bitmap,
+                                msr_bitmap_l1, msr_bitmap_l0,
-                                vmx_msr_bitmap_nested,
                                APIC_BASE_MSR + (APIC_SELF_IPI >> 4),
                                MSR_TYPE_W);
                }
-        } else {
-                /*
-                 * Enable reading intercept of all the x2apic
-                 * MSRs. We should not rely on vmcs12 to do any
-                 * optimizations here, it may have been modified
-                 * by L1.
-                 */
-                for (msr = 0x800; msr <= 0x8ff; msr++)
-                        __vmx_enable_intercept_for_msr(
-                                vmx_msr_bitmap_nested,
-                                msr,
-                                MSR_TYPE_R);
-                __vmx_enable_intercept_for_msr(
-                                vmx_msr_bitmap_nested,
-                                APIC_BASE_MSR + (APIC_TASKPRI >> 4),
-                                MSR_TYPE_W);
-                __vmx_enable_intercept_for_msr(
-                                vmx_msr_bitmap_nested,
-                                APIC_BASE_MSR + (APIC_EOI >> 4),
-                                MSR_TYPE_W);
-                __vmx_enable_intercept_for_msr(
-                                vmx_msr_bitmap_nested,
-                                APIC_BASE_MSR + (APIC_SELF_IPI >> 4),
-                                MSR_TYPE_W);
        }
        kunmap(page);
        nested_release_page_clean(page);
@@ -9957,10 +9949,10 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
        }
        if (cpu_has_vmx_msr_bitmap() &&
-            exec_control & CPU_BASED_USE_MSR_BITMAPS) {
+            exec_control & CPU_BASED_USE_MSR_BITMAPS &&
-                nested_vmx_merge_msr_bitmap(vcpu, vmcs12);
+            nested_vmx_merge_msr_bitmap(vcpu, vmcs12))
-                /* MSR_BITMAP will be set by following vmx_set_efer. */
+                ; /* MSR_BITMAP will be set by following vmx_set_efer. */
-        } else
+        else
                exec_control &= ~CPU_BASED_USE_MSR_BITMAPS;
        /*
@@ -10011,6 +10003,8 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
                        vmx->nested.vmcs01_tsc_offset + vmcs12->tsc_offset);
        else
                vmcs_write64(TSC_OFFSET, vmx->nested.vmcs01_tsc_offset);
+        if (kvm_has_tsc_control)
+                decache_tsc_multiplier(vmx);
        if (enable_vpid) {
                /*
@@ -10767,6 +10761,14 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 exit_reason,
        else
                vmcs_set_bits(PIN_BASED_VM_EXEC_CONTROL,
                              PIN_BASED_VMX_PREEMPTION_TIMER);
+        if (kvm_has_tsc_control)
+                decache_tsc_multiplier(vmx);
+        if (vmx->nested.change_vmcs01_virtual_x2apic_mode) {
+                vmx->nested.change_vmcs01_virtual_x2apic_mode = false;
+                vmx_set_virtual_x2apic_mode(vcpu,
+                                vcpu->arch.apic_base & X2APIC_ENABLE);
+        }
        /* This is needed for same reason as it was needed in prepare_vmcs02 */
        vmx->host_rsp = 0;

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index a45d8580f91e..5cede40e2552 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c
@@ -422,6 +422,7 @@ struct nested_vmx {
422	struct list_head vmcs02_pool;	422	struct list_head vmcs02_pool;
423	int vmcs02_num;	423	int vmcs02_num;
424	u64 vmcs01_tsc_offset;	424	u64 vmcs01_tsc_offset;
		425	bool change_vmcs01_virtual_x2apic_mode;
425	/* L2 must run next, and mustn't decide to exit to L1. */	426	/* L2 must run next, and mustn't decide to exit to L1. */
426	bool nested_run_pending;	427	bool nested_run_pending;
427	/*	428	/*
@@ -435,6 +436,8 @@ struct nested_vmx {
435	bool pi_pending;	436	bool pi_pending;
436	u16 posted_intr_nv;	437	u16 posted_intr_nv;
437		438
		439	unsigned long *msr_bitmap;
		440
438	struct hrtimer preemption_timer;	441	struct hrtimer preemption_timer;
439	bool preemption_timer_expired;	442	bool preemption_timer_expired;
440		443
@@ -924,7 +927,6 @@ static unsigned long *vmx_msr_bitmap_legacy;
924	static unsigned long *vmx_msr_bitmap_longmode;	927	static unsigned long *vmx_msr_bitmap_longmode;
925	static unsigned long *vmx_msr_bitmap_legacy_x2apic;	928	static unsigned long *vmx_msr_bitmap_legacy_x2apic;
926	static unsigned long *vmx_msr_bitmap_longmode_x2apic;	929	static unsigned long *vmx_msr_bitmap_longmode_x2apic;
927	static unsigned long *vmx_msr_bitmap_nested;
928	static unsigned long *vmx_vmread_bitmap;	930	static unsigned long *vmx_vmread_bitmap;
929	static unsigned long *vmx_vmwrite_bitmap;	931	static unsigned long *vmx_vmwrite_bitmap;
930		932
@@ -2198,6 +2200,12 @@ static void vmx_vcpu_pi_load(struct kvm_vcpu *vcpu, int cpu)
2198	new.control) != old.control);	2200	new.control) != old.control);
2199	}	2201	}
2200		2202
		2203	static void decache_tsc_multiplier(struct vcpu_vmx *vmx)
		2204	{
		2205	vmx->current_tsc_ratio = vmx->vcpu.arch.tsc_scaling_ratio;
		2206	vmcs_write64(TSC_MULTIPLIER, vmx->current_tsc_ratio);
		2207	}
		2208
2201	/*	2209	/*
2202	* Switches to specified vcpu, until a matching vcpu_put(), but assumes	2210	* Switches to specified vcpu, until a matching vcpu_put(), but assumes
2203	* vcpu mutex is already taken.	2211	* vcpu mutex is already taken.
@@ -2256,10 +2264,8 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
2256		2264
2257	/* Setup TSC multiplier */	2265	/* Setup TSC multiplier */
2258	if (kvm_has_tsc_control &&	2266	if (kvm_has_tsc_control &&
2259	vmx->current_tsc_ratio != vcpu->arch.tsc_scaling_ratio) {	2267	vmx->current_tsc_ratio != vcpu->arch.tsc_scaling_ratio)
2260	vmx->current_tsc_ratio = vcpu->arch.tsc_scaling_ratio;	2268	decache_tsc_multiplier(vmx);
2261	vmcs_write64(TSC_MULTIPLIER, vmx->current_tsc_ratio);
2262	}
2263		2269
2264	vmx_vcpu_pi_load(vcpu, cpu);	2270	vmx_vcpu_pi_load(vcpu, cpu);
2265	vmx->host_pkru = read_pkru();	2271	vmx->host_pkru = read_pkru();
@@ -2508,7 +2514,7 @@ static void vmx_set_msr_bitmap(struct kvm_vcpu *vcpu)
2508	unsigned long *msr_bitmap;	2514	unsigned long *msr_bitmap;
2509		2515
2510	if (is_guest_mode(vcpu))	2516	if (is_guest_mode(vcpu))
2511	msr_bitmap = vmx_msr_bitmap_nested;	2517	msr_bitmap = to_vmx(vcpu)->nested.msr_bitmap;
2512	else if (cpu_has_secondary_exec_ctrls() &&	2518	else if (cpu_has_secondary_exec_ctrls() &&
2513	(vmcs_read32(SECONDARY_VM_EXEC_CONTROL) &	2519	(vmcs_read32(SECONDARY_VM_EXEC_CONTROL) &
2514	SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE)) {	2520	SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE)) {
@@ -6363,13 +6369,6 @@ static __init int hardware_setup(void)
6363	if (!vmx_msr_bitmap_longmode_x2apic)	6369	if (!vmx_msr_bitmap_longmode_x2apic)
6364	goto out4;	6370	goto out4;
6365		6371
6366	if (nested) {
6367	vmx_msr_bitmap_nested =
6368	(unsigned long *)__get_free_page(GFP_KERNEL);
6369	if (!vmx_msr_bitmap_nested)
6370	goto out5;
6371	}
6372
6373	vmx_vmread_bitmap = (unsigned long *)__get_free_page(GFP_KERNEL);	6372	vmx_vmread_bitmap = (unsigned long *)__get_free_page(GFP_KERNEL);
6374	if (!vmx_vmread_bitmap)	6373	if (!vmx_vmread_bitmap)
6375	goto out6;	6374	goto out6;
@@ -6392,8 +6391,6 @@ static __init int hardware_setup(void)
6392		6391
6393	memset(vmx_msr_bitmap_legacy, 0xff, PAGE_SIZE);	6392	memset(vmx_msr_bitmap_legacy, 0xff, PAGE_SIZE);
6394	memset(vmx_msr_bitmap_longmode, 0xff, PAGE_SIZE);	6393	memset(vmx_msr_bitmap_longmode, 0xff, PAGE_SIZE);
6395	if (nested)
6396	memset(vmx_msr_bitmap_nested, 0xff, PAGE_SIZE);
6397		6394
6398	if (setup_vmcs_config(&vmcs_config) < 0) {	6395	if (setup_vmcs_config(&vmcs_config) < 0) {
6399	r = -EIO;	6396	r = -EIO;
@@ -6529,9 +6526,6 @@ out8:
6529	out7:	6526	out7:
6530	free_page((unsigned long)vmx_vmread_bitmap);	6527	free_page((unsigned long)vmx_vmread_bitmap);
6531	out6:	6528	out6:
6532	if (nested)
6533	free_page((unsigned long)vmx_msr_bitmap_nested);
6534	out5:
6535	free_page((unsigned long)vmx_msr_bitmap_longmode_x2apic);	6529	free_page((unsigned long)vmx_msr_bitmap_longmode_x2apic);
6536	out4:	6530	out4:
6537	free_page((unsigned long)vmx_msr_bitmap_longmode);	6531	free_page((unsigned long)vmx_msr_bitmap_longmode);
@@ -6557,8 +6551,6 @@ static __exit void hardware_unsetup(void)
6557	free_page((unsigned long)vmx_io_bitmap_a);	6551	free_page((unsigned long)vmx_io_bitmap_a);
6558	free_page((unsigned long)vmx_vmwrite_bitmap);	6552	free_page((unsigned long)vmx_vmwrite_bitmap);
6559	free_page((unsigned long)vmx_vmread_bitmap);	6553	free_page((unsigned long)vmx_vmread_bitmap);
6560	if (nested)
6561	free_page((unsigned long)vmx_msr_bitmap_nested);
6562		6554
6563	free_kvm_area();	6555	free_kvm_area();
6564	}	6556	}
@@ -6995,16 +6987,21 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
6995	return 1;	6987	return 1;
6996	}	6988	}
6997		6989
		6990	if (cpu_has_vmx_msr_bitmap()) {
		6991	vmx->nested.msr_bitmap =
		6992	(unsigned long *)__get_free_page(GFP_KERNEL);
		6993	if (!vmx->nested.msr_bitmap)
		6994	goto out_msr_bitmap;
		6995	}
		6996
6998	vmx->nested.cached_vmcs12 = kmalloc(VMCS12_SIZE, GFP_KERNEL);	6997	vmx->nested.cached_vmcs12 = kmalloc(VMCS12_SIZE, GFP_KERNEL);
6999	if (!vmx->nested.cached_vmcs12)	6998	if (!vmx->nested.cached_vmcs12)
7000	return -ENOMEM;	6999	goto out_cached_vmcs12;
7001		7000
7002	if (enable_shadow_vmcs) {	7001	if (enable_shadow_vmcs) {
7003	shadow_vmcs = alloc_vmcs();	7002	shadow_vmcs = alloc_vmcs();
7004	if (!shadow_vmcs) {	7003	if (!shadow_vmcs)
7005	kfree(vmx->nested.cached_vmcs12);	7004	goto out_shadow_vmcs;
7006	return -ENOMEM;
7007	}
7008	/* mark vmcs as shadow */	7005	/* mark vmcs as shadow */
7009	shadow_vmcs->revision_id \|= (1u << 31);	7006	shadow_vmcs->revision_id \|= (1u << 31);
7010	/* init shadow vmcs */	7007	/* init shadow vmcs */
@@ -7024,6 +7021,15 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
7024	skip_emulated_instruction(vcpu);	7021	skip_emulated_instruction(vcpu);
7025	nested_vmx_succeed(vcpu);	7022	nested_vmx_succeed(vcpu);
7026	return 1;	7023	return 1;
		7024
		7025	out_shadow_vmcs:
		7026	kfree(vmx->nested.cached_vmcs12);
		7027
		7028	out_cached_vmcs12:
		7029	free_page((unsigned long)vmx->nested.msr_bitmap);
		7030
		7031	out_msr_bitmap:
		7032	return -ENOMEM;
7027	}	7033	}
7028		7034
7029	/*	7035	/*
@@ -7098,6 +7104,10 @@ static void free_nested(struct vcpu_vmx *vmx)
7098	vmx->nested.vmxon = false;	7104	vmx->nested.vmxon = false;
7099	free_vpid(vmx->nested.vpid02);	7105	free_vpid(vmx->nested.vpid02);
7100	nested_release_vmcs12(vmx);	7106	nested_release_vmcs12(vmx);
		7107	if (vmx->nested.msr_bitmap) {
		7108	free_page((unsigned long)vmx->nested.msr_bitmap);
		7109	vmx->nested.msr_bitmap = NULL;
		7110	}
7101	if (enable_shadow_vmcs)	7111	if (enable_shadow_vmcs)
7102	free_vmcs(vmx->nested.current_shadow_vmcs);	7112	free_vmcs(vmx->nested.current_shadow_vmcs);
7103	kfree(vmx->nested.cached_vmcs12);	7113	kfree(vmx->nested.cached_vmcs12);
@@ -8419,6 +8429,12 @@ static void vmx_set_virtual_x2apic_mode(struct kvm_vcpu *vcpu, bool set)
8419	{	8429	{
8420	u32 sec_exec_control;	8430	u32 sec_exec_control;
8421		8431
		8432	/* Postpone execution until vmcs01 is the current VMCS. */
		8433	if (is_guest_mode(vcpu)) {
		8434	to_vmx(vcpu)->nested.change_vmcs01_virtual_x2apic_mode = true;
		8435	return;
		8436	}
		8437
8422	/*	8438	/*
8423	* There is not point to enable virtualize x2apic without enable	8439	* There is not point to enable virtualize x2apic without enable
8424	* apicv	8440	* apicv
@@ -9472,8 +9488,10 @@ static inline bool nested_vmx_merge_msr_bitmap(struct kvm_vcpu *vcpu,
9472	{	9488	{
9473	int msr;	9489	int msr;
9474	struct page *page;	9490	struct page *page;
9475	unsigned long *msr_bitmap;	9491	unsigned long *msr_bitmap_l1;
		9492	unsigned long *msr_bitmap_l0 = to_vmx(vcpu)->nested.msr_bitmap;
9476		9493
		9494	/* This shortcut is ok because we support only x2APIC MSRs so far. */
9477	if (!nested_cpu_has_virt_x2apic_mode(vmcs12))	9495	if (!nested_cpu_has_virt_x2apic_mode(vmcs12))
9478	return false;	9496	return false;
9479		9497
@@ -9482,63 +9500,37 @@ static inline bool nested_vmx_merge_msr_bitmap(struct kvm_vcpu *vcpu,
9482	WARN_ON(1);	9500	WARN_ON(1);
9483	return false;	9501	return false;
9484	}	9502	}
9485	msr_bitmap = (unsigned long *)kmap(page);	9503	msr_bitmap_l1 = (unsigned long *)kmap(page);
9486	if (!msr_bitmap) {	9504	if (!msr_bitmap_l1) {
9487	nested_release_page_clean(page);	9505	nested_release_page_clean(page);
9488	WARN_ON(1);	9506	WARN_ON(1);
9489	return false;	9507	return false;
9490	}	9508	}
9491		9509
		9510	memset(msr_bitmap_l0, 0xff, PAGE_SIZE);
		9511
9492	if (nested_cpu_has_virt_x2apic_mode(vmcs12)) {	9512	if (nested_cpu_has_virt_x2apic_mode(vmcs12)) {
9493	if (nested_cpu_has_apic_reg_virt(vmcs12))	9513	if (nested_cpu_has_apic_reg_virt(vmcs12))
9494	for (msr = 0x800; msr <= 0x8ff; msr++)	9514	for (msr = 0x800; msr <= 0x8ff; msr++)
9495	nested_vmx_disable_intercept_for_msr(	9515	nested_vmx_disable_intercept_for_msr(
9496	msr_bitmap,	9516	msr_bitmap_l1, msr_bitmap_l0,
9497	vmx_msr_bitmap_nested,
9498	msr, MSR_TYPE_R);	9517	msr, MSR_TYPE_R);
9499	/* TPR is allowed */	9518
9500	nested_vmx_disable_intercept_for_msr(msr_bitmap,	9519	nested_vmx_disable_intercept_for_msr(
9501	vmx_msr_bitmap_nested,	9520	msr_bitmap_l1, msr_bitmap_l0,
9502	APIC_BASE_MSR + (APIC_TASKPRI >> 4),	9521	APIC_BASE_MSR + (APIC_TASKPRI >> 4),
9503	MSR_TYPE_R \| MSR_TYPE_W);	9522	MSR_TYPE_R \| MSR_TYPE_W);
		9523
9504	if (nested_cpu_has_vid(vmcs12)) {	9524	if (nested_cpu_has_vid(vmcs12)) {
9505	/* EOI and self-IPI are allowed */
9506	nested_vmx_disable_intercept_for_msr(	9525	nested_vmx_disable_intercept_for_msr(
9507	msr_bitmap,	9526	msr_bitmap_l1, msr_bitmap_l0,
9508	vmx_msr_bitmap_nested,
9509	APIC_BASE_MSR + (APIC_EOI >> 4),	9527	APIC_BASE_MSR + (APIC_EOI >> 4),
9510	MSR_TYPE_W);	9528	MSR_TYPE_W);
9511	nested_vmx_disable_intercept_for_msr(	9529	nested_vmx_disable_intercept_for_msr(
9512	msr_bitmap,	9530	msr_bitmap_l1, msr_bitmap_l0,
9513	vmx_msr_bitmap_nested,
9514	APIC_BASE_MSR + (APIC_SELF_IPI >> 4),	9531	APIC_BASE_MSR + (APIC_SELF_IPI >> 4),
9515	MSR_TYPE_W);	9532	MSR_TYPE_W);
9516	}	9533	}
9517	} else {
9518	/*
9519	* Enable reading intercept of all the x2apic
9520	* MSRs. We should not rely on vmcs12 to do any
9521	* optimizations here, it may have been modified
9522	* by L1.
9523	*/
9524	for (msr = 0x800; msr <= 0x8ff; msr++)
9525	__vmx_enable_intercept_for_msr(
9526	vmx_msr_bitmap_nested,
9527	msr,
9528	MSR_TYPE_R);
9529
9530	__vmx_enable_intercept_for_msr(
9531	vmx_msr_bitmap_nested,
9532	APIC_BASE_MSR + (APIC_TASKPRI >> 4),
9533	MSR_TYPE_W);
9534	__vmx_enable_intercept_for_msr(
9535	vmx_msr_bitmap_nested,
9536	APIC_BASE_MSR + (APIC_EOI >> 4),
9537	MSR_TYPE_W);
9538	__vmx_enable_intercept_for_msr(
9539	vmx_msr_bitmap_nested,
9540	APIC_BASE_MSR + (APIC_SELF_IPI >> 4),
9541	MSR_TYPE_W);
9542	}	9534	}
9543	kunmap(page);	9535	kunmap(page);
9544	nested_release_page_clean(page);	9536	nested_release_page_clean(page);
@@ -9957,10 +9949,10 @@ static void prepare_vmcs02(struct kvm_vcpu vcpu, struct vmcs12 vmcs12)
9957	}	9949	}
9958		9950
9959	if (cpu_has_vmx_msr_bitmap() &&	9951	if (cpu_has_vmx_msr_bitmap() &&
9960	exec_control & CPU_BASED_USE_MSR_BITMAPS) {	9952	exec_control & CPU_BASED_USE_MSR_BITMAPS &&
9961	nested_vmx_merge_msr_bitmap(vcpu, vmcs12);	9953	nested_vmx_merge_msr_bitmap(vcpu, vmcs12))
9962	/* MSR_BITMAP will be set by following vmx_set_efer. */	9954	; /* MSR_BITMAP will be set by following vmx_set_efer. */
9963	} else	9955	else
9964	exec_control &= ~CPU_BASED_USE_MSR_BITMAPS;	9956	exec_control &= ~CPU_BASED_USE_MSR_BITMAPS;
9965		9957
9966	/*	9958	/*
@@ -10011,6 +10003,8 @@ static void prepare_vmcs02(struct kvm_vcpu vcpu, struct vmcs12 vmcs12)
10011	vmx->nested.vmcs01_tsc_offset + vmcs12->tsc_offset);	10003	vmx->nested.vmcs01_tsc_offset + vmcs12->tsc_offset);
10012	else	10004	else
10013	vmcs_write64(TSC_OFFSET, vmx->nested.vmcs01_tsc_offset);	10005	vmcs_write64(TSC_OFFSET, vmx->nested.vmcs01_tsc_offset);
		10006	if (kvm_has_tsc_control)
		10007	decache_tsc_multiplier(vmx);
10014		10008
10015	if (enable_vpid) {	10009	if (enable_vpid) {
10016	/*	10010	/*
@@ -10767,6 +10761,14 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 exit_reason,
10767	else	10761	else
10768	vmcs_set_bits(PIN_BASED_VM_EXEC_CONTROL,	10762	vmcs_set_bits(PIN_BASED_VM_EXEC_CONTROL,
10769	PIN_BASED_VMX_PREEMPTION_TIMER);	10763	PIN_BASED_VMX_PREEMPTION_TIMER);
		10764	if (kvm_has_tsc_control)
		10765	decache_tsc_multiplier(vmx);
		10766
		10767	if (vmx->nested.change_vmcs01_virtual_x2apic_mode) {
		10768	vmx->nested.change_vmcs01_virtual_x2apic_mode = false;
		10769	vmx_set_virtual_x2apic_mode(vcpu,
		10770	vcpu->arch.apic_base & X2APIC_ENABLE);
		10771	}
10770		10772
10771	/* This is needed for same reason as it was needed in prepare_vmcs02 */	10773	/* This is needed for same reason as it was needed in prepare_vmcs02 */
10772	vmx->host_rsp = 0;	10774	vmx->host_rsp = 0;