Merge tag 'efi-urgent' into x86/urgent

* Avoid WARN_ON() when mapping BGRT on Baytrail (EFI 32-bit). Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
author: H. Peter Anvin <hpa@linux.intel.com> 2014-02-07 14:27:30 -0500
committer: H. Peter Anvin <hpa@linux.intel.com> 2014-02-07 14:27:30 -0500
commit: a3b072cd180c12e8fe0ece9487b9065808327640 (patch)
tree: 62b982041be84748852d77cdf6ca5639ef40858f /arch/x86/kvm
parent: 75a1ba5b2c529db60ca49626bcaf0bddf4548438 (diff)
parent: 081cd62a010f97b5bc1d2b0cd123c5abc692b68a (diff)
11 files changed, 362 insertions, 186 deletions
diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig
index b89c5db2b832..287e4c85fff9 100644
--- a/arch/x86/kvm/Kconfig
+++ b/arch/x86/kvm/Kconfig
@@ -80,7 +80,7 @@ config KVM_MMU_AUDIT
        depends on KVM && TRACEPOINTS
        ---help---
         This option adds a R/W kVM module parameter 'mmu_audit', which allows
-         audit  KVM MMU at runtime.
+         auditing of KVM MMU events at runtime.
 config KVM_DEVICE_ASSIGNMENT
        bool "KVM legacy PCI device assignment support"
diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h
index f1e4895174b2..a2a1bb7ed8c1 100644
--- a/arch/x86/kvm/cpuid.h
+++ b/arch/x86/kvm/cpuid.h
@@ -72,4 +72,12 @@ static inline bool guest_cpuid_has_pcid(struct kvm_vcpu *vcpu)
        return best && (best->ecx & bit(X86_FEATURE_PCID));
 }
+static inline bool guest_cpuid_has_x2apic(struct kvm_vcpu *vcpu)
+{
+        struct kvm_cpuid_entry2 *best;
+        best = kvm_find_cpuid_entry(vcpu, 1, 0);
+        return best && (best->ecx & bit(X86_FEATURE_X2APIC));
+}
 #endif
diff --git a/arch/x86/kvm/i8254.c b/arch/x86/kvm/i8254.c
index 412a5aa0ef94..518d86471b76 100644
--- a/arch/x86/kvm/i8254.c
+++ b/arch/x86/kvm/i8254.c
@@ -37,6 +37,7 @@
 #include "irq.h"
 #include "i8254.h"
+#include "x86.h"
 #ifndef CONFIG_X86_64
 #define mod_64(x, y) ((x) - (y) * div64_u64(x, y))
@@ -349,6 +350,23 @@ static void create_pit_timer(struct kvm *kvm, u32 val, int is_period)
        atomic_set(&ps->pending, 0);
        ps->irq_ack = 1;
+        /*
+         * Do not allow the guest to program periodic timers with small
+         * interval, since the hrtimers are not throttled by the host
+         * scheduler.
+         */
+        if (ps->is_periodic) {
+                s64 min_period = min_timer_period_us * 1000LL;
+                if (ps->period < min_period) {
+                        pr_info_ratelimited(
+                            "kvm: requested %lld ns "
+                            "i8254 timer period limited to %lld ns\n",
+                            ps->period, min_period);
+                        ps->period = min_period;
+                }
+        }
        hrtimer_start(&ps->timer, ktime_add_ns(ktime_get(), interval),
                      HRTIMER_MODE_ABS);
 }
diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index 775702f649ca..9736529ade08 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -71,9 +71,6 @@
 #define VEC_POS(v) ((v) & (32 - 1))
 #define REG_POS(v) (((v) >> 5) << 4)
-static unsigned int min_timer_period_us = 500;
-module_param(min_timer_period_us, uint, S_IRUGO | S_IWUSR);
 static inline void apic_set_reg(struct kvm_lapic *apic, int reg_off, u32 val)
 {
        *((u32 *) (apic->regs + reg_off)) = val;
@@ -435,7 +432,7 @@ static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu)
        u8 val;
        if (pv_eoi_get_user(vcpu, &val) < 0)
                apic_debug("Can't read EOI MSR value: 0x%llx\n",
-                           (unsigned long long)vcpi->arch.pv_eoi.msr_val);
+                           (unsigned long long)vcpu->arch.pv_eoi.msr_val);
        return val & 0x1;
 }
@@ -443,7 +440,7 @@ static void pv_eoi_set_pending(struct kvm_vcpu *vcpu)
 {
        if (pv_eoi_put_user(vcpu, KVM_PV_EOI_ENABLED) < 0) {
                apic_debug("Can't set EOI MSR value: 0x%llx\n",
-                           (unsigned long long)vcpi->arch.pv_eoi.msr_val);
+                           (unsigned long long)vcpu->arch.pv_eoi.msr_val);
                return;
        }
        __set_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
@@ -453,7 +450,7 @@ static void pv_eoi_clr_pending(struct kvm_vcpu *vcpu)
 {
        if (pv_eoi_put_user(vcpu, KVM_PV_EOI_DISABLED) < 0) {
                apic_debug("Can't clear EOI MSR value: 0x%llx\n",
-                           (unsigned long long)vcpi->arch.pv_eoi.msr_val);
+                           (unsigned long long)vcpu->arch.pv_eoi.msr_val);
                return;
        }
        __clear_bit(KVM_APIC_PV_EOI_PENDING, &vcpu->arch.apic_attention);
diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
index c8b0d0d2da5c..6a11845fd8b9 100644
--- a/arch/x86/kvm/lapic.h
+++ b/arch/x86/kvm/lapic.h
@@ -65,7 +65,7 @@ bool kvm_irq_delivery_to_apic_fast(struct kvm *kvm, struct kvm_lapic *src,
                struct kvm_lapic_irq *irq, int *r, unsigned long *dest_map);
 u64 kvm_get_apic_base(struct kvm_vcpu *vcpu);
-void kvm_set_apic_base(struct kvm_vcpu *vcpu, u64 data);
+int kvm_set_apic_base(struct kvm_vcpu *vcpu, struct msr_data *msr_info);
 void kvm_apic_post_state_restore(struct kvm_vcpu *vcpu,
                struct kvm_lapic_state *s);
 int kvm_lapic_find_highest_irr(struct kvm_vcpu *vcpu);
diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 40772ef0f2b1..e50425d0f5f7 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -2659,6 +2659,9 @@ static int __direct_map(struct kvm_vcpu *vcpu, gpa_t v, int write,
        int emulate = 0;
        gfn_t pseudo_gfn;
+        if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
+                return 0;
        for_each_shadow_entry(vcpu, (u64)gfn << PAGE_SHIFT, iterator) {
                if (iterator.level == level) {
                        mmu_set_spte(vcpu, iterator.sptep, ACC_ALL,
@@ -2829,6 +2832,9 @@ static bool fast_page_fault(struct kvm_vcpu *vcpu, gva_t gva, int level,
        bool ret = false;
        u64 spte = 0ull;
+        if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
+                return false;
        if (!page_fault_can_be_fast(error_code))
                return false;
@@ -3224,6 +3230,9 @@ static u64 walk_shadow_page_get_mmio_spte(struct kvm_vcpu *vcpu, u64 addr)
        struct kvm_shadow_walk_iterator iterator;
        u64 spte = 0ull;
+        if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
+                return spte;
        walk_shadow_page_lockless_begin(vcpu);
        for_each_shadow_entry_lockless(vcpu, addr, iterator, spte)
                if (!is_shadow_present_pte(spte))
@@ -4510,6 +4519,9 @@ int kvm_mmu_get_spte_hierarchy(struct kvm_vcpu *vcpu, u64 addr, u64 sptes[4])
        u64 spte;
        int nr_sptes = 0;
+        if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
+                return nr_sptes;
        walk_shadow_page_lockless_begin(vcpu);
        for_each_shadow_entry_lockless(vcpu, addr, iterator, spte) {
                sptes[iterator.level-1] = spte;
diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h
index ad75d77999d0..cba218a2f08d 100644
--- a/arch/x86/kvm/paging_tmpl.h
+++ b/arch/x86/kvm/paging_tmpl.h
@@ -569,6 +569,9 @@ static int FNAME(fetch)(struct kvm_vcpu *vcpu, gva_t addr,
        if (FNAME(gpte_changed)(vcpu, gw, top_level))
                goto out_gpte_changed;
+        if (!VALID_PAGE(vcpu->arch.mmu.root_hpa))
+                goto out_gpte_changed;
        for (shadow_walk_init(&it, vcpu, addr);
             shadow_walk_okay(&it) && it.level > gw->level;
             shadow_walk_next(&it)) {
@@ -820,6 +823,11 @@ static void FNAME(invlpg)(struct kvm_vcpu *vcpu, gva_t gva)
         */
        mmu_topup_memory_caches(vcpu);
+        if (!VALID_PAGE(vcpu->arch.mmu.root_hpa)) {
+                WARN_ON(1);
+                return;
+        }
        spin_lock(&vcpu->kvm->mmu_lock);
        for_each_shadow_entry(vcpu, gva, iterator) {
                level = iterator.level;
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index c7168a5cff1b..e81df8fce027 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -1671,6 +1671,19 @@ static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd)
        mark_dirty(svm->vmcb, VMCB_ASID);
 }
+static u64 svm_get_dr6(struct kvm_vcpu *vcpu)
+{
+        return to_svm(vcpu)->vmcb->save.dr6;
+}
+static void svm_set_dr6(struct kvm_vcpu *vcpu, unsigned long value)
+{
+        struct vcpu_svm *svm = to_svm(vcpu);
+        svm->vmcb->save.dr6 = value;
+        mark_dirty(svm->vmcb, VMCB_DR);
+}
 static void svm_set_dr7(struct kvm_vcpu *vcpu, unsigned long value)
 {
        struct vcpu_svm *svm = to_svm(vcpu);
@@ -4286,6 +4299,8 @@ static struct kvm_x86_ops svm_x86_ops = {
        .set_idt = svm_set_idt,
        .get_gdt = svm_get_gdt,
        .set_gdt = svm_set_gdt,
+        .get_dr6 = svm_get_dr6,
+        .set_dr6 = svm_set_dr6,
        .set_dr7 = svm_set_dr7,
        .cache_reg = svm_cache_reg,
        .get_rflags = svm_get_rflags,
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index da7837e1349d..a06f101ef64b 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -418,6 +418,8 @@ struct vcpu_vmx {
        u64                   msr_host_kernel_gs_base;
        u64                   msr_guest_kernel_gs_base;
 #endif
+        u32 vm_entry_controls_shadow;
+        u32 vm_exit_controls_shadow;
        /*
         * loaded_vmcs points to the VMCS currently used in this vcpu. For a
         * non-nested (L1) guest, it always points to vmcs01. For a nested
@@ -1056,7 +1058,9 @@ static inline bool is_exception(u32 intr_info)
                == (INTR_TYPE_HARD_EXCEPTION | INTR_INFO_VALID_MASK);
 }
-static void nested_vmx_vmexit(struct kvm_vcpu *vcpu);
+static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 exit_reason,
+                              u32 exit_intr_info,
+                              unsigned long exit_qualification);
 static void nested_vmx_entry_failure(struct kvm_vcpu *vcpu,
                        struct vmcs12 *vmcs12,
                        u32 reason, unsigned long qualification);
@@ -1326,6 +1330,62 @@ static void vmcs_set_bits(unsigned long field, u32 mask)
        vmcs_writel(field, vmcs_readl(field) | mask);
 }
+static inline void vm_entry_controls_init(struct vcpu_vmx *vmx, u32 val)
+{
+        vmcs_write32(VM_ENTRY_CONTROLS, val);
+        vmx->vm_entry_controls_shadow = val;
+}
+static inline void vm_entry_controls_set(struct vcpu_vmx *vmx, u32 val)
+{
+        if (vmx->vm_entry_controls_shadow != val)
+                vm_entry_controls_init(vmx, val);
+}
+static inline u32 vm_entry_controls_get(struct vcpu_vmx *vmx)
+{
+        return vmx->vm_entry_controls_shadow;
+}
+static inline void vm_entry_controls_setbit(struct vcpu_vmx *vmx, u32 val)
+{
+        vm_entry_controls_set(vmx, vm_entry_controls_get(vmx) | val);
+}
+static inline void vm_entry_controls_clearbit(struct vcpu_vmx *vmx, u32 val)
+{
+        vm_entry_controls_set(vmx, vm_entry_controls_get(vmx) & ~val);
+}
+static inline void vm_exit_controls_init(struct vcpu_vmx *vmx, u32 val)
+{
+        vmcs_write32(VM_EXIT_CONTROLS, val);
+        vmx->vm_exit_controls_shadow = val;
+}
+static inline void vm_exit_controls_set(struct vcpu_vmx *vmx, u32 val)
+{
+        if (vmx->vm_exit_controls_shadow != val)
+                vm_exit_controls_init(vmx, val);
+}
+static inline u32 vm_exit_controls_get(struct vcpu_vmx *vmx)
+{
+        return vmx->vm_exit_controls_shadow;
+}
+static inline void vm_exit_controls_setbit(struct vcpu_vmx *vmx, u32 val)
+{
+        vm_exit_controls_set(vmx, vm_exit_controls_get(vmx) | val);
+}
+static inline void vm_exit_controls_clearbit(struct vcpu_vmx *vmx, u32 val)
+{
+        vm_exit_controls_set(vmx, vm_exit_controls_get(vmx) & ~val);
+}
 static void vmx_segment_cache_clear(struct vcpu_vmx *vmx)
 {
        vmx->segment_cache.bitmask = 0;
@@ -1410,11 +1470,11 @@ static void update_exception_bitmap(struct kvm_vcpu *vcpu)
        vmcs_write32(EXCEPTION_BITMAP, eb);
 }
-static void clear_atomic_switch_msr_special(unsigned long entry,
+static void clear_atomic_switch_msr_special(struct vcpu_vmx *vmx,
-                unsigned long exit)
+                unsigned long entry, unsigned long exit)
 {
-        vmcs_clear_bits(VM_ENTRY_CONTROLS, entry);
+        vm_entry_controls_clearbit(vmx, entry);
-        vmcs_clear_bits(VM_EXIT_CONTROLS, exit);
+        vm_exit_controls_clearbit(vmx, exit);
 }
 static void clear_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr)
@@ -1425,14 +1485,15 @@ static void clear_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr)
        switch (msr) {
        case MSR_EFER:
                if (cpu_has_load_ia32_efer) {
-                        clear_atomic_switch_msr_special(VM_ENTRY_LOAD_IA32_EFER,
+                        clear_atomic_switch_msr_special(vmx,
+                                        VM_ENTRY_LOAD_IA32_EFER,
                                        VM_EXIT_LOAD_IA32_EFER);
                        return;
                }
                break;
        case MSR_CORE_PERF_GLOBAL_CTRL:
                if (cpu_has_load_perf_global_ctrl) {
-                        clear_atomic_switch_msr_special(
+                        clear_atomic_switch_msr_special(vmx,
                                        VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
                                        VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL);
                        return;
@@ -1453,14 +1514,15 @@ static void clear_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr)
        vmcs_write32(VM_EXIT_MSR_LOAD_COUNT, m->nr);
 }
-static void add_atomic_switch_msr_special(unsigned long entry,
+static void add_atomic_switch_msr_special(struct vcpu_vmx *vmx,
-                unsigned long exit, unsigned long guest_val_vmcs,
+                unsigned long entry, unsigned long exit,
-                unsigned long host_val_vmcs, u64 guest_val, u64 host_val)
+                unsigned long guest_val_vmcs, unsigned long host_val_vmcs,
+                u64 guest_val, u64 host_val)
 {
        vmcs_write64(guest_val_vmcs, guest_val);
        vmcs_write64(host_val_vmcs, host_val);
-        vmcs_set_bits(VM_ENTRY_CONTROLS, entry);
+        vm_entry_controls_setbit(vmx, entry);
-        vmcs_set_bits(VM_EXIT_CONTROLS, exit);
+        vm_exit_controls_setbit(vmx, exit);
 }
 static void add_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr,
@@ -1472,7 +1534,8 @@ static void add_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr,
        switch (msr) {
        case MSR_EFER:
                if (cpu_has_load_ia32_efer) {
-                        add_atomic_switch_msr_special(VM_ENTRY_LOAD_IA32_EFER,
+                        add_atomic_switch_msr_special(vmx,
+                                        VM_ENTRY_LOAD_IA32_EFER,
                                        VM_EXIT_LOAD_IA32_EFER,
                                        GUEST_IA32_EFER,
                                        HOST_IA32_EFER,
@@ -1482,7 +1545,7 @@ static void add_atomic_switch_msr(struct vcpu_vmx *vmx, unsigned msr,
                break;
        case MSR_CORE_PERF_GLOBAL_CTRL:
                if (cpu_has_load_perf_global_ctrl) {
-                        add_atomic_switch_msr_special(
+                        add_atomic_switch_msr_special(vmx,
                                        VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL,
                                        VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL,
                                        GUEST_IA32_PERF_GLOBAL_CTRL,
@@ -1906,7 +1969,9 @@ static int nested_vmx_check_exception(struct kvm_vcpu *vcpu, unsigned nr)
        if (!(vmcs12->exception_bitmap & (1u << nr)))
                return 0;
-        nested_vmx_vmexit(vcpu);
+        nested_vmx_vmexit(vcpu, to_vmx(vcpu)->exit_reason,
+                          vmcs_read32(VM_EXIT_INTR_INFO),
+                          vmcs_readl(EXIT_QUALIFICATION));
        return 1;
 }
@@ -2279,6 +2344,7 @@ static __init void nested_vmx_setup_ctls_msrs(void)
        rdmsr(MSR_IA32_VMX_MISC, nested_vmx_misc_low, nested_vmx_misc_high);
        nested_vmx_misc_low &= VMX_MISC_PREEMPTION_TIMER_RATE_MASK |
                VMX_MISC_SAVE_EFER_LMA;
+        nested_vmx_misc_low |= VMX_MISC_ACTIVITY_HLT;
        nested_vmx_misc_high = 0;
 }
@@ -2295,32 +2361,10 @@ static inline u64 vmx_control_msr(u32 low, u32 high)
        return low | ((u64)high << 32);
 }
-/*
+/* Returns 0 on success, non-0 otherwise. */
- * If we allow our guest to use VMX instructions (i.e., nested VMX), we should
- * also let it use VMX-specific MSRs.
- * vmx_get_vmx_msr() and vmx_set_vmx_msr() return 1 when we handled a
- * VMX-specific MSR, or 0 when we haven't (and the caller should handle it
- * like all other MSRs).
- */
 static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
 {
-        if (!nested_vmx_allowed(vcpu) && msr_index >= MSR_IA32_VMX_BASIC &&
-                     msr_index <= MSR_IA32_VMX_TRUE_ENTRY_CTLS) {
-                /*
-                 * According to the spec, processors which do not support VMX
-                 * should throw a #GP(0) when VMX capability MSRs are read.
-                 */
-                kvm_queue_exception_e(vcpu, GP_VECTOR, 0);
-                return 1;
-        }
        switch (msr_index) {
-        case MSR_IA32_FEATURE_CONTROL:
-                if (nested_vmx_allowed(vcpu)) {
-                        *pdata = to_vmx(vcpu)->nested.msr_ia32_feature_control;
-                        break;
-                }
-                return 0;
        case MSR_IA32_VMX_BASIC:
                /*
                 * This MSR reports some information about VMX support. We
@@ -2387,34 +2431,9 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
                *pdata = nested_vmx_ept_caps;
                break;
        default:
-                return 0;
-        }
-        return 1;
-}
-static int vmx_set_vmx_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
-{
-        u32 msr_index = msr_info->index;
-        u64 data = msr_info->data;
-        bool host_initialized = msr_info->host_initiated;
-        if (!nested_vmx_allowed(vcpu))
-                return 0;
-        if (msr_index == MSR_IA32_FEATURE_CONTROL) {
-                if (!host_initialized &&
-                                to_vmx(vcpu)->nested.msr_ia32_feature_control
-                                & FEATURE_CONTROL_LOCKED)
-                        return 0;
-                to_vmx(vcpu)->nested.msr_ia32_feature_control = data;
                return 1;
        }
-        /*
-         * No need to treat VMX capability MSRs specially: If we don't handle
-         * them, handle_wrmsr will #GP(0), which is correct (they are readonly)
-         */
        return 0;
 }
@@ -2460,13 +2479,20 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
        case MSR_IA32_SYSENTER_ESP:
                data = vmcs_readl(GUEST_SYSENTER_ESP);
                break;
+        case MSR_IA32_FEATURE_CONTROL:
+                if (!nested_vmx_allowed(vcpu))
+                        return 1;
+                data = to_vmx(vcpu)->nested.msr_ia32_feature_control;
+                break;
+        case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC:
+                if (!nested_vmx_allowed(vcpu))
+                        return 1;
+                return vmx_get_vmx_msr(vcpu, msr_index, pdata);
        case MSR_TSC_AUX:
                if (!to_vmx(vcpu)->rdtscp_enabled)
                        return 1;
                /* Otherwise falls through */
        default:
-                if (vmx_get_vmx_msr(vcpu, msr_index, pdata))
-                        return 0;
                msr = find_msr_entry(to_vmx(vcpu), msr_index);
                if (msr) {
                        data = msr->data;
@@ -2479,6 +2505,8 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
        return 0;
 }
+static void vmx_leave_nested(struct kvm_vcpu *vcpu);
 /*
 * Writes msr value into into the appropriate "register".
 * Returns 0 on success, non-0 otherwise.
@@ -2533,6 +2561,17 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
        case MSR_IA32_TSC_ADJUST:
                ret = kvm_set_msr_common(vcpu, msr_info);
                break;
+        case MSR_IA32_FEATURE_CONTROL:
+                if (!nested_vmx_allowed(vcpu) ||
+                    (to_vmx(vcpu)->nested.msr_ia32_feature_control &
+                     FEATURE_CONTROL_LOCKED && !msr_info->host_initiated))
+                        return 1;
+                vmx->nested.msr_ia32_feature_control = data;
+                if (msr_info->host_initiated && data == 0)
+                        vmx_leave_nested(vcpu);
+                break;
+        case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC:
+                return 1; /* they are read-only */
        case MSR_TSC_AUX:
                if (!vmx->rdtscp_enabled)
                        return 1;
@@ -2541,8 +2580,6 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
                        return 1;
                /* Otherwise falls through */
        default:
-                if (vmx_set_vmx_msr(vcpu, msr_info))
-                        break;
                msr = find_msr_entry(vmx, msr_index);
                if (msr) {
                        msr->data = data;
@@ -3182,14 +3219,10 @@ static void vmx_set_efer(struct kvm_vcpu *vcpu, u64 efer)
        vmx_load_host_state(to_vmx(vcpu));
        vcpu->arch.efer = efer;
        if (efer & EFER_LMA) {
-                vmcs_write32(VM_ENTRY_CONTROLS,
+                vm_entry_controls_setbit(to_vmx(vcpu), VM_ENTRY_IA32E_MODE);
-                             vmcs_read32(VM_ENTRY_CONTROLS) |
-                             VM_ENTRY_IA32E_MODE);
                msr->data = efer;
        } else {
-                vmcs_write32(VM_ENTRY_CONTROLS,
+                vm_entry_controls_clearbit(to_vmx(vcpu), VM_ENTRY_IA32E_MODE);
-                             vmcs_read32(VM_ENTRY_CONTROLS) &
-                             ~VM_ENTRY_IA32E_MODE);
                msr->data = efer & ~EFER_LME;
        }
@@ -3217,9 +3250,7 @@ static void enter_lmode(struct kvm_vcpu *vcpu)
 static void exit_lmode(struct kvm_vcpu *vcpu)
 {
-        vmcs_write32(VM_ENTRY_CONTROLS,
+        vm_entry_controls_clearbit(to_vmx(vcpu), VM_ENTRY_IA32E_MODE);
-                     vmcs_read32(VM_ENTRY_CONTROLS)
-                     & ~VM_ENTRY_IA32E_MODE);
        vmx_set_efer(vcpu, vcpu->arch.efer & ~EFER_LMA);
 }
@@ -4346,10 +4377,11 @@ static int vmx_vcpu_setup(struct vcpu_vmx *vmx)
                ++vmx->nmsrs;
        }
-        vmcs_write32(VM_EXIT_CONTROLS, vmcs_config.vmexit_ctrl);
+        vm_exit_controls_init(vmx, vmcs_config.vmexit_ctrl);
        /* 22.2.1, 20.8.1 */
-        vmcs_write32(VM_ENTRY_CONTROLS, vmcs_config.vmentry_ctrl);
+        vm_entry_controls_init(vmx, vmcs_config.vmentry_ctrl);
        vmcs_writel(CR0_GUEST_HOST_MASK, ~0UL);
        set_cr4_guest_host_mask(vmx);
@@ -4360,7 +4392,7 @@ static int vmx_vcpu_setup(struct vcpu_vmx *vmx)
 static void vmx_vcpu_reset(struct kvm_vcpu *vcpu)
 {
        struct vcpu_vmx *vmx = to_vmx(vcpu);
-        u64 msr;
+        struct msr_data apic_base_msr;
        vmx->rmode.vm86_active = 0;
@@ -4368,10 +4400,11 @@ static void vmx_vcpu_reset(struct kvm_vcpu *vcpu)
        vmx->vcpu.arch.regs[VCPU_REGS_RDX] = get_rdx_init_val();
        kvm_set_cr8(&vmx->vcpu, 0);
-        msr = 0xfee00000 | MSR_IA32_APICBASE_ENABLE;
+        apic_base_msr.data = 0xfee00000 | MSR_IA32_APICBASE_ENABLE;
        if (kvm_vcpu_is_bsp(&vmx->vcpu))
-                msr |= MSR_IA32_APICBASE_BSP;
+                apic_base_msr.data |= MSR_IA32_APICBASE_BSP;
-        kvm_set_apic_base(&vmx->vcpu, msr);
+        apic_base_msr.host_initiated = true;
+        kvm_set_apic_base(&vmx->vcpu, &apic_base_msr);
        vmx_segment_cache_clear(vmx);
@@ -4588,15 +4621,12 @@ static void vmx_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked)
 static int vmx_nmi_allowed(struct kvm_vcpu *vcpu)
 {
        if (is_guest_mode(vcpu)) {
-                struct vmcs12 *vmcs12 = get_vmcs12(vcpu);
                if (to_vmx(vcpu)->nested.nested_run_pending)
                        return 0;
                if (nested_exit_on_nmi(vcpu)) {
-                        nested_vmx_vmexit(vcpu);
+                        nested_vmx_vmexit(vcpu, EXIT_REASON_EXCEPTION_NMI,
-                        vmcs12->vm_exit_reason = EXIT_REASON_EXCEPTION_NMI;
+                                          NMI_VECTOR | INTR_TYPE_NMI_INTR |
-                        vmcs12->vm_exit_intr_info = NMI_VECTOR |
+                                          INTR_INFO_VALID_MASK, 0);
-                                INTR_TYPE_NMI_INTR | INTR_INFO_VALID_MASK;
                        /*
                         * The NMI-triggered VM exit counts as injection:
                         * clear this one and block further NMIs.
@@ -4618,15 +4648,11 @@ static int vmx_nmi_allowed(struct kvm_vcpu *vcpu)
 static int vmx_interrupt_allowed(struct kvm_vcpu *vcpu)
 {
        if (is_guest_mode(vcpu)) {
-                struct vmcs12 *vmcs12 = get_vmcs12(vcpu);
                if (to_vmx(vcpu)->nested.nested_run_pending)
                        return 0;
                if (nested_exit_on_intr(vcpu)) {
-                        nested_vmx_vmexit(vcpu);
+                        nested_vmx_vmexit(vcpu, EXIT_REASON_EXTERNAL_INTERRUPT,
-                        vmcs12->vm_exit_reason =
+                                          0, 0);
-                                EXIT_REASON_EXTERNAL_INTERRUPT;
-                        vmcs12->vm_exit_intr_info = 0;
                        /*
                         * fall through to normal code, but now in L1, not L2
                         */
@@ -4812,7 +4838,8 @@ static int handle_exception(struct kvm_vcpu *vcpu)
                dr6 = vmcs_readl(EXIT_QUALIFICATION);
                if (!(vcpu->guest_debug &
                      (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP))) {
-                        vcpu->arch.dr6 = dr6 | DR6_FIXED_1;
+                        vcpu->arch.dr6 &= ~15;
+                        vcpu->arch.dr6 |= dr6;
                        kvm_queue_exception(vcpu, DB_VECTOR);
                        return 1;
                }
@@ -5080,14 +5107,27 @@ static int handle_dr(struct kvm_vcpu *vcpu)
        reg = DEBUG_REG_ACCESS_REG(exit_qualification);
        if (exit_qualification & TYPE_MOV_FROM_DR) {
                unsigned long val;
-                if (!kvm_get_dr(vcpu, dr, &val))
-                        kvm_register_write(vcpu, reg, val);
+                if (kvm_get_dr(vcpu, dr, &val))
+                        return 1;
+                kvm_register_write(vcpu, reg, val);
        } else
-                kvm_set_dr(vcpu, dr, vcpu->arch.regs[reg]);
+                if (kvm_set_dr(vcpu, dr, vcpu->arch.regs[reg]))
+                        return 1;
        skip_emulated_instruction(vcpu);
        return 1;
 }
+static u64 vmx_get_dr6(struct kvm_vcpu *vcpu)
+{
+        return vcpu->arch.dr6;
+}
+static void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val)
+{
+}
 static void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val)
 {
        vmcs_writel(GUEST_DR7, val);
@@ -6460,11 +6500,8 @@ static bool nested_vmx_exit_handled_io(struct kvm_vcpu *vcpu,
        int size;
        u8 b;
-        if (nested_cpu_has(vmcs12, CPU_BASED_UNCOND_IO_EXITING))
-                return 1;
        if (!nested_cpu_has(vmcs12, CPU_BASED_USE_IO_BITMAPS))
-                return 0;
+                return nested_cpu_has(vmcs12, CPU_BASED_UNCOND_IO_EXITING);
        exit_qualification = vmcs_readl(EXIT_QUALIFICATION);
@@ -6628,6 +6665,13 @@ static bool nested_vmx_exit_handled(struct kvm_vcpu *vcpu)
        struct vmcs12 *vmcs12 = get_vmcs12(vcpu);
        u32 exit_reason = vmx->exit_reason;
+        trace_kvm_nested_vmexit(kvm_rip_read(vcpu), exit_reason,
+                                vmcs_readl(EXIT_QUALIFICATION),
+                                vmx->idt_vectoring_info,
+                                intr_info,
+                                vmcs_read32(VM_EXIT_INTR_ERROR_CODE),
+                                KVM_ISA_VMX);
        if (vmx->nested.nested_run_pending)
                return 0;
@@ -6777,7 +6821,9 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu)
                return handle_invalid_guest_state(vcpu);
        if (is_guest_mode(vcpu) && nested_vmx_exit_handled(vcpu)) {
-                nested_vmx_vmexit(vcpu);
+                nested_vmx_vmexit(vcpu, exit_reason,
+                                  vmcs_read32(VM_EXIT_INTR_INFO),
+                                  vmcs_readl(EXIT_QUALIFICATION));
                return 1;
        }
@@ -7332,8 +7378,8 @@ static void vmx_free_vcpu(struct kvm_vcpu *vcpu)
        struct vcpu_vmx *vmx = to_vmx(vcpu);
        free_vpid(vmx);
-        free_nested(vmx);
        free_loaded_vmcs(vmx->loaded_vmcs);
+        free_nested(vmx);
        kfree(vmx->guest_msrs);
        kvm_vcpu_uninit(vcpu);
        kmem_cache_free(kvm_vcpu_cache, vmx);
@@ -7518,15 +7564,14 @@ static void vmx_set_supported_cpuid(u32 func, struct kvm_cpuid_entry2 *entry)
 static void nested_ept_inject_page_fault(struct kvm_vcpu *vcpu,
                struct x86_exception *fault)
 {
-        struct vmcs12 *vmcs12;
+        struct vmcs12 *vmcs12 = get_vmcs12(vcpu);
-        nested_vmx_vmexit(vcpu);
+        u32 exit_reason;
-        vmcs12 = get_vmcs12(vcpu);
        if (fault->error_code & PFERR_RSVD_MASK)
-                vmcs12->vm_exit_reason = EXIT_REASON_EPT_MISCONFIG;
+                exit_reason = EXIT_REASON_EPT_MISCONFIG;
        else
-                vmcs12->vm_exit_reason = EXIT_REASON_EPT_VIOLATION;
+                exit_reason = EXIT_REASON_EPT_VIOLATION;
-        vmcs12->exit_qualification = vcpu->arch.exit_qualification;
+        nested_vmx_vmexit(vcpu, exit_reason, 0, vcpu->arch.exit_qualification);
        vmcs12->guest_physical_address = fault->address;
 }
@@ -7564,7 +7609,9 @@ static void vmx_inject_page_fault_nested(struct kvm_vcpu *vcpu,
        /* TODO: also check PFEC_MATCH/MASK, not just EB.PF. */
        if (vmcs12->exception_bitmap & (1u << PF_VECTOR))
-                nested_vmx_vmexit(vcpu);
+                nested_vmx_vmexit(vcpu, to_vmx(vcpu)->exit_reason,
+                                  vmcs_read32(VM_EXIT_INTR_INFO),
+                                  vmcs_readl(EXIT_QUALIFICATION));
        else
                kvm_inject_page_fault(vcpu, fault);
 }
@@ -7706,6 +7753,11 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
                        else
                                vmcs_write64(APIC_ACCESS_ADDR,
                                  page_to_phys(vmx->nested.apic_access_page));
+                } else if (vm_need_virtualize_apic_accesses(vmx->vcpu.kvm)) {
+                        exec_control |=
+                                SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
+                        vmcs_write64(APIC_ACCESS_ADDR,
+                                page_to_phys(vcpu->kvm->arch.apic_access_page));
                }
                vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control);
@@ -7759,12 +7811,12 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
        exit_control = vmcs_config.vmexit_ctrl;
        if (vmcs12->pin_based_vm_exec_control & PIN_BASED_VMX_PREEMPTION_TIMER)
                exit_control |= VM_EXIT_SAVE_VMX_PREEMPTION_TIMER;
-        vmcs_write32(VM_EXIT_CONTROLS, exit_control);
+        vm_exit_controls_init(vmx, exit_control);
        /* vmcs12's VM_ENTRY_LOAD_IA32_EFER and VM_ENTRY_IA32E_MODE are
         * emulated by vmx_set_efer(), below.
         */
-        vmcs_write32(VM_ENTRY_CONTROLS,
+        vm_entry_controls_init(vmx, 
                (vmcs12->vm_entry_controls & ~VM_ENTRY_LOAD_IA32_EFER &
                        ~VM_ENTRY_IA32E_MODE) |
                (vmcs_config.vmentry_ctrl & ~VM_ENTRY_IA32E_MODE));
@@ -7882,7 +7934,8 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)
                return 1;
        }
-        if (vmcs12->guest_activity_state != GUEST_ACTIVITY_ACTIVE) {
+        if (vmcs12->guest_activity_state != GUEST_ACTIVITY_ACTIVE &&
+            vmcs12->guest_activity_state != GUEST_ACTIVITY_HLT) {
                nested_vmx_failValid(vcpu, VMXERR_ENTRY_INVALID_CONTROL_FIELD);
                return 1;
        }
@@ -7994,8 +8047,6 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)
        enter_guest_mode(vcpu);
-        vmx->nested.nested_run_pending = 1;
        vmx->nested.vmcs01_tsc_offset = vmcs_read64(TSC_OFFSET);
        cpu = get_cpu();
@@ -8011,6 +8062,11 @@ static int nested_vmx_run(struct kvm_vcpu *vcpu, bool launch)
        prepare_vmcs02(vcpu, vmcs12);
+        if (vmcs12->guest_activity_state == GUEST_ACTIVITY_HLT)
+                return kvm_emulate_halt(vcpu);
+        vmx->nested.nested_run_pending = 1;
        /*
         * Note no nested_vmx_succeed or nested_vmx_fail here. At this point
         * we are no longer running L1, and VMLAUNCH/VMRESUME has not yet
@@ -8110,7 +8166,9 @@ static void vmcs12_save_pending_event(struct kvm_vcpu *vcpu,
 * exit-information fields only. Other fields are modified by L1 with VMWRITE,
 * which already writes to vmcs12 directly.
 */
-static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
+static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12,
+                           u32 exit_reason, u32 exit_intr_info,
+                           unsigned long exit_qualification)
 {
        /* update guest state fields: */
        vmcs12->guest_cr0 = vmcs12_guest_cr0(vcpu, vmcs12);
@@ -8162,6 +8220,10 @@ static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
                vmcs_read32(GUEST_INTERRUPTIBILITY_INFO);
        vmcs12->guest_pending_dbg_exceptions =
                vmcs_readl(GUEST_PENDING_DBG_EXCEPTIONS);
+        if (vcpu->arch.mp_state == KVM_MP_STATE_HALTED)
+                vmcs12->guest_activity_state = GUEST_ACTIVITY_HLT;
+        else
+                vmcs12->guest_activity_state = GUEST_ACTIVITY_ACTIVE;
        if ((vmcs12->pin_based_vm_exec_control & PIN_BASED_VMX_PREEMPTION_TIMER) &&
            (vmcs12->vm_exit_controls & VM_EXIT_SAVE_VMX_PREEMPTION_TIMER))
@@ -8186,7 +8248,7 @@ static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
        vmcs12->vm_entry_controls =
                (vmcs12->vm_entry_controls & ~VM_ENTRY_IA32E_MODE) |
-                (vmcs_read32(VM_ENTRY_CONTROLS) & VM_ENTRY_IA32E_MODE);
+                (vm_entry_controls_get(to_vmx(vcpu)) & VM_ENTRY_IA32E_MODE);
        /* TODO: These cannot have changed unless we have MSR bitmaps and
         * the relevant bit asks not to trap the change */
@@ -8201,10 +8263,10 @@ static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
        /* update exit information fields: */
-        vmcs12->vm_exit_reason  = to_vmx(vcpu)->exit_reason;
+        vmcs12->vm_exit_reason = exit_reason;
-        vmcs12->exit_qualification = vmcs_readl(EXIT_QUALIFICATION);
+        vmcs12->exit_qualification = exit_qualification;
-        vmcs12->vm_exit_intr_info = vmcs_read32(VM_EXIT_INTR_INFO);
+        vmcs12->vm_exit_intr_info = exit_intr_info;
        if ((vmcs12->vm_exit_intr_info &
             (INTR_INFO_VALID_MASK | INTR_INFO_DELIVER_CODE_MASK)) ==
            (INTR_INFO_VALID_MASK | INTR_INFO_DELIVER_CODE_MASK))
@@ -8370,7 +8432,9 @@ static void load_vmcs12_host_state(struct kvm_vcpu *vcpu,
 * and modify vmcs12 to make it see what it would expect to see there if
 * L2 was its real guest. Must only be called when in L2 (is_guest_mode())
 */
-static void nested_vmx_vmexit(struct kvm_vcpu *vcpu)
+static void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 exit_reason,
+                              u32 exit_intr_info,
+                              unsigned long exit_qualification)
 {
        struct vcpu_vmx *vmx = to_vmx(vcpu);
        int cpu;
@@ -8380,7 +8444,15 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu)
        WARN_ON_ONCE(vmx->nested.nested_run_pending);
        leave_guest_mode(vcpu);
-        prepare_vmcs12(vcpu, vmcs12);
+        prepare_vmcs12(vcpu, vmcs12, exit_reason, exit_intr_info,
+                       exit_qualification);
+        trace_kvm_nested_vmexit_inject(vmcs12->vm_exit_reason,
+                                       vmcs12->exit_qualification,
+                                       vmcs12->idt_vectoring_info_field,
+                                       vmcs12->vm_exit_intr_info,
+                                       vmcs12->vm_exit_intr_error_code,
+                                       KVM_ISA_VMX);
        cpu = get_cpu();
        vmx->loaded_vmcs = &vmx->vmcs01;
@@ -8389,6 +8461,8 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu)
        vcpu->cpu = cpu;
        put_cpu();
+        vm_entry_controls_init(vmx, vmcs_read32(VM_ENTRY_CONTROLS));
+        vm_exit_controls_init(vmx, vmcs_read32(VM_EXIT_CONTROLS));
        vmx_segment_cache_clear(vmx);
        /* if no vmcs02 cache requested, remove the one we used */
@@ -8424,6 +8498,16 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu)
 }
 /*
+ * Forcibly leave nested mode in order to be able to reset the VCPU later on.
+ */
+static void vmx_leave_nested(struct kvm_vcpu *vcpu)
+{
+        if (is_guest_mode(vcpu))
+                nested_vmx_vmexit(vcpu, -1, 0, 0);
+        free_nested(to_vmx(vcpu));
+}
+/*
 * L1's failure to enter L2 is a subset of a normal exit, as explained in
 * 23.7 "VM-entry failures during or after loading guest state" (this also
 * lists the acceptable exit-reason and exit-qualification parameters).
@@ -8486,6 +8570,8 @@ static struct kvm_x86_ops vmx_x86_ops = {
        .set_idt = vmx_set_idt,
        .get_gdt = vmx_get_gdt,
        .set_gdt = vmx_set_gdt,
+        .get_dr6 = vmx_get_dr6,
+        .set_dr6 = vmx_set_dr6,
        .set_dr7 = vmx_set_dr7,
        .cache_reg = vmx_cache_reg,
        .get_rflags = vmx_get_rflags,
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 5d004da1e35d..39c28f09dfd5 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -94,6 +94,9 @@ EXPORT_SYMBOL_GPL(kvm_x86_ops);
 static bool ignore_msrs = 0;
 module_param(ignore_msrs, bool, S_IRUGO | S_IWUSR);
+unsigned int min_timer_period_us = 500;
+module_param(min_timer_period_us, uint, S_IRUGO | S_IWUSR);
 bool kvm_has_tsc_control;
 EXPORT_SYMBOL_GPL(kvm_has_tsc_control);
 u32  kvm_max_guest_tsc_khz;
@@ -254,10 +257,26 @@ u64 kvm_get_apic_base(struct kvm_vcpu *vcpu)
 }
 EXPORT_SYMBOL_GPL(kvm_get_apic_base);
-void kvm_set_apic_base(struct kvm_vcpu *vcpu, u64 data)
+int kvm_set_apic_base(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
-{
+{
-        /* TODO: reserve bits check */
+        u64 old_state = vcpu->arch.apic_base &
-        kvm_lapic_set_base(vcpu, data);
+                (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE);
+        u64 new_state = msr_info->data &
+                (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE);
+        u64 reserved_bits = ((~0ULL) << cpuid_maxphyaddr(vcpu)) |
+                0x2ff | (guest_cpuid_has_x2apic(vcpu) ? 0 : X2APIC_ENABLE);
+        if (!msr_info->host_initiated &&
+            ((msr_info->data & reserved_bits) != 0 ||
+             new_state == X2APIC_ENABLE ||
+             (new_state == MSR_IA32_APICBASE_ENABLE &&
+              old_state == (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE)) ||
+             (new_state == (MSR_IA32_APICBASE_ENABLE | X2APIC_ENABLE) &&
+              old_state == 0)))
+                return 1;
+        kvm_lapic_set_base(vcpu, msr_info->data);
+        return 0;
 }
 EXPORT_SYMBOL_GPL(kvm_set_apic_base);
@@ -719,6 +738,12 @@ unsigned long kvm_get_cr8(struct kvm_vcpu *vcpu)
 }
 EXPORT_SYMBOL_GPL(kvm_get_cr8);
+static void kvm_update_dr6(struct kvm_vcpu *vcpu)
+{
+        if (!(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP))
+                kvm_x86_ops->set_dr6(vcpu, vcpu->arch.dr6);
+}
 static void kvm_update_dr7(struct kvm_vcpu *vcpu)
 {
        unsigned long dr7;
@@ -747,6 +772,7 @@ static int __kvm_set_dr(struct kvm_vcpu *vcpu, int dr, unsigned long val)
                if (val & 0xffffffff00000000ULL)
                        return -1; /* #GP */
                vcpu->arch.dr6 = (val & DR6_VOLATILE) | DR6_FIXED_1;
+                kvm_update_dr6(vcpu);
                break;
        case 5:
                if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
@@ -788,7 +814,10 @@ static int _kvm_get_dr(struct kvm_vcpu *vcpu, int dr, unsigned long *val)
                        return 1;
                /* fall through */
        case 6:
-                *val = vcpu->arch.dr6;
+                if (vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP)
+                        *val = vcpu->arch.dr6;
+                else
+                        *val = kvm_x86_ops->get_dr6(vcpu);
                break;
        case 5:
                if (kvm_read_cr4_bits(vcpu, X86_CR4_DE))
@@ -836,11 +865,12 @@ EXPORT_SYMBOL_GPL(kvm_rdpmc);
 * kvm-specific. Those are put in the beginning of the list.
 */
-#define KVM_SAVE_MSRS_BEGIN     10
+#define KVM_SAVE_MSRS_BEGIN     12
 static u32 msrs_to_save[] = {
        MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK,
        MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW,
        HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL,
+        HV_X64_MSR_TIME_REF_COUNT, HV_X64_MSR_REFERENCE_TSC,
        HV_X64_MSR_APIC_ASSIST_PAGE, MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME,
        MSR_KVM_PV_EOI_EN,
        MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP,
@@ -1275,8 +1305,6 @@ void kvm_write_tsc(struct kvm_vcpu *vcpu, struct msr_data *msr)
        kvm->arch.last_tsc_write = data;
        kvm->arch.last_tsc_khz = vcpu->arch.virtual_tsc_khz;
-        /* Reset of TSC must disable overshoot protection below */
-        vcpu->arch.hv_clock.tsc_timestamp = 0;
        vcpu->arch.last_guest_tsc = data;
        /* Keep track of which generation this VCPU has synchronized to */
@@ -1484,7 +1512,7 @@ static int kvm_guest_time_update(struct kvm_vcpu *v)
        unsigned long flags, this_tsc_khz;
        struct kvm_vcpu_arch *vcpu = &v->arch;
        struct kvm_arch *ka = &v->kvm->arch;
-        s64 kernel_ns, max_kernel_ns;
+        s64 kernel_ns;
        u64 tsc_timestamp, host_tsc;
        struct pvclock_vcpu_time_info guest_hv_clock;
        u8 pvclock_flags;
@@ -1543,37 +1571,6 @@ static int kvm_guest_time_update(struct kvm_vcpu *v)
        if (!vcpu->pv_time_enabled)
                return 0;
-        /*
-         * Time as measured by the TSC may go backwards when resetting the base
-         * tsc_timestamp.  The reason for this is that the TSC resolution is
-         * higher than the resolution of the other clock scales.  Thus, many
-         * possible measurments of the TSC correspond to one measurement of any
-         * other clock, and so a spread of values is possible.  This is not a
-         * problem for the computation of the nanosecond clock; with TSC rates
-         * around 1GHZ, there can only be a few cycles which correspond to one
-         * nanosecond value, and any path through this code will inevitably
-         * take longer than that.  However, with the kernel_ns value itself,
-         * the precision may be much lower, down to HZ granularity.  If the
-         * first sampling of TSC against kernel_ns ends in the low part of the
-         * range, and the second in the high end of the range, we can get:
-         *
-         * (TSC - offset_low) * S + kns_old > (TSC - offset_high) * S + kns_new
-         *
-         * As the sampling errors potentially range in the thousands of cycles,
-         * it is possible such a time value has already been observed by the
-         * guest.  To protect against this, we must compute the system time as
-         * observed by the guest and ensure the new system time is greater.
-         */
-        max_kernel_ns = 0;
-        if (vcpu->hv_clock.tsc_timestamp) {
-                max_kernel_ns = vcpu->last_guest_tsc -
-                                vcpu->hv_clock.tsc_timestamp;
-                max_kernel_ns = pvclock_scale_delta(max_kernel_ns,
-                                    vcpu->hv_clock.tsc_to_system_mul,
-                                    vcpu->hv_clock.tsc_shift);
-                max_kernel_ns += vcpu->last_kernel_ns;
-        }
        if (unlikely(vcpu->hw_tsc_khz != this_tsc_khz)) {
                kvm_get_time_scale(NSEC_PER_SEC / 1000, this_tsc_khz,
                                   &vcpu->hv_clock.tsc_shift,
@@ -1581,14 +1578,6 @@ static int kvm_guest_time_update(struct kvm_vcpu *v)
                vcpu->hw_tsc_khz = this_tsc_khz;
        }
-        /* with a master <monotonic time, tsc value> tuple,
-         * pvclock clock reads always increase at the (scaled) rate
-         * of guest TSC - no need to deal with sampling errors.
-         */
-        if (!use_master_clock) {
-                if (max_kernel_ns > kernel_ns)
-                        kernel_ns = max_kernel_ns;
-        }
        /* With all the info we got, fill in the values */
        vcpu->hv_clock.tsc_timestamp = tsc_timestamp;
        vcpu->hv_clock.system_time = kernel_ns + v->kvm->arch.kvmclock_offset;
@@ -1826,6 +1815,8 @@ static bool kvm_hv_msr_partition_wide(u32 msr)
        switch (msr) {
        case HV_X64_MSR_GUEST_OS_ID:
        case HV_X64_MSR_HYPERCALL:
+        case HV_X64_MSR_REFERENCE_TSC:
+        case HV_X64_MSR_TIME_REF_COUNT:
                r = true;
                break;
        }
@@ -1865,6 +1856,21 @@ static int set_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 data)
                if (__copy_to_user((void __user *)addr, instructions, 4))
                        return 1;
                kvm->arch.hv_hypercall = data;
+                mark_page_dirty(kvm, gfn);
+                break;
+        }
+        case HV_X64_MSR_REFERENCE_TSC: {
+                u64 gfn;
+                HV_REFERENCE_TSC_PAGE tsc_ref;
+                memset(&tsc_ref, 0, sizeof(tsc_ref));
+                kvm->arch.hv_tsc_page = data;
+                if (!(data & HV_X64_MSR_TSC_REFERENCE_ENABLE))
+                        break;
+                gfn = data >> HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT;
+                if (kvm_write_guest(kvm, data,
+                        &tsc_ref, sizeof(tsc_ref)))
+                        return 1;
+                mark_page_dirty(kvm, gfn);
                break;
        }
        default:
@@ -1879,19 +1885,21 @@ static int set_msr_hyperv(struct kvm_vcpu *vcpu, u32 msr, u64 data)
 {
        switch (msr) {
        case HV_X64_MSR_APIC_ASSIST_PAGE: {
+                u64 gfn;
                unsigned long addr;
                if (!(data & HV_X64_MSR_APIC_ASSIST_PAGE_ENABLE)) {
                        vcpu->arch.hv_vapic = data;
                        break;
                }
-                addr = gfn_to_hva(vcpu->kvm, data >>
+                gfn = data >> HV_X64_MSR_APIC_ASSIST_PAGE_ADDRESS_SHIFT;
-                                  HV_X64_MSR_APIC_ASSIST_PAGE_ADDRESS_SHIFT);
+                addr = gfn_to_hva(vcpu->kvm, gfn);
                if (kvm_is_error_hva(addr))
                        return 1;
                if (__clear_user((void __user *)addr, PAGE_SIZE))
                        return 1;
                vcpu->arch.hv_vapic = data;
+                mark_page_dirty(vcpu->kvm, gfn);
                break;
        }
        case HV_X64_MSR_EOI:
@@ -2017,8 +2025,7 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
        case 0x200 ... 0x2ff:
                return set_msr_mtrr(vcpu, msr, data);
        case MSR_IA32_APICBASE:
-                kvm_set_apic_base(vcpu, data);
+                return kvm_set_apic_base(vcpu, msr_info);
-                break;
        case APIC_BASE_MSR ... APIC_BASE_MSR + 0x3ff:
                return kvm_x2apic_msr_write(vcpu, msr, data);
        case MSR_IA32_TSCDEADLINE:
@@ -2291,6 +2298,14 @@ static int get_msr_hyperv_pw(struct kvm_vcpu *vcpu, u32 msr, u64 *pdata)
        case HV_X64_MSR_HYPERCALL:
                data = kvm->arch.hv_hypercall;
                break;
+        case HV_X64_MSR_TIME_REF_COUNT: {
+                data =
+                     div_u64(get_kernel_ns() + kvm->arch.kvmclock_offset, 100);
+                break;
+        }
+        case HV_X64_MSR_REFERENCE_TSC:
+                data = kvm->arch.hv_tsc_page;
+                break;
        default:
                vcpu_unimpl(vcpu, "Hyper-V unhandled rdmsr: 0x%x\n", msr);
                return 1;
@@ -2601,6 +2616,7 @@ int kvm_dev_ioctl_check_extension(long ext)
        case KVM_CAP_GET_TSC_KHZ:
        case KVM_CAP_KVMCLOCK_CTRL:
        case KVM_CAP_READONLY_MEM:
+        case KVM_CAP_HYPERV_TIME:
 #ifdef CONFIG_KVM_DEVICE_ASSIGNMENT
        case KVM_CAP_ASSIGN_DEV_IRQ:
        case KVM_CAP_PCI_2_3:
@@ -2972,8 +2988,11 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu,
 static void kvm_vcpu_ioctl_x86_get_debugregs(struct kvm_vcpu *vcpu,
                                             struct kvm_debugregs *dbgregs)
 {
+        unsigned long val;
        memcpy(dbgregs->db, vcpu->arch.db, sizeof(vcpu->arch.db));
-        dbgregs->dr6 = vcpu->arch.dr6;
+        _kvm_get_dr(vcpu, 6, &val);
+        dbgregs->dr6 = val;
        dbgregs->dr7 = vcpu->arch.dr7;
        dbgregs->flags = 0;
        memset(&dbgregs->reserved, 0, sizeof(dbgregs->reserved));
@@ -2987,7 +3006,9 @@ static int kvm_vcpu_ioctl_x86_set_debugregs(struct kvm_vcpu *vcpu,
        memcpy(vcpu->arch.db, dbgregs->db, sizeof(vcpu->arch.db));
        vcpu->arch.dr6 = dbgregs->dr6;
+        kvm_update_dr6(vcpu);
        vcpu->arch.dr7 = dbgregs->dr7;
+        kvm_update_dr7(vcpu);
        return 0;
 }
@@ -5834,6 +5855,11 @@ static void vcpu_scan_ioapic(struct kvm_vcpu *vcpu)
        kvm_apic_update_tmr(vcpu, tmr);
 }
+/*
+ * Returns 1 to let __vcpu_run() continue the guest execution loop without
+ * exiting to the userspace.  Otherwise, the value will be returned to the
+ * userspace.
+ */
 static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
 {
        int r;
@@ -6089,7 +6115,7 @@ static int __vcpu_run(struct kvm_vcpu *vcpu)
                }
                if (need_resched()) {
                        srcu_read_unlock(&kvm->srcu, vcpu->srcu_idx);
-                        kvm_resched(vcpu);
+                        cond_resched();
                        vcpu->srcu_idx = srcu_read_lock(&kvm->srcu);
                }
        }
@@ -6401,6 +6427,7 @@ EXPORT_SYMBOL_GPL(kvm_task_switch);
 int kvm_arch_vcpu_ioctl_set_sregs(struct kvm_vcpu *vcpu,
                                  struct kvm_sregs *sregs)
 {
+        struct msr_data apic_base_msr;
        int mmu_reset_needed = 0;
        int pending_vec, max_bits, idx;
        struct desc_ptr dt;
@@ -6424,7 +6451,9 @@ int kvm_arch_vcpu_ioctl_set_sregs(struct kvm_vcpu *vcpu,
        mmu_reset_needed |= vcpu->arch.efer != sregs->efer;
        kvm_x86_ops->set_efer(vcpu, sregs->efer);
-        kvm_set_apic_base(vcpu, sregs->apic_base);
+        apic_base_msr.data = sregs->apic_base;
+        apic_base_msr.host_initiated = true;
+        kvm_set_apic_base(vcpu, &apic_base_msr);
        mmu_reset_needed |= kvm_read_cr0(vcpu) != sregs->cr0;
        kvm_x86_ops->set_cr0(vcpu, sregs->cr0);
@@ -6717,6 +6746,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu)
        memset(vcpu->arch.db, 0, sizeof(vcpu->arch.db));
        vcpu->arch.dr6 = DR6_FIXED_1;
+        kvm_update_dr6(vcpu);
        vcpu->arch.dr7 = DR7_FIXED_1;
        kvm_update_dr7(vcpu);
diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index 587fb9ede436..8da5823bcde6 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -125,5 +125,7 @@ int kvm_write_guest_virt_system(struct x86_emulate_ctxt *ctxt,
 #define KVM_SUPPORTED_XCR0      (XSTATE_FP | XSTATE_SSE | XSTATE_YMM)
 extern u64 host_xcr0;
+extern unsigned int min_timer_period_us;
 extern struct static_key kvm_no_apic_vcpu;
 #endif
author	H. Peter Anvin <hpa@linux.intel.com>	2014-02-07 14:27:30 -0500
committer	H. Peter Anvin <hpa@linux.intel.com>	2014-02-07 14:27:30 -0500
commit	a3b072cd180c12e8fe0ece9487b9065808327640 (patch)
tree	62b982041be84748852d77cdf6ca5639ef40858f /arch/x86/kvm
parent	75a1ba5b2c529db60ca49626bcaf0bddf4548438 (diff)
parent	081cd62a010f97b5bc1d2b0cd123c5abc692b68a (diff)