aboutsummaryrefslogtreecommitdiffstats
path: root/arch/x86/kvm/svm.c
diff options
context:
space:
mode:
Diffstat (limited to 'arch/x86/kvm/svm.c')
-rw-r--r--arch/x86/kvm/svm.c1644
1 files changed, 1182 insertions, 462 deletions
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 8a3f9f64f86f..506e4fe23adc 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -4,7 +4,7 @@
4 * AMD SVM support 4 * AMD SVM support
5 * 5 *
6 * Copyright (C) 2006 Qumranet, Inc. 6 * Copyright (C) 2006 Qumranet, Inc.
7 * Copyright 2010 Red Hat, Inc. and/or its affilates. 7 * Copyright 2010 Red Hat, Inc. and/or its affiliates.
8 * 8 *
9 * Authors: 9 * Authors:
10 * Yaniv Kamay <yaniv@qumranet.com> 10 * Yaniv Kamay <yaniv@qumranet.com>
@@ -31,6 +31,7 @@
31 31
32#include <asm/tlbflush.h> 32#include <asm/tlbflush.h>
33#include <asm/desc.h> 33#include <asm/desc.h>
34#include <asm/kvm_para.h>
34 35
35#include <asm/virtext.h> 36#include <asm/virtext.h>
36#include "trace.h" 37#include "trace.h"
@@ -50,6 +51,10 @@ MODULE_LICENSE("GPL");
50#define SVM_FEATURE_LBRV (1 << 1) 51#define SVM_FEATURE_LBRV (1 << 1)
51#define SVM_FEATURE_SVML (1 << 2) 52#define SVM_FEATURE_SVML (1 << 2)
52#define SVM_FEATURE_NRIP (1 << 3) 53#define SVM_FEATURE_NRIP (1 << 3)
54#define SVM_FEATURE_TSC_RATE (1 << 4)
55#define SVM_FEATURE_VMCB_CLEAN (1 << 5)
56#define SVM_FEATURE_FLUSH_ASID (1 << 6)
57#define SVM_FEATURE_DECODE_ASSIST (1 << 7)
53#define SVM_FEATURE_PAUSE_FILTER (1 << 10) 58#define SVM_FEATURE_PAUSE_FILTER (1 << 10)
54 59
55#define NESTED_EXIT_HOST 0 /* Exit handled on host level */ 60#define NESTED_EXIT_HOST 0 /* Exit handled on host level */
@@ -58,6 +63,10 @@ MODULE_LICENSE("GPL");
58 63
59#define DEBUGCTL_RESERVED_BITS (~(0x3fULL)) 64#define DEBUGCTL_RESERVED_BITS (~(0x3fULL))
60 65
66#define TSC_RATIO_RSVD 0xffffff0000000000ULL
67#define TSC_RATIO_MIN 0x0000000000000001ULL
68#define TSC_RATIO_MAX 0x000000ffffffffffULL
69
61static bool erratum_383_found __read_mostly; 70static bool erratum_383_found __read_mostly;
62 71
63static const u32 host_save_user_msrs[] = { 72static const u32 host_save_user_msrs[] = {
@@ -89,13 +98,13 @@ struct nested_state {
89 bool exit_required; 98 bool exit_required;
90 99
91 /* cache for intercepts of the guest */ 100 /* cache for intercepts of the guest */
92 u16 intercept_cr_read; 101 u32 intercept_cr;
93 u16 intercept_cr_write; 102 u32 intercept_dr;
94 u16 intercept_dr_read;
95 u16 intercept_dr_write;
96 u32 intercept_exceptions; 103 u32 intercept_exceptions;
97 u64 intercept; 104 u64 intercept;
98 105
106 /* Nested Paging related state */
107 u64 nested_cr3;
99}; 108};
100 109
101#define MSRPM_OFFSETS 16 110#define MSRPM_OFFSETS 16
@@ -113,18 +122,31 @@ struct vcpu_svm {
113 u64 next_rip; 122 u64 next_rip;
114 123
115 u64 host_user_msrs[NR_HOST_SAVE_USER_MSRS]; 124 u64 host_user_msrs[NR_HOST_SAVE_USER_MSRS];
116 u64 host_gs_base; 125 struct {
126 u16 fs;
127 u16 gs;
128 u16 ldt;
129 u64 gs_base;
130 } host;
117 131
118 u32 *msrpm; 132 u32 *msrpm;
119 133
134 ulong nmi_iret_rip;
135
120 struct nested_state nested; 136 struct nested_state nested;
121 137
122 bool nmi_singlestep; 138 bool nmi_singlestep;
123 139
124 unsigned int3_injected; 140 unsigned int3_injected;
125 unsigned long int3_rip; 141 unsigned long int3_rip;
142 u32 apf_reason;
143
144 u64 tsc_ratio;
126}; 145};
127 146
147static DEFINE_PER_CPU(u64, current_tsc_ratio);
148#define TSC_RATIO_DEFAULT 0x0100000000ULL
149
128#define MSR_INVALID 0xffffffffU 150#define MSR_INVALID 0xffffffffU
129 151
130static struct svm_direct_access_msrs { 152static struct svm_direct_access_msrs {
@@ -169,15 +191,153 @@ static int nested_svm_intercept(struct vcpu_svm *svm);
169static int nested_svm_vmexit(struct vcpu_svm *svm); 191static int nested_svm_vmexit(struct vcpu_svm *svm);
170static int nested_svm_check_exception(struct vcpu_svm *svm, unsigned nr, 192static int nested_svm_check_exception(struct vcpu_svm *svm, unsigned nr,
171 bool has_error_code, u32 error_code); 193 bool has_error_code, u32 error_code);
194static u64 __scale_tsc(u64 ratio, u64 tsc);
195
196enum {
197 VMCB_INTERCEPTS, /* Intercept vectors, TSC offset,
198 pause filter count */
199 VMCB_PERM_MAP, /* IOPM Base and MSRPM Base */
200 VMCB_ASID, /* ASID */
201 VMCB_INTR, /* int_ctl, int_vector */
202 VMCB_NPT, /* npt_en, nCR3, gPAT */
203 VMCB_CR, /* CR0, CR3, CR4, EFER */
204 VMCB_DR, /* DR6, DR7 */
205 VMCB_DT, /* GDT, IDT */
206 VMCB_SEG, /* CS, DS, SS, ES, CPL */
207 VMCB_CR2, /* CR2 only */
208 VMCB_LBR, /* DBGCTL, BR_FROM, BR_TO, LAST_EX_FROM, LAST_EX_TO */
209 VMCB_DIRTY_MAX,
210};
211
212/* TPR and CR2 are always written before VMRUN */
213#define VMCB_ALWAYS_DIRTY_MASK ((1U << VMCB_INTR) | (1U << VMCB_CR2))
214
215static inline void mark_all_dirty(struct vmcb *vmcb)
216{
217 vmcb->control.clean = 0;
218}
219
220static inline void mark_all_clean(struct vmcb *vmcb)
221{
222 vmcb->control.clean = ((1 << VMCB_DIRTY_MAX) - 1)
223 & ~VMCB_ALWAYS_DIRTY_MASK;
224}
225
226static inline void mark_dirty(struct vmcb *vmcb, int bit)
227{
228 vmcb->control.clean &= ~(1 << bit);
229}
172 230
173static inline struct vcpu_svm *to_svm(struct kvm_vcpu *vcpu) 231static inline struct vcpu_svm *to_svm(struct kvm_vcpu *vcpu)
174{ 232{
175 return container_of(vcpu, struct vcpu_svm, vcpu); 233 return container_of(vcpu, struct vcpu_svm, vcpu);
176} 234}
177 235
178static inline bool is_nested(struct vcpu_svm *svm) 236static void recalc_intercepts(struct vcpu_svm *svm)
237{
238 struct vmcb_control_area *c, *h;
239 struct nested_state *g;
240
241 mark_dirty(svm->vmcb, VMCB_INTERCEPTS);
242
243 if (!is_guest_mode(&svm->vcpu))
244 return;
245
246 c = &svm->vmcb->control;
247 h = &svm->nested.hsave->control;
248 g = &svm->nested;
249
250 c->intercept_cr = h->intercept_cr | g->intercept_cr;
251 c->intercept_dr = h->intercept_dr | g->intercept_dr;
252 c->intercept_exceptions = h->intercept_exceptions | g->intercept_exceptions;
253 c->intercept = h->intercept | g->intercept;
254}
255
256static inline struct vmcb *get_host_vmcb(struct vcpu_svm *svm)
257{
258 if (is_guest_mode(&svm->vcpu))
259 return svm->nested.hsave;
260 else
261 return svm->vmcb;
262}
263
264static inline void set_cr_intercept(struct vcpu_svm *svm, int bit)
265{
266 struct vmcb *vmcb = get_host_vmcb(svm);
267
268 vmcb->control.intercept_cr |= (1U << bit);
269
270 recalc_intercepts(svm);
271}
272
273static inline void clr_cr_intercept(struct vcpu_svm *svm, int bit)
274{
275 struct vmcb *vmcb = get_host_vmcb(svm);
276
277 vmcb->control.intercept_cr &= ~(1U << bit);
278
279 recalc_intercepts(svm);
280}
281
282static inline bool is_cr_intercept(struct vcpu_svm *svm, int bit)
179{ 283{
180 return svm->nested.vmcb; 284 struct vmcb *vmcb = get_host_vmcb(svm);
285
286 return vmcb->control.intercept_cr & (1U << bit);
287}
288
289static inline void set_dr_intercept(struct vcpu_svm *svm, int bit)
290{
291 struct vmcb *vmcb = get_host_vmcb(svm);
292
293 vmcb->control.intercept_dr |= (1U << bit);
294
295 recalc_intercepts(svm);
296}
297
298static inline void clr_dr_intercept(struct vcpu_svm *svm, int bit)
299{
300 struct vmcb *vmcb = get_host_vmcb(svm);
301
302 vmcb->control.intercept_dr &= ~(1U << bit);
303
304 recalc_intercepts(svm);
305}
306
307static inline void set_exception_intercept(struct vcpu_svm *svm, int bit)
308{
309 struct vmcb *vmcb = get_host_vmcb(svm);
310
311 vmcb->control.intercept_exceptions |= (1U << bit);
312
313 recalc_intercepts(svm);
314}
315
316static inline void clr_exception_intercept(struct vcpu_svm *svm, int bit)
317{
318 struct vmcb *vmcb = get_host_vmcb(svm);
319
320 vmcb->control.intercept_exceptions &= ~(1U << bit);
321
322 recalc_intercepts(svm);
323}
324
325static inline void set_intercept(struct vcpu_svm *svm, int bit)
326{
327 struct vmcb *vmcb = get_host_vmcb(svm);
328
329 vmcb->control.intercept |= (1ULL << bit);
330
331 recalc_intercepts(svm);
332}
333
334static inline void clr_intercept(struct vcpu_svm *svm, int bit)
335{
336 struct vmcb *vmcb = get_host_vmcb(svm);
337
338 vmcb->control.intercept &= ~(1ULL << bit);
339
340 recalc_intercepts(svm);
181} 341}
182 342
183static inline void enable_gif(struct vcpu_svm *svm) 343static inline void enable_gif(struct vcpu_svm *svm)
@@ -218,7 +378,6 @@ struct svm_cpu_data {
218}; 378};
219 379
220static DEFINE_PER_CPU(struct svm_cpu_data *, svm_data); 380static DEFINE_PER_CPU(struct svm_cpu_data *, svm_data);
221static uint32_t svm_features;
222 381
223struct svm_init_data { 382struct svm_init_data {
224 int cpu; 383 int cpu;
@@ -254,11 +413,6 @@ static u32 svm_msrpm_offset(u32 msr)
254 413
255#define MAX_INST_SIZE 15 414#define MAX_INST_SIZE 15
256 415
257static inline u32 svm_has(u32 feat)
258{
259 return svm_features & feat;
260}
261
262static inline void clgi(void) 416static inline void clgi(void)
263{ 417{
264 asm volatile (__ex(SVM_CLGI)); 418 asm volatile (__ex(SVM_CLGI));
@@ -274,14 +428,13 @@ static inline void invlpga(unsigned long addr, u32 asid)
274 asm volatile (__ex(SVM_INVLPGA) : : "a"(addr), "c"(asid)); 428 asm volatile (__ex(SVM_INVLPGA) : : "a"(addr), "c"(asid));
275} 429}
276 430
277static inline void force_new_asid(struct kvm_vcpu *vcpu) 431static int get_npt_level(void)
278{
279 to_svm(vcpu)->asid_generation--;
280}
281
282static inline void flush_guest_tlb(struct kvm_vcpu *vcpu)
283{ 432{
284 force_new_asid(vcpu); 433#ifdef CONFIG_X86_64
434 return PT64_ROOT_LEVEL;
435#else
436 return PT32E_ROOT_LEVEL;
437#endif
285} 438}
286 439
287static void svm_set_efer(struct kvm_vcpu *vcpu, u64 efer) 440static void svm_set_efer(struct kvm_vcpu *vcpu, u64 efer)
@@ -291,6 +444,7 @@ static void svm_set_efer(struct kvm_vcpu *vcpu, u64 efer)
291 efer &= ~EFER_LME; 444 efer &= ~EFER_LME;
292 445
293 to_svm(vcpu)->vmcb->save.efer = efer | EFER_SVME; 446 to_svm(vcpu)->vmcb->save.efer = efer | EFER_SVME;
447 mark_dirty(to_svm(vcpu)->vmcb, VMCB_CR);
294} 448}
295 449
296static int is_external_interrupt(u32 info) 450static int is_external_interrupt(u32 info)
@@ -328,7 +482,7 @@ static void skip_emulated_instruction(struct kvm_vcpu *vcpu)
328 svm->next_rip = svm->vmcb->control.next_rip; 482 svm->next_rip = svm->vmcb->control.next_rip;
329 483
330 if (!svm->next_rip) { 484 if (!svm->next_rip) {
331 if (emulate_instruction(vcpu, 0, 0, EMULTYPE_SKIP) != 485 if (emulate_instruction(vcpu, EMULTYPE_SKIP) !=
332 EMULATE_DONE) 486 EMULATE_DONE)
333 printk(KERN_DEBUG "%s: NOP\n", __func__); 487 printk(KERN_DEBUG "%s: NOP\n", __func__);
334 return; 488 return;
@@ -355,7 +509,7 @@ static void svm_queue_exception(struct kvm_vcpu *vcpu, unsigned nr,
355 nested_svm_check_exception(svm, nr, has_error_code, error_code)) 509 nested_svm_check_exception(svm, nr, has_error_code, error_code))
356 return; 510 return;
357 511
358 if (nr == BP_VECTOR && !svm_has(SVM_FEATURE_NRIP)) { 512 if (nr == BP_VECTOR && !static_cpu_has(X86_FEATURE_NRIPS)) {
359 unsigned long rip, old_rip = kvm_rip_read(&svm->vcpu); 513 unsigned long rip, old_rip = kvm_rip_read(&svm->vcpu);
360 514
361 /* 515 /*
@@ -416,6 +570,10 @@ static int has_svm(void)
416 570
417static void svm_hardware_disable(void *garbage) 571static void svm_hardware_disable(void *garbage)
418{ 572{
573 /* Make sure we clean up behind us */
574 if (static_cpu_has(X86_FEATURE_TSCRATEMSR))
575 wrmsrl(MSR_AMD64_TSC_RATIO, TSC_RATIO_DEFAULT);
576
419 cpu_svm_disable(); 577 cpu_svm_disable();
420} 578}
421 579
@@ -457,6 +615,11 @@ static int svm_hardware_enable(void *garbage)
457 615
458 wrmsrl(MSR_VM_HSAVE_PA, page_to_pfn(sd->save_area) << PAGE_SHIFT); 616 wrmsrl(MSR_VM_HSAVE_PA, page_to_pfn(sd->save_area) << PAGE_SHIFT);
459 617
618 if (static_cpu_has(X86_FEATURE_TSCRATEMSR)) {
619 wrmsrl(MSR_AMD64_TSC_RATIO, TSC_RATIO_DEFAULT);
620 __get_cpu_var(current_tsc_ratio) = TSC_RATIO_DEFAULT;
621 }
622
460 svm_init_erratum_383(); 623 svm_init_erratum_383();
461 624
462 return 0; 625 return 0;
@@ -638,6 +801,23 @@ static __init int svm_hardware_setup(void)
638 if (boot_cpu_has(X86_FEATURE_FXSR_OPT)) 801 if (boot_cpu_has(X86_FEATURE_FXSR_OPT))
639 kvm_enable_efer_bits(EFER_FFXSR); 802 kvm_enable_efer_bits(EFER_FFXSR);
640 803
804 if (boot_cpu_has(X86_FEATURE_TSCRATEMSR)) {
805 u64 max;
806
807 kvm_has_tsc_control = true;
808
809 /*
810 * Make sure the user can only configure tsc_khz values that
811 * fit into a signed integer.
812 * A min value is not calculated needed because it will always
813 * be 1 on all machines and a value of 0 is used to disable
814 * tsc-scaling for the vcpu.
815 */
816 max = min(0x7fffffffULL, __scale_tsc(tsc_khz, TSC_RATIO_MAX));
817
818 kvm_max_guest_tsc_khz = max;
819 }
820
641 if (nested) { 821 if (nested) {
642 printk(KERN_INFO "kvm: Nested Virtualization enabled\n"); 822 printk(KERN_INFO "kvm: Nested Virtualization enabled\n");
643 kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE); 823 kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE);
@@ -649,9 +829,7 @@ static __init int svm_hardware_setup(void)
649 goto err; 829 goto err;
650 } 830 }
651 831
652 svm_features = cpuid_edx(SVM_CPUID_FUNC); 832 if (!boot_cpu_has(X86_FEATURE_NPT))
653
654 if (!svm_has(SVM_FEATURE_NPT))
655 npt_enabled = false; 833 npt_enabled = false;
656 834
657 if (npt_enabled && !npt) { 835 if (npt_enabled && !npt) {
@@ -701,68 +879,161 @@ static void init_sys_seg(struct vmcb_seg *seg, uint32_t type)
701 seg->base = 0; 879 seg->base = 0;
702} 880}
703 881
882static u64 __scale_tsc(u64 ratio, u64 tsc)
883{
884 u64 mult, frac, _tsc;
885
886 mult = ratio >> 32;
887 frac = ratio & ((1ULL << 32) - 1);
888
889 _tsc = tsc;
890 _tsc *= mult;
891 _tsc += (tsc >> 32) * frac;
892 _tsc += ((tsc & ((1ULL << 32) - 1)) * frac) >> 32;
893
894 return _tsc;
895}
896
897static u64 svm_scale_tsc(struct kvm_vcpu *vcpu, u64 tsc)
898{
899 struct vcpu_svm *svm = to_svm(vcpu);
900 u64 _tsc = tsc;
901
902 if (svm->tsc_ratio != TSC_RATIO_DEFAULT)
903 _tsc = __scale_tsc(svm->tsc_ratio, tsc);
904
905 return _tsc;
906}
907
908static void svm_set_tsc_khz(struct kvm_vcpu *vcpu, u32 user_tsc_khz)
909{
910 struct vcpu_svm *svm = to_svm(vcpu);
911 u64 ratio;
912 u64 khz;
913
914 /* TSC scaling supported? */
915 if (!boot_cpu_has(X86_FEATURE_TSCRATEMSR))
916 return;
917
918 /* TSC-Scaling disabled or guest TSC same frequency as host TSC? */
919 if (user_tsc_khz == 0) {
920 vcpu->arch.virtual_tsc_khz = 0;
921 svm->tsc_ratio = TSC_RATIO_DEFAULT;
922 return;
923 }
924
925 khz = user_tsc_khz;
926
927 /* TSC scaling required - calculate ratio */
928 ratio = khz << 32;
929 do_div(ratio, tsc_khz);
930
931 if (ratio == 0 || ratio & TSC_RATIO_RSVD) {
932 WARN_ONCE(1, "Invalid TSC ratio - virtual-tsc-khz=%u\n",
933 user_tsc_khz);
934 return;
935 }
936 vcpu->arch.virtual_tsc_khz = user_tsc_khz;
937 svm->tsc_ratio = ratio;
938}
939
940static void svm_write_tsc_offset(struct kvm_vcpu *vcpu, u64 offset)
941{
942 struct vcpu_svm *svm = to_svm(vcpu);
943 u64 g_tsc_offset = 0;
944
945 if (is_guest_mode(vcpu)) {
946 g_tsc_offset = svm->vmcb->control.tsc_offset -
947 svm->nested.hsave->control.tsc_offset;
948 svm->nested.hsave->control.tsc_offset = offset;
949 }
950
951 svm->vmcb->control.tsc_offset = offset + g_tsc_offset;
952
953 mark_dirty(svm->vmcb, VMCB_INTERCEPTS);
954}
955
956static void svm_adjust_tsc_offset(struct kvm_vcpu *vcpu, s64 adjustment)
957{
958 struct vcpu_svm *svm = to_svm(vcpu);
959
960 svm->vmcb->control.tsc_offset += adjustment;
961 if (is_guest_mode(vcpu))
962 svm->nested.hsave->control.tsc_offset += adjustment;
963 mark_dirty(svm->vmcb, VMCB_INTERCEPTS);
964}
965
966static u64 svm_compute_tsc_offset(struct kvm_vcpu *vcpu, u64 target_tsc)
967{
968 u64 tsc;
969
970 tsc = svm_scale_tsc(vcpu, native_read_tsc());
971
972 return target_tsc - tsc;
973}
974
704static void init_vmcb(struct vcpu_svm *svm) 975static void init_vmcb(struct vcpu_svm *svm)
705{ 976{
706 struct vmcb_control_area *control = &svm->vmcb->control; 977 struct vmcb_control_area *control = &svm->vmcb->control;
707 struct vmcb_save_area *save = &svm->vmcb->save; 978 struct vmcb_save_area *save = &svm->vmcb->save;
708 979
709 svm->vcpu.fpu_active = 1; 980 svm->vcpu.fpu_active = 1;
981 svm->vcpu.arch.hflags = 0;
710 982
711 control->intercept_cr_read = INTERCEPT_CR0_MASK | 983 set_cr_intercept(svm, INTERCEPT_CR0_READ);
712 INTERCEPT_CR3_MASK | 984 set_cr_intercept(svm, INTERCEPT_CR3_READ);
713 INTERCEPT_CR4_MASK; 985 set_cr_intercept(svm, INTERCEPT_CR4_READ);
714 986 set_cr_intercept(svm, INTERCEPT_CR0_WRITE);
715 control->intercept_cr_write = INTERCEPT_CR0_MASK | 987 set_cr_intercept(svm, INTERCEPT_CR3_WRITE);
716 INTERCEPT_CR3_MASK | 988 set_cr_intercept(svm, INTERCEPT_CR4_WRITE);
717 INTERCEPT_CR4_MASK | 989 set_cr_intercept(svm, INTERCEPT_CR8_WRITE);
718 INTERCEPT_CR8_MASK; 990
719 991 set_dr_intercept(svm, INTERCEPT_DR0_READ);
720 control->intercept_dr_read = INTERCEPT_DR0_MASK | 992 set_dr_intercept(svm, INTERCEPT_DR1_READ);
721 INTERCEPT_DR1_MASK | 993 set_dr_intercept(svm, INTERCEPT_DR2_READ);
722 INTERCEPT_DR2_MASK | 994 set_dr_intercept(svm, INTERCEPT_DR3_READ);
723 INTERCEPT_DR3_MASK | 995 set_dr_intercept(svm, INTERCEPT_DR4_READ);
724 INTERCEPT_DR4_MASK | 996 set_dr_intercept(svm, INTERCEPT_DR5_READ);
725 INTERCEPT_DR5_MASK | 997 set_dr_intercept(svm, INTERCEPT_DR6_READ);
726 INTERCEPT_DR6_MASK | 998 set_dr_intercept(svm, INTERCEPT_DR7_READ);
727 INTERCEPT_DR7_MASK; 999
728 1000 set_dr_intercept(svm, INTERCEPT_DR0_WRITE);
729 control->intercept_dr_write = INTERCEPT_DR0_MASK | 1001 set_dr_intercept(svm, INTERCEPT_DR1_WRITE);
730 INTERCEPT_DR1_MASK | 1002 set_dr_intercept(svm, INTERCEPT_DR2_WRITE);
731 INTERCEPT_DR2_MASK | 1003 set_dr_intercept(svm, INTERCEPT_DR3_WRITE);
732 INTERCEPT_DR3_MASK | 1004 set_dr_intercept(svm, INTERCEPT_DR4_WRITE);
733 INTERCEPT_DR4_MASK | 1005 set_dr_intercept(svm, INTERCEPT_DR5_WRITE);
734 INTERCEPT_DR5_MASK | 1006 set_dr_intercept(svm, INTERCEPT_DR6_WRITE);
735 INTERCEPT_DR6_MASK | 1007 set_dr_intercept(svm, INTERCEPT_DR7_WRITE);
736 INTERCEPT_DR7_MASK; 1008
737 1009 set_exception_intercept(svm, PF_VECTOR);
738 control->intercept_exceptions = (1 << PF_VECTOR) | 1010 set_exception_intercept(svm, UD_VECTOR);
739 (1 << UD_VECTOR) | 1011 set_exception_intercept(svm, MC_VECTOR);
740 (1 << MC_VECTOR); 1012
741 1013 set_intercept(svm, INTERCEPT_INTR);
742 1014 set_intercept(svm, INTERCEPT_NMI);
743 control->intercept = (1ULL << INTERCEPT_INTR) | 1015 set_intercept(svm, INTERCEPT_SMI);
744 (1ULL << INTERCEPT_NMI) | 1016 set_intercept(svm, INTERCEPT_SELECTIVE_CR0);
745 (1ULL << INTERCEPT_SMI) | 1017 set_intercept(svm, INTERCEPT_CPUID);
746 (1ULL << INTERCEPT_SELECTIVE_CR0) | 1018 set_intercept(svm, INTERCEPT_INVD);
747 (1ULL << INTERCEPT_CPUID) | 1019 set_intercept(svm, INTERCEPT_HLT);
748 (1ULL << INTERCEPT_INVD) | 1020 set_intercept(svm, INTERCEPT_INVLPG);
749 (1ULL << INTERCEPT_HLT) | 1021 set_intercept(svm, INTERCEPT_INVLPGA);
750 (1ULL << INTERCEPT_INVLPG) | 1022 set_intercept(svm, INTERCEPT_IOIO_PROT);
751 (1ULL << INTERCEPT_INVLPGA) | 1023 set_intercept(svm, INTERCEPT_MSR_PROT);
752 (1ULL << INTERCEPT_IOIO_PROT) | 1024 set_intercept(svm, INTERCEPT_TASK_SWITCH);
753 (1ULL << INTERCEPT_MSR_PROT) | 1025 set_intercept(svm, INTERCEPT_SHUTDOWN);
754 (1ULL << INTERCEPT_TASK_SWITCH) | 1026 set_intercept(svm, INTERCEPT_VMRUN);
755 (1ULL << INTERCEPT_SHUTDOWN) | 1027 set_intercept(svm, INTERCEPT_VMMCALL);
756 (1ULL << INTERCEPT_VMRUN) | 1028 set_intercept(svm, INTERCEPT_VMLOAD);
757 (1ULL << INTERCEPT_VMMCALL) | 1029 set_intercept(svm, INTERCEPT_VMSAVE);
758 (1ULL << INTERCEPT_VMLOAD) | 1030 set_intercept(svm, INTERCEPT_STGI);
759 (1ULL << INTERCEPT_VMSAVE) | 1031 set_intercept(svm, INTERCEPT_CLGI);
760 (1ULL << INTERCEPT_STGI) | 1032 set_intercept(svm, INTERCEPT_SKINIT);
761 (1ULL << INTERCEPT_CLGI) | 1033 set_intercept(svm, INTERCEPT_WBINVD);
762 (1ULL << INTERCEPT_SKINIT) | 1034 set_intercept(svm, INTERCEPT_MONITOR);
763 (1ULL << INTERCEPT_WBINVD) | 1035 set_intercept(svm, INTERCEPT_MWAIT);
764 (1ULL << INTERCEPT_MONITOR) | 1036 set_intercept(svm, INTERCEPT_XSETBV);
765 (1ULL << INTERCEPT_MWAIT);
766 1037
767 control->iopm_base_pa = iopm_base; 1038 control->iopm_base_pa = iopm_base;
768 control->msrpm_base_pa = __pa(svm->msrpm); 1039 control->msrpm_base_pa = __pa(svm->msrpm);
@@ -793,10 +1064,10 @@ static void init_vmcb(struct vcpu_svm *svm)
793 init_sys_seg(&save->ldtr, SEG_TYPE_LDT); 1064 init_sys_seg(&save->ldtr, SEG_TYPE_LDT);
794 init_sys_seg(&save->tr, SEG_TYPE_BUSY_TSS16); 1065 init_sys_seg(&save->tr, SEG_TYPE_BUSY_TSS16);
795 1066
796 save->efer = EFER_SVME; 1067 svm_set_efer(&svm->vcpu, 0);
797 save->dr6 = 0xffff0ff0; 1068 save->dr6 = 0xffff0ff0;
798 save->dr7 = 0x400; 1069 save->dr7 = 0x400;
799 save->rflags = 2; 1070 kvm_set_rflags(&svm->vcpu, 2);
800 save->rip = 0x0000fff0; 1071 save->rip = 0x0000fff0;
801 svm->vcpu.arch.regs[VCPU_REGS_RIP] = save->rip; 1072 svm->vcpu.arch.regs[VCPU_REGS_RIP] = save->rip;
802 1073
@@ -804,8 +1075,8 @@ static void init_vmcb(struct vcpu_svm *svm)
804 * This is the guest-visible cr0 value. 1075 * This is the guest-visible cr0 value.
805 * svm_set_cr0() sets PG and WP and clears NW and CD on save->cr0. 1076 * svm_set_cr0() sets PG and WP and clears NW and CD on save->cr0.
806 */ 1077 */
807 svm->vcpu.arch.cr0 = X86_CR0_NW | X86_CR0_CD | X86_CR0_ET; 1078 svm->vcpu.arch.cr0 = 0;
808 (void)kvm_set_cr0(&svm->vcpu, svm->vcpu.arch.cr0); 1079 (void)kvm_set_cr0(&svm->vcpu, X86_CR0_NW | X86_CR0_CD | X86_CR0_ET);
809 1080
810 save->cr4 = X86_CR4_PAE; 1081 save->cr4 = X86_CR4_PAE;
811 /* rdx = ?? */ 1082 /* rdx = ?? */
@@ -813,25 +1084,27 @@ static void init_vmcb(struct vcpu_svm *svm)
813 if (npt_enabled) { 1084 if (npt_enabled) {
814 /* Setup VMCB for Nested Paging */ 1085 /* Setup VMCB for Nested Paging */
815 control->nested_ctl = 1; 1086 control->nested_ctl = 1;
816 control->intercept &= ~((1ULL << INTERCEPT_TASK_SWITCH) | 1087 clr_intercept(svm, INTERCEPT_TASK_SWITCH);
817 (1ULL << INTERCEPT_INVLPG)); 1088 clr_intercept(svm, INTERCEPT_INVLPG);
818 control->intercept_exceptions &= ~(1 << PF_VECTOR); 1089 clr_exception_intercept(svm, PF_VECTOR);
819 control->intercept_cr_read &= ~INTERCEPT_CR3_MASK; 1090 clr_cr_intercept(svm, INTERCEPT_CR3_READ);
820 control->intercept_cr_write &= ~INTERCEPT_CR3_MASK; 1091 clr_cr_intercept(svm, INTERCEPT_CR3_WRITE);
821 save->g_pat = 0x0007040600070406ULL; 1092 save->g_pat = 0x0007040600070406ULL;
822 save->cr3 = 0; 1093 save->cr3 = 0;
823 save->cr4 = 0; 1094 save->cr4 = 0;
824 } 1095 }
825 force_new_asid(&svm->vcpu); 1096 svm->asid_generation = 0;
826 1097
827 svm->nested.vmcb = 0; 1098 svm->nested.vmcb = 0;
828 svm->vcpu.arch.hflags = 0; 1099 svm->vcpu.arch.hflags = 0;
829 1100
830 if (svm_has(SVM_FEATURE_PAUSE_FILTER)) { 1101 if (boot_cpu_has(X86_FEATURE_PAUSEFILTER)) {
831 control->pause_filter_count = 3000; 1102 control->pause_filter_count = 3000;
832 control->intercept |= (1ULL << INTERCEPT_PAUSE); 1103 set_intercept(svm, INTERCEPT_PAUSE);
833 } 1104 }
834 1105
1106 mark_all_dirty(svm->vmcb);
1107
835 enable_gif(svm); 1108 enable_gif(svm);
836} 1109}
837 1110
@@ -867,6 +1140,8 @@ static struct kvm_vcpu *svm_create_vcpu(struct kvm *kvm, unsigned int id)
867 goto out; 1140 goto out;
868 } 1141 }
869 1142
1143 svm->tsc_ratio = TSC_RATIO_DEFAULT;
1144
870 err = kvm_vcpu_init(&svm->vcpu, kvm, id); 1145 err = kvm_vcpu_init(&svm->vcpu, kvm, id);
871 if (err) 1146 if (err)
872 goto free_svm; 1147 goto free_svm;
@@ -901,7 +1176,7 @@ static struct kvm_vcpu *svm_create_vcpu(struct kvm *kvm, unsigned int id)
901 svm->vmcb_pa = page_to_pfn(page) << PAGE_SHIFT; 1176 svm->vmcb_pa = page_to_pfn(page) << PAGE_SHIFT;
902 svm->asid_generation = 0; 1177 svm->asid_generation = 0;
903 init_vmcb(svm); 1178 init_vmcb(svm);
904 svm->vmcb->control.tsc_offset = 0-native_read_tsc(); 1179 kvm_write_tsc(&svm->vcpu, 0);
905 1180
906 err = fx_init(&svm->vcpu); 1181 err = fx_init(&svm->vcpu);
907 if (err) 1182 if (err)
@@ -947,25 +1222,25 @@ static void svm_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
947 int i; 1222 int i;
948 1223
949 if (unlikely(cpu != vcpu->cpu)) { 1224 if (unlikely(cpu != vcpu->cpu)) {
950 u64 delta;
951
952 if (check_tsc_unstable()) {
953 /*
954 * Make sure that the guest sees a monotonically
955 * increasing TSC.
956 */
957 delta = vcpu->arch.host_tsc - native_read_tsc();
958 svm->vmcb->control.tsc_offset += delta;
959 if (is_nested(svm))
960 svm->nested.hsave->control.tsc_offset += delta;
961 }
962 vcpu->cpu = cpu;
963 kvm_migrate_timers(vcpu);
964 svm->asid_generation = 0; 1225 svm->asid_generation = 0;
1226 mark_all_dirty(svm->vmcb);
965 } 1227 }
966 1228
1229#ifdef CONFIG_X86_64
1230 rdmsrl(MSR_GS_BASE, to_svm(vcpu)->host.gs_base);
1231#endif
1232 savesegment(fs, svm->host.fs);
1233 savesegment(gs, svm->host.gs);
1234 svm->host.ldt = kvm_read_ldt();
1235
967 for (i = 0; i < NR_HOST_SAVE_USER_MSRS; i++) 1236 for (i = 0; i < NR_HOST_SAVE_USER_MSRS; i++)
968 rdmsrl(host_save_user_msrs[i], svm->host_user_msrs[i]); 1237 rdmsrl(host_save_user_msrs[i], svm->host_user_msrs[i]);
1238
1239 if (static_cpu_has(X86_FEATURE_TSCRATEMSR) &&
1240 svm->tsc_ratio != __get_cpu_var(current_tsc_ratio)) {
1241 __get_cpu_var(current_tsc_ratio) = svm->tsc_ratio;
1242 wrmsrl(MSR_AMD64_TSC_RATIO, svm->tsc_ratio);
1243 }
969} 1244}
970 1245
971static void svm_vcpu_put(struct kvm_vcpu *vcpu) 1246static void svm_vcpu_put(struct kvm_vcpu *vcpu)
@@ -974,10 +1249,18 @@ static void svm_vcpu_put(struct kvm_vcpu *vcpu)
974 int i; 1249 int i;
975 1250
976 ++vcpu->stat.host_state_reload; 1251 ++vcpu->stat.host_state_reload;
1252 kvm_load_ldt(svm->host.ldt);
1253#ifdef CONFIG_X86_64
1254 loadsegment(fs, svm->host.fs);
1255 wrmsrl(MSR_KERNEL_GS_BASE, current->thread.gs);
1256 load_gs_index(svm->host.gs);
1257#else
1258#ifdef CONFIG_X86_32_LAZY_GS
1259 loadsegment(gs, svm->host.gs);
1260#endif
1261#endif
977 for (i = 0; i < NR_HOST_SAVE_USER_MSRS; i++) 1262 for (i = 0; i < NR_HOST_SAVE_USER_MSRS; i++)
978 wrmsrl(host_save_user_msrs[i], svm->host_user_msrs[i]); 1263 wrmsrl(host_save_user_msrs[i], svm->host_user_msrs[i]);
979
980 vcpu->arch.host_tsc = native_read_tsc();
981} 1264}
982 1265
983static unsigned long svm_get_rflags(struct kvm_vcpu *vcpu) 1266static unsigned long svm_get_rflags(struct kvm_vcpu *vcpu)
@@ -995,7 +1278,7 @@ static void svm_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg)
995 switch (reg) { 1278 switch (reg) {
996 case VCPU_EXREG_PDPTR: 1279 case VCPU_EXREG_PDPTR:
997 BUG_ON(!npt_enabled); 1280 BUG_ON(!npt_enabled);
998 load_pdptrs(vcpu, vcpu->arch.cr3); 1281 load_pdptrs(vcpu, vcpu->arch.walk_mmu, kvm_read_cr3(vcpu));
999 break; 1282 break;
1000 default: 1283 default:
1001 BUG(); 1284 BUG();
@@ -1004,12 +1287,12 @@ static void svm_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg)
1004 1287
1005static void svm_set_vintr(struct vcpu_svm *svm) 1288static void svm_set_vintr(struct vcpu_svm *svm)
1006{ 1289{
1007 svm->vmcb->control.intercept |= 1ULL << INTERCEPT_VINTR; 1290 set_intercept(svm, INTERCEPT_VINTR);
1008} 1291}
1009 1292
1010static void svm_clear_vintr(struct vcpu_svm *svm) 1293static void svm_clear_vintr(struct vcpu_svm *svm)
1011{ 1294{
1012 svm->vmcb->control.intercept &= ~(1ULL << INTERCEPT_VINTR); 1295 clr_intercept(svm, INTERCEPT_VINTR);
1013} 1296}
1014 1297
1015static struct vmcb_seg *svm_seg(struct kvm_vcpu *vcpu, int seg) 1298static struct vmcb_seg *svm_seg(struct kvm_vcpu *vcpu, int seg)
@@ -1124,6 +1407,7 @@ static void svm_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt)
1124 1407
1125 svm->vmcb->save.idtr.limit = dt->size; 1408 svm->vmcb->save.idtr.limit = dt->size;
1126 svm->vmcb->save.idtr.base = dt->address ; 1409 svm->vmcb->save.idtr.base = dt->address ;
1410 mark_dirty(svm->vmcb, VMCB_DT);
1127} 1411}
1128 1412
1129static void svm_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) 1413static void svm_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt)
@@ -1140,19 +1424,23 @@ static void svm_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt)
1140 1424
1141 svm->vmcb->save.gdtr.limit = dt->size; 1425 svm->vmcb->save.gdtr.limit = dt->size;
1142 svm->vmcb->save.gdtr.base = dt->address ; 1426 svm->vmcb->save.gdtr.base = dt->address ;
1427 mark_dirty(svm->vmcb, VMCB_DT);
1143} 1428}
1144 1429
1145static void svm_decache_cr0_guest_bits(struct kvm_vcpu *vcpu) 1430static void svm_decache_cr0_guest_bits(struct kvm_vcpu *vcpu)
1146{ 1431{
1147} 1432}
1148 1433
1434static void svm_decache_cr3(struct kvm_vcpu *vcpu)
1435{
1436}
1437
1149static void svm_decache_cr4_guest_bits(struct kvm_vcpu *vcpu) 1438static void svm_decache_cr4_guest_bits(struct kvm_vcpu *vcpu)
1150{ 1439{
1151} 1440}
1152 1441
1153static void update_cr0_intercept(struct vcpu_svm *svm) 1442static void update_cr0_intercept(struct vcpu_svm *svm)
1154{ 1443{
1155 struct vmcb *vmcb = svm->vmcb;
1156 ulong gcr0 = svm->vcpu.arch.cr0; 1444 ulong gcr0 = svm->vcpu.arch.cr0;
1157 u64 *hcr0 = &svm->vmcb->save.cr0; 1445 u64 *hcr0 = &svm->vmcb->save.cr0;
1158 1446
@@ -1162,27 +1450,14 @@ static void update_cr0_intercept(struct vcpu_svm *svm)
1162 *hcr0 = (*hcr0 & ~SVM_CR0_SELECTIVE_MASK) 1450 *hcr0 = (*hcr0 & ~SVM_CR0_SELECTIVE_MASK)
1163 | (gcr0 & SVM_CR0_SELECTIVE_MASK); 1451 | (gcr0 & SVM_CR0_SELECTIVE_MASK);
1164 1452
1453 mark_dirty(svm->vmcb, VMCB_CR);
1165 1454
1166 if (gcr0 == *hcr0 && svm->vcpu.fpu_active) { 1455 if (gcr0 == *hcr0 && svm->vcpu.fpu_active) {
1167 vmcb->control.intercept_cr_read &= ~INTERCEPT_CR0_MASK; 1456 clr_cr_intercept(svm, INTERCEPT_CR0_READ);
1168 vmcb->control.intercept_cr_write &= ~INTERCEPT_CR0_MASK; 1457 clr_cr_intercept(svm, INTERCEPT_CR0_WRITE);
1169 if (is_nested(svm)) {
1170 struct vmcb *hsave = svm->nested.hsave;
1171
1172 hsave->control.intercept_cr_read &= ~INTERCEPT_CR0_MASK;
1173 hsave->control.intercept_cr_write &= ~INTERCEPT_CR0_MASK;
1174 vmcb->control.intercept_cr_read |= svm->nested.intercept_cr_read;
1175 vmcb->control.intercept_cr_write |= svm->nested.intercept_cr_write;
1176 }
1177 } else { 1458 } else {
1178 svm->vmcb->control.intercept_cr_read |= INTERCEPT_CR0_MASK; 1459 set_cr_intercept(svm, INTERCEPT_CR0_READ);
1179 svm->vmcb->control.intercept_cr_write |= INTERCEPT_CR0_MASK; 1460 set_cr_intercept(svm, INTERCEPT_CR0_WRITE);
1180 if (is_nested(svm)) {
1181 struct vmcb *hsave = svm->nested.hsave;
1182
1183 hsave->control.intercept_cr_read |= INTERCEPT_CR0_MASK;
1184 hsave->control.intercept_cr_write |= INTERCEPT_CR0_MASK;
1185 }
1186 } 1461 }
1187} 1462}
1188 1463
@@ -1190,27 +1465,6 @@ static void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)
1190{ 1465{
1191 struct vcpu_svm *svm = to_svm(vcpu); 1466 struct vcpu_svm *svm = to_svm(vcpu);
1192 1467
1193 if (is_nested(svm)) {
1194 /*
1195 * We are here because we run in nested mode, the host kvm
1196 * intercepts cr0 writes but the l1 hypervisor does not.
1197 * But the L1 hypervisor may intercept selective cr0 writes.
1198 * This needs to be checked here.
1199 */
1200 unsigned long old, new;
1201
1202 /* Remove bits that would trigger a real cr0 write intercept */
1203 old = vcpu->arch.cr0 & SVM_CR0_SELECTIVE_MASK;
1204 new = cr0 & SVM_CR0_SELECTIVE_MASK;
1205
1206 if (old == new) {
1207 /* cr0 write with ts and mp unchanged */
1208 svm->vmcb->control.exit_code = SVM_EXIT_CR0_SEL_WRITE;
1209 if (nested_svm_exit_handled(svm) == NESTED_EXIT_DONE)
1210 return;
1211 }
1212 }
1213
1214#ifdef CONFIG_X86_64 1468#ifdef CONFIG_X86_64
1215 if (vcpu->arch.efer & EFER_LME) { 1469 if (vcpu->arch.efer & EFER_LME) {
1216 if (!is_paging(vcpu) && (cr0 & X86_CR0_PG)) { 1470 if (!is_paging(vcpu) && (cr0 & X86_CR0_PG)) {
@@ -1238,6 +1492,7 @@ static void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)
1238 */ 1492 */
1239 cr0 &= ~(X86_CR0_CD | X86_CR0_NW); 1493 cr0 &= ~(X86_CR0_CD | X86_CR0_NW);
1240 svm->vmcb->save.cr0 = cr0; 1494 svm->vmcb->save.cr0 = cr0;
1495 mark_dirty(svm->vmcb, VMCB_CR);
1241 update_cr0_intercept(svm); 1496 update_cr0_intercept(svm);
1242} 1497}
1243 1498
@@ -1247,13 +1502,14 @@ static void svm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
1247 unsigned long old_cr4 = to_svm(vcpu)->vmcb->save.cr4; 1502 unsigned long old_cr4 = to_svm(vcpu)->vmcb->save.cr4;
1248 1503
1249 if (npt_enabled && ((old_cr4 ^ cr4) & X86_CR4_PGE)) 1504 if (npt_enabled && ((old_cr4 ^ cr4) & X86_CR4_PGE))
1250 force_new_asid(vcpu); 1505 svm_flush_tlb(vcpu);
1251 1506
1252 vcpu->arch.cr4 = cr4; 1507 vcpu->arch.cr4 = cr4;
1253 if (!npt_enabled) 1508 if (!npt_enabled)
1254 cr4 |= X86_CR4_PAE; 1509 cr4 |= X86_CR4_PAE;
1255 cr4 |= host_cr4_mce; 1510 cr4 |= host_cr4_mce;
1256 to_svm(vcpu)->vmcb->save.cr4 = cr4; 1511 to_svm(vcpu)->vmcb->save.cr4 = cr4;
1512 mark_dirty(to_svm(vcpu)->vmcb, VMCB_CR);
1257} 1513}
1258 1514
1259static void svm_set_segment(struct kvm_vcpu *vcpu, 1515static void svm_set_segment(struct kvm_vcpu *vcpu,
@@ -1282,26 +1538,25 @@ static void svm_set_segment(struct kvm_vcpu *vcpu,
1282 = (svm->vmcb->save.cs.attrib 1538 = (svm->vmcb->save.cs.attrib
1283 >> SVM_SELECTOR_DPL_SHIFT) & 3; 1539 >> SVM_SELECTOR_DPL_SHIFT) & 3;
1284 1540
1541 mark_dirty(svm->vmcb, VMCB_SEG);
1285} 1542}
1286 1543
1287static void update_db_intercept(struct kvm_vcpu *vcpu) 1544static void update_db_intercept(struct kvm_vcpu *vcpu)
1288{ 1545{
1289 struct vcpu_svm *svm = to_svm(vcpu); 1546 struct vcpu_svm *svm = to_svm(vcpu);
1290 1547
1291 svm->vmcb->control.intercept_exceptions &= 1548 clr_exception_intercept(svm, DB_VECTOR);
1292 ~((1 << DB_VECTOR) | (1 << BP_VECTOR)); 1549 clr_exception_intercept(svm, BP_VECTOR);
1293 1550
1294 if (svm->nmi_singlestep) 1551 if (svm->nmi_singlestep)
1295 svm->vmcb->control.intercept_exceptions |= (1 << DB_VECTOR); 1552 set_exception_intercept(svm, DB_VECTOR);
1296 1553
1297 if (vcpu->guest_debug & KVM_GUESTDBG_ENABLE) { 1554 if (vcpu->guest_debug & KVM_GUESTDBG_ENABLE) {
1298 if (vcpu->guest_debug & 1555 if (vcpu->guest_debug &
1299 (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP)) 1556 (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP))
1300 svm->vmcb->control.intercept_exceptions |= 1557 set_exception_intercept(svm, DB_VECTOR);
1301 1 << DB_VECTOR;
1302 if (vcpu->guest_debug & KVM_GUESTDBG_USE_SW_BP) 1558 if (vcpu->guest_debug & KVM_GUESTDBG_USE_SW_BP)
1303 svm->vmcb->control.intercept_exceptions |= 1559 set_exception_intercept(svm, BP_VECTOR);
1304 1 << BP_VECTOR;
1305 } else 1560 } else
1306 vcpu->guest_debug = 0; 1561 vcpu->guest_debug = 0;
1307} 1562}
@@ -1315,21 +1570,9 @@ static void svm_guest_debug(struct kvm_vcpu *vcpu, struct kvm_guest_debug *dbg)
1315 else 1570 else
1316 svm->vmcb->save.dr7 = vcpu->arch.dr7; 1571 svm->vmcb->save.dr7 = vcpu->arch.dr7;
1317 1572
1318 update_db_intercept(vcpu); 1573 mark_dirty(svm->vmcb, VMCB_DR);
1319}
1320
1321static void load_host_msrs(struct kvm_vcpu *vcpu)
1322{
1323#ifdef CONFIG_X86_64
1324 wrmsrl(MSR_GS_BASE, to_svm(vcpu)->host_gs_base);
1325#endif
1326}
1327 1574
1328static void save_host_msrs(struct kvm_vcpu *vcpu) 1575 update_db_intercept(vcpu);
1329{
1330#ifdef CONFIG_X86_64
1331 rdmsrl(MSR_GS_BASE, to_svm(vcpu)->host_gs_base);
1332#endif
1333} 1576}
1334 1577
1335static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd) 1578static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd)
@@ -1342,6 +1585,8 @@ static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd)
1342 1585
1343 svm->asid_generation = sd->asid_generation; 1586 svm->asid_generation = sd->asid_generation;
1344 svm->vmcb->control.asid = sd->next_asid++; 1587 svm->vmcb->control.asid = sd->next_asid++;
1588
1589 mark_dirty(svm->vmcb, VMCB_ASID);
1345} 1590}
1346 1591
1347static void svm_set_dr7(struct kvm_vcpu *vcpu, unsigned long value) 1592static void svm_set_dr7(struct kvm_vcpu *vcpu, unsigned long value)
@@ -1349,20 +1594,40 @@ static void svm_set_dr7(struct kvm_vcpu *vcpu, unsigned long value)
1349 struct vcpu_svm *svm = to_svm(vcpu); 1594 struct vcpu_svm *svm = to_svm(vcpu);
1350 1595
1351 svm->vmcb->save.dr7 = value; 1596 svm->vmcb->save.dr7 = value;
1597 mark_dirty(svm->vmcb, VMCB_DR);
1352} 1598}
1353 1599
1354static int pf_interception(struct vcpu_svm *svm) 1600static int pf_interception(struct vcpu_svm *svm)
1355{ 1601{
1356 u64 fault_address; 1602 u64 fault_address = svm->vmcb->control.exit_info_2;
1357 u32 error_code; 1603 u32 error_code;
1604 int r = 1;
1358 1605
1359 fault_address = svm->vmcb->control.exit_info_2; 1606 switch (svm->apf_reason) {
1360 error_code = svm->vmcb->control.exit_info_1; 1607 default:
1361 1608 error_code = svm->vmcb->control.exit_info_1;
1362 trace_kvm_page_fault(fault_address, error_code); 1609
1363 if (!npt_enabled && kvm_event_needs_reinjection(&svm->vcpu)) 1610 trace_kvm_page_fault(fault_address, error_code);
1364 kvm_mmu_unprotect_page_virt(&svm->vcpu, fault_address); 1611 if (!npt_enabled && kvm_event_needs_reinjection(&svm->vcpu))
1365 return kvm_mmu_page_fault(&svm->vcpu, fault_address, error_code); 1612 kvm_mmu_unprotect_page_virt(&svm->vcpu, fault_address);
1613 r = kvm_mmu_page_fault(&svm->vcpu, fault_address, error_code,
1614 svm->vmcb->control.insn_bytes,
1615 svm->vmcb->control.insn_len);
1616 break;
1617 case KVM_PV_REASON_PAGE_NOT_PRESENT:
1618 svm->apf_reason = 0;
1619 local_irq_disable();
1620 kvm_async_pf_task_wait(fault_address);
1621 local_irq_enable();
1622 break;
1623 case KVM_PV_REASON_PAGE_READY:
1624 svm->apf_reason = 0;
1625 local_irq_disable();
1626 kvm_async_pf_task_wake(fault_address);
1627 local_irq_enable();
1628 break;
1629 }
1630 return r;
1366} 1631}
1367 1632
1368static int db_interception(struct vcpu_svm *svm) 1633static int db_interception(struct vcpu_svm *svm)
@@ -1410,7 +1675,7 @@ static int ud_interception(struct vcpu_svm *svm)
1410{ 1675{
1411 int er; 1676 int er;
1412 1677
1413 er = emulate_instruction(&svm->vcpu, 0, 0, EMULTYPE_TRAP_UD); 1678 er = emulate_instruction(&svm->vcpu, EMULTYPE_TRAP_UD);
1414 if (er != EMULATE_DONE) 1679 if (er != EMULATE_DONE)
1415 kvm_queue_exception(&svm->vcpu, UD_VECTOR); 1680 kvm_queue_exception(&svm->vcpu, UD_VECTOR);
1416 return 1; 1681 return 1;
@@ -1419,21 +1684,8 @@ static int ud_interception(struct vcpu_svm *svm)
1419static void svm_fpu_activate(struct kvm_vcpu *vcpu) 1684static void svm_fpu_activate(struct kvm_vcpu *vcpu)
1420{ 1685{
1421 struct vcpu_svm *svm = to_svm(vcpu); 1686 struct vcpu_svm *svm = to_svm(vcpu);
1422 u32 excp;
1423
1424 if (is_nested(svm)) {
1425 u32 h_excp, n_excp;
1426
1427 h_excp = svm->nested.hsave->control.intercept_exceptions;
1428 n_excp = svm->nested.intercept_exceptions;
1429 h_excp &= ~(1 << NM_VECTOR);
1430 excp = h_excp | n_excp;
1431 } else {
1432 excp = svm->vmcb->control.intercept_exceptions;
1433 excp &= ~(1 << NM_VECTOR);
1434 }
1435 1687
1436 svm->vmcb->control.intercept_exceptions = excp; 1688 clr_exception_intercept(svm, NM_VECTOR);
1437 1689
1438 svm->vcpu.fpu_active = 1; 1690 svm->vcpu.fpu_active = 1;
1439 update_cr0_intercept(svm); 1691 update_cr0_intercept(svm);
@@ -1540,7 +1792,7 @@ static int io_interception(struct vcpu_svm *svm)
1540 string = (io_info & SVM_IOIO_STR_MASK) != 0; 1792 string = (io_info & SVM_IOIO_STR_MASK) != 0;
1541 in = (io_info & SVM_IOIO_TYPE_MASK) != 0; 1793 in = (io_info & SVM_IOIO_TYPE_MASK) != 0;
1542 if (string || in) 1794 if (string || in)
1543 return emulate_instruction(vcpu, 0, 0, 0) == EMULATE_DONE; 1795 return emulate_instruction(vcpu, 0) == EMULATE_DONE;
1544 1796
1545 port = io_info >> 16; 1797 port = io_info >> 16;
1546 size = (io_info & SVM_IOIO_SIZE_MASK) >> SVM_IOIO_SIZE_SHIFT; 1798 size = (io_info & SVM_IOIO_SIZE_MASK) >> SVM_IOIO_SIZE_SHIFT;
@@ -1581,6 +1833,56 @@ static int vmmcall_interception(struct vcpu_svm *svm)
1581 return 1; 1833 return 1;
1582} 1834}
1583 1835
1836static unsigned long nested_svm_get_tdp_cr3(struct kvm_vcpu *vcpu)
1837{
1838 struct vcpu_svm *svm = to_svm(vcpu);
1839
1840 return svm->nested.nested_cr3;
1841}
1842
1843static void nested_svm_set_tdp_cr3(struct kvm_vcpu *vcpu,
1844 unsigned long root)
1845{
1846 struct vcpu_svm *svm = to_svm(vcpu);
1847
1848 svm->vmcb->control.nested_cr3 = root;
1849 mark_dirty(svm->vmcb, VMCB_NPT);
1850 svm_flush_tlb(vcpu);
1851}
1852
1853static void nested_svm_inject_npf_exit(struct kvm_vcpu *vcpu,
1854 struct x86_exception *fault)
1855{
1856 struct vcpu_svm *svm = to_svm(vcpu);
1857
1858 svm->vmcb->control.exit_code = SVM_EXIT_NPF;
1859 svm->vmcb->control.exit_code_hi = 0;
1860 svm->vmcb->control.exit_info_1 = fault->error_code;
1861 svm->vmcb->control.exit_info_2 = fault->address;
1862
1863 nested_svm_vmexit(svm);
1864}
1865
1866static int nested_svm_init_mmu_context(struct kvm_vcpu *vcpu)
1867{
1868 int r;
1869
1870 r = kvm_init_shadow_mmu(vcpu, &vcpu->arch.mmu);
1871
1872 vcpu->arch.mmu.set_cr3 = nested_svm_set_tdp_cr3;
1873 vcpu->arch.mmu.get_cr3 = nested_svm_get_tdp_cr3;
1874 vcpu->arch.mmu.inject_page_fault = nested_svm_inject_npf_exit;
1875 vcpu->arch.mmu.shadow_root_level = get_npt_level();
1876 vcpu->arch.walk_mmu = &vcpu->arch.nested_mmu;
1877
1878 return r;
1879}
1880
1881static void nested_svm_uninit_mmu_context(struct kvm_vcpu *vcpu)
1882{
1883 vcpu->arch.walk_mmu = &vcpu->arch.mmu;
1884}
1885
1584static int nested_svm_check_permissions(struct vcpu_svm *svm) 1886static int nested_svm_check_permissions(struct vcpu_svm *svm)
1585{ 1887{
1586 if (!(svm->vcpu.arch.efer & EFER_SVME) 1888 if (!(svm->vcpu.arch.efer & EFER_SVME)
@@ -1602,7 +1904,7 @@ static int nested_svm_check_exception(struct vcpu_svm *svm, unsigned nr,
1602{ 1904{
1603 int vmexit; 1905 int vmexit;
1604 1906
1605 if (!is_nested(svm)) 1907 if (!is_guest_mode(&svm->vcpu))
1606 return 0; 1908 return 0;
1607 1909
1608 svm->vmcb->control.exit_code = SVM_EXIT_EXCP_BASE + nr; 1910 svm->vmcb->control.exit_code = SVM_EXIT_EXCP_BASE + nr;
@@ -1620,7 +1922,7 @@ static int nested_svm_check_exception(struct vcpu_svm *svm, unsigned nr,
1620/* This function returns true if it is save to enable the irq window */ 1922/* This function returns true if it is save to enable the irq window */
1621static inline bool nested_svm_intr(struct vcpu_svm *svm) 1923static inline bool nested_svm_intr(struct vcpu_svm *svm)
1622{ 1924{
1623 if (!is_nested(svm)) 1925 if (!is_guest_mode(&svm->vcpu))
1624 return true; 1926 return true;
1625 1927
1626 if (!(svm->vcpu.arch.hflags & HF_VINTR_MASK)) 1928 if (!(svm->vcpu.arch.hflags & HF_VINTR_MASK))
@@ -1629,6 +1931,14 @@ static inline bool nested_svm_intr(struct vcpu_svm *svm)
1629 if (!(svm->vcpu.arch.hflags & HF_HIF_MASK)) 1931 if (!(svm->vcpu.arch.hflags & HF_HIF_MASK))
1630 return false; 1932 return false;
1631 1933
1934 /*
1935 * if vmexit was already requested (by intercepted exception
1936 * for instance) do not overwrite it with "external interrupt"
1937 * vmexit.
1938 */
1939 if (svm->nested.exit_required)
1940 return false;
1941
1632 svm->vmcb->control.exit_code = SVM_EXIT_INTR; 1942 svm->vmcb->control.exit_code = SVM_EXIT_INTR;
1633 svm->vmcb->control.exit_info_1 = 0; 1943 svm->vmcb->control.exit_info_1 = 0;
1634 svm->vmcb->control.exit_info_2 = 0; 1944 svm->vmcb->control.exit_info_2 = 0;
@@ -1651,7 +1961,7 @@ static inline bool nested_svm_intr(struct vcpu_svm *svm)
1651/* This function returns true if it is save to enable the nmi window */ 1961/* This function returns true if it is save to enable the nmi window */
1652static inline bool nested_svm_nmi(struct vcpu_svm *svm) 1962static inline bool nested_svm_nmi(struct vcpu_svm *svm)
1653{ 1963{
1654 if (!is_nested(svm)) 1964 if (!is_guest_mode(&svm->vcpu))
1655 return true; 1965 return true;
1656 1966
1657 if (!(svm->nested.intercept & (1ULL << INTERCEPT_NMI))) 1967 if (!(svm->nested.intercept & (1ULL << INTERCEPT_NMI)))
@@ -1750,8 +2060,8 @@ static int nested_svm_exit_special(struct vcpu_svm *svm)
1750 return NESTED_EXIT_HOST; 2060 return NESTED_EXIT_HOST;
1751 break; 2061 break;
1752 case SVM_EXIT_EXCP_BASE + PF_VECTOR: 2062 case SVM_EXIT_EXCP_BASE + PF_VECTOR:
1753 /* When we're shadowing, trap PFs */ 2063 /* When we're shadowing, trap PFs, but not async PF */
1754 if (!npt_enabled) 2064 if (!npt_enabled && svm->apf_reason == 0)
1755 return NESTED_EXIT_HOST; 2065 return NESTED_EXIT_HOST;
1756 break; 2066 break;
1757 case SVM_EXIT_EXCP_BASE + NM_VECTOR: 2067 case SVM_EXIT_EXCP_BASE + NM_VECTOR:
@@ -1779,27 +2089,15 @@ static int nested_svm_intercept(struct vcpu_svm *svm)
1779 case SVM_EXIT_IOIO: 2089 case SVM_EXIT_IOIO:
1780 vmexit = nested_svm_intercept_ioio(svm); 2090 vmexit = nested_svm_intercept_ioio(svm);
1781 break; 2091 break;
1782 case SVM_EXIT_READ_CR0 ... SVM_EXIT_READ_CR8: { 2092 case SVM_EXIT_READ_CR0 ... SVM_EXIT_WRITE_CR8: {
1783 u32 cr_bits = 1 << (exit_code - SVM_EXIT_READ_CR0); 2093 u32 bit = 1U << (exit_code - SVM_EXIT_READ_CR0);
1784 if (svm->nested.intercept_cr_read & cr_bits) 2094 if (svm->nested.intercept_cr & bit)
1785 vmexit = NESTED_EXIT_DONE;
1786 break;
1787 }
1788 case SVM_EXIT_WRITE_CR0 ... SVM_EXIT_WRITE_CR8: {
1789 u32 cr_bits = 1 << (exit_code - SVM_EXIT_WRITE_CR0);
1790 if (svm->nested.intercept_cr_write & cr_bits)
1791 vmexit = NESTED_EXIT_DONE;
1792 break;
1793 }
1794 case SVM_EXIT_READ_DR0 ... SVM_EXIT_READ_DR7: {
1795 u32 dr_bits = 1 << (exit_code - SVM_EXIT_READ_DR0);
1796 if (svm->nested.intercept_dr_read & dr_bits)
1797 vmexit = NESTED_EXIT_DONE; 2095 vmexit = NESTED_EXIT_DONE;
1798 break; 2096 break;
1799 } 2097 }
1800 case SVM_EXIT_WRITE_DR0 ... SVM_EXIT_WRITE_DR7: { 2098 case SVM_EXIT_READ_DR0 ... SVM_EXIT_WRITE_DR7: {
1801 u32 dr_bits = 1 << (exit_code - SVM_EXIT_WRITE_DR0); 2099 u32 bit = 1U << (exit_code - SVM_EXIT_READ_DR0);
1802 if (svm->nested.intercept_dr_write & dr_bits) 2100 if (svm->nested.intercept_dr & bit)
1803 vmexit = NESTED_EXIT_DONE; 2101 vmexit = NESTED_EXIT_DONE;
1804 break; 2102 break;
1805 } 2103 }
@@ -1807,6 +2105,10 @@ static int nested_svm_intercept(struct vcpu_svm *svm)
1807 u32 excp_bits = 1 << (exit_code - SVM_EXIT_EXCP_BASE); 2105 u32 excp_bits = 1 << (exit_code - SVM_EXIT_EXCP_BASE);
1808 if (svm->nested.intercept_exceptions & excp_bits) 2106 if (svm->nested.intercept_exceptions & excp_bits)
1809 vmexit = NESTED_EXIT_DONE; 2107 vmexit = NESTED_EXIT_DONE;
2108 /* async page fault always cause vmexit */
2109 else if ((exit_code == SVM_EXIT_EXCP_BASE + PF_VECTOR) &&
2110 svm->apf_reason != 0)
2111 vmexit = NESTED_EXIT_DONE;
1810 break; 2112 break;
1811 } 2113 }
1812 case SVM_EXIT_ERR: { 2114 case SVM_EXIT_ERR: {
@@ -1840,10 +2142,8 @@ static inline void copy_vmcb_control_area(struct vmcb *dst_vmcb, struct vmcb *fr
1840 struct vmcb_control_area *dst = &dst_vmcb->control; 2142 struct vmcb_control_area *dst = &dst_vmcb->control;
1841 struct vmcb_control_area *from = &from_vmcb->control; 2143 struct vmcb_control_area *from = &from_vmcb->control;
1842 2144
1843 dst->intercept_cr_read = from->intercept_cr_read; 2145 dst->intercept_cr = from->intercept_cr;
1844 dst->intercept_cr_write = from->intercept_cr_write; 2146 dst->intercept_dr = from->intercept_dr;
1845 dst->intercept_dr_read = from->intercept_dr_read;
1846 dst->intercept_dr_write = from->intercept_dr_write;
1847 dst->intercept_exceptions = from->intercept_exceptions; 2147 dst->intercept_exceptions = from->intercept_exceptions;
1848 dst->intercept = from->intercept; 2148 dst->intercept = from->intercept;
1849 dst->iopm_base_pa = from->iopm_base_pa; 2149 dst->iopm_base_pa = from->iopm_base_pa;
@@ -1884,7 +2184,8 @@ static int nested_svm_vmexit(struct vcpu_svm *svm)
1884 if (!nested_vmcb) 2184 if (!nested_vmcb)
1885 return 1; 2185 return 1;
1886 2186
1887 /* Exit nested SVM mode */ 2187 /* Exit Guest-Mode */
2188 leave_guest_mode(&svm->vcpu);
1888 svm->nested.vmcb = 0; 2189 svm->nested.vmcb = 0;
1889 2190
1890 /* Give the current vmcb to the guest */ 2191 /* Give the current vmcb to the guest */
@@ -1896,11 +2197,12 @@ static int nested_svm_vmexit(struct vcpu_svm *svm)
1896 nested_vmcb->save.ds = vmcb->save.ds; 2197 nested_vmcb->save.ds = vmcb->save.ds;
1897 nested_vmcb->save.gdtr = vmcb->save.gdtr; 2198 nested_vmcb->save.gdtr = vmcb->save.gdtr;
1898 nested_vmcb->save.idtr = vmcb->save.idtr; 2199 nested_vmcb->save.idtr = vmcb->save.idtr;
2200 nested_vmcb->save.efer = svm->vcpu.arch.efer;
1899 nested_vmcb->save.cr0 = kvm_read_cr0(&svm->vcpu); 2201 nested_vmcb->save.cr0 = kvm_read_cr0(&svm->vcpu);
1900 nested_vmcb->save.cr3 = svm->vcpu.arch.cr3; 2202 nested_vmcb->save.cr3 = kvm_read_cr3(&svm->vcpu);
1901 nested_vmcb->save.cr2 = vmcb->save.cr2; 2203 nested_vmcb->save.cr2 = vmcb->save.cr2;
1902 nested_vmcb->save.cr4 = svm->vcpu.arch.cr4; 2204 nested_vmcb->save.cr4 = svm->vcpu.arch.cr4;
1903 nested_vmcb->save.rflags = vmcb->save.rflags; 2205 nested_vmcb->save.rflags = kvm_get_rflags(&svm->vcpu);
1904 nested_vmcb->save.rip = vmcb->save.rip; 2206 nested_vmcb->save.rip = vmcb->save.rip;
1905 nested_vmcb->save.rsp = vmcb->save.rsp; 2207 nested_vmcb->save.rsp = vmcb->save.rsp;
1906 nested_vmcb->save.rax = vmcb->save.rax; 2208 nested_vmcb->save.rax = vmcb->save.rax;
@@ -1917,6 +2219,7 @@ static int nested_svm_vmexit(struct vcpu_svm *svm)
1917 nested_vmcb->control.exit_info_2 = vmcb->control.exit_info_2; 2219 nested_vmcb->control.exit_info_2 = vmcb->control.exit_info_2;
1918 nested_vmcb->control.exit_int_info = vmcb->control.exit_int_info; 2220 nested_vmcb->control.exit_int_info = vmcb->control.exit_int_info;
1919 nested_vmcb->control.exit_int_info_err = vmcb->control.exit_int_info_err; 2221 nested_vmcb->control.exit_int_info_err = vmcb->control.exit_int_info_err;
2222 nested_vmcb->control.next_rip = vmcb->control.next_rip;
1920 2223
1921 /* 2224 /*
1922 * If we emulate a VMRUN/#VMEXIT in the same host #vmexit cycle we have 2225 * If we emulate a VMRUN/#VMEXIT in the same host #vmexit cycle we have
@@ -1947,6 +2250,8 @@ static int nested_svm_vmexit(struct vcpu_svm *svm)
1947 kvm_clear_exception_queue(&svm->vcpu); 2250 kvm_clear_exception_queue(&svm->vcpu);
1948 kvm_clear_interrupt_queue(&svm->vcpu); 2251 kvm_clear_interrupt_queue(&svm->vcpu);
1949 2252
2253 svm->nested.nested_cr3 = 0;
2254
1950 /* Restore selected save entries */ 2255 /* Restore selected save entries */
1951 svm->vmcb->save.es = hsave->save.es; 2256 svm->vmcb->save.es = hsave->save.es;
1952 svm->vmcb->save.cs = hsave->save.cs; 2257 svm->vmcb->save.cs = hsave->save.cs;
@@ -1954,7 +2259,7 @@ static int nested_svm_vmexit(struct vcpu_svm *svm)
1954 svm->vmcb->save.ds = hsave->save.ds; 2259 svm->vmcb->save.ds = hsave->save.ds;
1955 svm->vmcb->save.gdtr = hsave->save.gdtr; 2260 svm->vmcb->save.gdtr = hsave->save.gdtr;
1956 svm->vmcb->save.idtr = hsave->save.idtr; 2261 svm->vmcb->save.idtr = hsave->save.idtr;
1957 svm->vmcb->save.rflags = hsave->save.rflags; 2262 kvm_set_rflags(&svm->vcpu, hsave->save.rflags);
1958 svm_set_efer(&svm->vcpu, hsave->save.efer); 2263 svm_set_efer(&svm->vcpu, hsave->save.efer);
1959 svm_set_cr0(&svm->vcpu, hsave->save.cr0 | X86_CR0_PE); 2264 svm_set_cr0(&svm->vcpu, hsave->save.cr0 | X86_CR0_PE);
1960 svm_set_cr4(&svm->vcpu, hsave->save.cr4); 2265 svm_set_cr4(&svm->vcpu, hsave->save.cr4);
@@ -1971,8 +2276,11 @@ static int nested_svm_vmexit(struct vcpu_svm *svm)
1971 svm->vmcb->save.cpl = 0; 2276 svm->vmcb->save.cpl = 0;
1972 svm->vmcb->control.exit_int_info = 0; 2277 svm->vmcb->control.exit_int_info = 0;
1973 2278
2279 mark_all_dirty(svm->vmcb);
2280
1974 nested_svm_unmap(page); 2281 nested_svm_unmap(page);
1975 2282
2283 nested_svm_uninit_mmu_context(&svm->vcpu);
1976 kvm_mmu_reset_context(&svm->vcpu); 2284 kvm_mmu_reset_context(&svm->vcpu);
1977 kvm_mmu_load(&svm->vcpu); 2285 kvm_mmu_load(&svm->vcpu);
1978 2286
@@ -2012,6 +2320,20 @@ static bool nested_svm_vmrun_msrpm(struct vcpu_svm *svm)
2012 return true; 2320 return true;
2013} 2321}
2014 2322
2323static bool nested_vmcb_checks(struct vmcb *vmcb)
2324{
2325 if ((vmcb->control.intercept & (1ULL << INTERCEPT_VMRUN)) == 0)
2326 return false;
2327
2328 if (vmcb->control.asid == 0)
2329 return false;
2330
2331 if (vmcb->control.nested_ctl && !npt_enabled)
2332 return false;
2333
2334 return true;
2335}
2336
2015static bool nested_svm_vmrun(struct vcpu_svm *svm) 2337static bool nested_svm_vmrun(struct vcpu_svm *svm)
2016{ 2338{
2017 struct vmcb *nested_vmcb; 2339 struct vmcb *nested_vmcb;
@@ -2026,14 +2348,25 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
2026 if (!nested_vmcb) 2348 if (!nested_vmcb)
2027 return false; 2349 return false;
2028 2350
2029 trace_kvm_nested_vmrun(svm->vmcb->save.rip - 3, vmcb_gpa, 2351 if (!nested_vmcb_checks(nested_vmcb)) {
2352 nested_vmcb->control.exit_code = SVM_EXIT_ERR;
2353 nested_vmcb->control.exit_code_hi = 0;
2354 nested_vmcb->control.exit_info_1 = 0;
2355 nested_vmcb->control.exit_info_2 = 0;
2356
2357 nested_svm_unmap(page);
2358
2359 return false;
2360 }
2361
2362 trace_kvm_nested_vmrun(svm->vmcb->save.rip, vmcb_gpa,
2030 nested_vmcb->save.rip, 2363 nested_vmcb->save.rip,
2031 nested_vmcb->control.int_ctl, 2364 nested_vmcb->control.int_ctl,
2032 nested_vmcb->control.event_inj, 2365 nested_vmcb->control.event_inj,
2033 nested_vmcb->control.nested_ctl); 2366 nested_vmcb->control.nested_ctl);
2034 2367
2035 trace_kvm_nested_intercepts(nested_vmcb->control.intercept_cr_read, 2368 trace_kvm_nested_intercepts(nested_vmcb->control.intercept_cr & 0xffff,
2036 nested_vmcb->control.intercept_cr_write, 2369 nested_vmcb->control.intercept_cr >> 16,
2037 nested_vmcb->control.intercept_exceptions, 2370 nested_vmcb->control.intercept_exceptions,
2038 nested_vmcb->control.intercept); 2371 nested_vmcb->control.intercept);
2039 2372
@@ -2054,22 +2387,28 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
2054 hsave->save.efer = svm->vcpu.arch.efer; 2387 hsave->save.efer = svm->vcpu.arch.efer;
2055 hsave->save.cr0 = kvm_read_cr0(&svm->vcpu); 2388 hsave->save.cr0 = kvm_read_cr0(&svm->vcpu);
2056 hsave->save.cr4 = svm->vcpu.arch.cr4; 2389 hsave->save.cr4 = svm->vcpu.arch.cr4;
2057 hsave->save.rflags = vmcb->save.rflags; 2390 hsave->save.rflags = kvm_get_rflags(&svm->vcpu);
2058 hsave->save.rip = svm->next_rip; 2391 hsave->save.rip = kvm_rip_read(&svm->vcpu);
2059 hsave->save.rsp = vmcb->save.rsp; 2392 hsave->save.rsp = vmcb->save.rsp;
2060 hsave->save.rax = vmcb->save.rax; 2393 hsave->save.rax = vmcb->save.rax;
2061 if (npt_enabled) 2394 if (npt_enabled)
2062 hsave->save.cr3 = vmcb->save.cr3; 2395 hsave->save.cr3 = vmcb->save.cr3;
2063 else 2396 else
2064 hsave->save.cr3 = svm->vcpu.arch.cr3; 2397 hsave->save.cr3 = kvm_read_cr3(&svm->vcpu);
2065 2398
2066 copy_vmcb_control_area(hsave, vmcb); 2399 copy_vmcb_control_area(hsave, vmcb);
2067 2400
2068 if (svm->vmcb->save.rflags & X86_EFLAGS_IF) 2401 if (kvm_get_rflags(&svm->vcpu) & X86_EFLAGS_IF)
2069 svm->vcpu.arch.hflags |= HF_HIF_MASK; 2402 svm->vcpu.arch.hflags |= HF_HIF_MASK;
2070 else 2403 else
2071 svm->vcpu.arch.hflags &= ~HF_HIF_MASK; 2404 svm->vcpu.arch.hflags &= ~HF_HIF_MASK;
2072 2405
2406 if (nested_vmcb->control.nested_ctl) {
2407 kvm_mmu_unload(&svm->vcpu);
2408 svm->nested.nested_cr3 = nested_vmcb->control.nested_cr3;
2409 nested_svm_init_mmu_context(&svm->vcpu);
2410 }
2411
2073 /* Load the nested guest state */ 2412 /* Load the nested guest state */
2074 svm->vmcb->save.es = nested_vmcb->save.es; 2413 svm->vmcb->save.es = nested_vmcb->save.es;
2075 svm->vmcb->save.cs = nested_vmcb->save.cs; 2414 svm->vmcb->save.cs = nested_vmcb->save.cs;
@@ -2077,7 +2416,7 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
2077 svm->vmcb->save.ds = nested_vmcb->save.ds; 2416 svm->vmcb->save.ds = nested_vmcb->save.ds;
2078 svm->vmcb->save.gdtr = nested_vmcb->save.gdtr; 2417 svm->vmcb->save.gdtr = nested_vmcb->save.gdtr;
2079 svm->vmcb->save.idtr = nested_vmcb->save.idtr; 2418 svm->vmcb->save.idtr = nested_vmcb->save.idtr;
2080 svm->vmcb->save.rflags = nested_vmcb->save.rflags; 2419 kvm_set_rflags(&svm->vcpu, nested_vmcb->save.rflags);
2081 svm_set_efer(&svm->vcpu, nested_vmcb->save.efer); 2420 svm_set_efer(&svm->vcpu, nested_vmcb->save.efer);
2082 svm_set_cr0(&svm->vcpu, nested_vmcb->save.cr0); 2421 svm_set_cr0(&svm->vcpu, nested_vmcb->save.cr0);
2083 svm_set_cr4(&svm->vcpu, nested_vmcb->save.cr4); 2422 svm_set_cr4(&svm->vcpu, nested_vmcb->save.cr4);
@@ -2107,14 +2446,12 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
2107 svm->nested.vmcb_iopm = nested_vmcb->control.iopm_base_pa & ~0x0fffULL; 2446 svm->nested.vmcb_iopm = nested_vmcb->control.iopm_base_pa & ~0x0fffULL;
2108 2447
2109 /* cache intercepts */ 2448 /* cache intercepts */
2110 svm->nested.intercept_cr_read = nested_vmcb->control.intercept_cr_read; 2449 svm->nested.intercept_cr = nested_vmcb->control.intercept_cr;
2111 svm->nested.intercept_cr_write = nested_vmcb->control.intercept_cr_write; 2450 svm->nested.intercept_dr = nested_vmcb->control.intercept_dr;
2112 svm->nested.intercept_dr_read = nested_vmcb->control.intercept_dr_read;
2113 svm->nested.intercept_dr_write = nested_vmcb->control.intercept_dr_write;
2114 svm->nested.intercept_exceptions = nested_vmcb->control.intercept_exceptions; 2451 svm->nested.intercept_exceptions = nested_vmcb->control.intercept_exceptions;
2115 svm->nested.intercept = nested_vmcb->control.intercept; 2452 svm->nested.intercept = nested_vmcb->control.intercept;
2116 2453
2117 force_new_asid(&svm->vcpu); 2454 svm_flush_tlb(&svm->vcpu);
2118 svm->vmcb->control.int_ctl = nested_vmcb->control.int_ctl | V_INTR_MASKING_MASK; 2455 svm->vmcb->control.int_ctl = nested_vmcb->control.int_ctl | V_INTR_MASKING_MASK;
2119 if (nested_vmcb->control.int_ctl & V_INTR_MASKING_MASK) 2456 if (nested_vmcb->control.int_ctl & V_INTR_MASKING_MASK)
2120 svm->vcpu.arch.hflags |= HF_VINTR_MASK; 2457 svm->vcpu.arch.hflags |= HF_VINTR_MASK;
@@ -2123,29 +2460,12 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
2123 2460
2124 if (svm->vcpu.arch.hflags & HF_VINTR_MASK) { 2461 if (svm->vcpu.arch.hflags & HF_VINTR_MASK) {
2125 /* We only want the cr8 intercept bits of the guest */ 2462 /* We only want the cr8 intercept bits of the guest */
2126 svm->vmcb->control.intercept_cr_read &= ~INTERCEPT_CR8_MASK; 2463 clr_cr_intercept(svm, INTERCEPT_CR8_READ);
2127 svm->vmcb->control.intercept_cr_write &= ~INTERCEPT_CR8_MASK; 2464 clr_cr_intercept(svm, INTERCEPT_CR8_WRITE);
2128 } 2465 }
2129 2466
2130 /* We don't want to see VMMCALLs from a nested guest */ 2467 /* We don't want to see VMMCALLs from a nested guest */
2131 svm->vmcb->control.intercept &= ~(1ULL << INTERCEPT_VMMCALL); 2468 clr_intercept(svm, INTERCEPT_VMMCALL);
2132
2133 /*
2134 * We don't want a nested guest to be more powerful than the guest, so
2135 * all intercepts are ORed
2136 */
2137 svm->vmcb->control.intercept_cr_read |=
2138 nested_vmcb->control.intercept_cr_read;
2139 svm->vmcb->control.intercept_cr_write |=
2140 nested_vmcb->control.intercept_cr_write;
2141 svm->vmcb->control.intercept_dr_read |=
2142 nested_vmcb->control.intercept_dr_read;
2143 svm->vmcb->control.intercept_dr_write |=
2144 nested_vmcb->control.intercept_dr_write;
2145 svm->vmcb->control.intercept_exceptions |=
2146 nested_vmcb->control.intercept_exceptions;
2147
2148 svm->vmcb->control.intercept |= nested_vmcb->control.intercept;
2149 2469
2150 svm->vmcb->control.lbr_ctl = nested_vmcb->control.lbr_ctl; 2470 svm->vmcb->control.lbr_ctl = nested_vmcb->control.lbr_ctl;
2151 svm->vmcb->control.int_vector = nested_vmcb->control.int_vector; 2471 svm->vmcb->control.int_vector = nested_vmcb->control.int_vector;
@@ -2156,11 +2476,21 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
2156 2476
2157 nested_svm_unmap(page); 2477 nested_svm_unmap(page);
2158 2478
2159 /* nested_vmcb is our indicator if nested SVM is activated */ 2479 /* Enter Guest-Mode */
2480 enter_guest_mode(&svm->vcpu);
2481
2482 /*
2483 * Merge guest and host intercepts - must be called with vcpu in
2484 * guest-mode to take affect here
2485 */
2486 recalc_intercepts(svm);
2487
2160 svm->nested.vmcb = vmcb_gpa; 2488 svm->nested.vmcb = vmcb_gpa;
2161 2489
2162 enable_gif(svm); 2490 enable_gif(svm);
2163 2491
2492 mark_all_dirty(svm->vmcb);
2493
2164 return true; 2494 return true;
2165} 2495}
2166 2496
@@ -2188,13 +2518,13 @@ static int vmload_interception(struct vcpu_svm *svm)
2188 if (nested_svm_check_permissions(svm)) 2518 if (nested_svm_check_permissions(svm))
2189 return 1; 2519 return 1;
2190 2520
2191 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3;
2192 skip_emulated_instruction(&svm->vcpu);
2193
2194 nested_vmcb = nested_svm_map(svm, svm->vmcb->save.rax, &page); 2521 nested_vmcb = nested_svm_map(svm, svm->vmcb->save.rax, &page);
2195 if (!nested_vmcb) 2522 if (!nested_vmcb)
2196 return 1; 2523 return 1;
2197 2524
2525 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3;
2526 skip_emulated_instruction(&svm->vcpu);
2527
2198 nested_svm_vmloadsave(nested_vmcb, svm->vmcb); 2528 nested_svm_vmloadsave(nested_vmcb, svm->vmcb);
2199 nested_svm_unmap(page); 2529 nested_svm_unmap(page);
2200 2530
@@ -2209,13 +2539,13 @@ static int vmsave_interception(struct vcpu_svm *svm)
2209 if (nested_svm_check_permissions(svm)) 2539 if (nested_svm_check_permissions(svm))
2210 return 1; 2540 return 1;
2211 2541
2212 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3;
2213 skip_emulated_instruction(&svm->vcpu);
2214
2215 nested_vmcb = nested_svm_map(svm, svm->vmcb->save.rax, &page); 2542 nested_vmcb = nested_svm_map(svm, svm->vmcb->save.rax, &page);
2216 if (!nested_vmcb) 2543 if (!nested_vmcb)
2217 return 1; 2544 return 1;
2218 2545
2546 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3;
2547 skip_emulated_instruction(&svm->vcpu);
2548
2219 nested_svm_vmloadsave(svm->vmcb, nested_vmcb); 2549 nested_svm_vmloadsave(svm->vmcb, nested_vmcb);
2220 nested_svm_unmap(page); 2550 nested_svm_unmap(page);
2221 2551
@@ -2227,8 +2557,8 @@ static int vmrun_interception(struct vcpu_svm *svm)
2227 if (nested_svm_check_permissions(svm)) 2557 if (nested_svm_check_permissions(svm))
2228 return 1; 2558 return 1;
2229 2559
2230 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3; 2560 /* Save rip after vmrun instruction */
2231 skip_emulated_instruction(&svm->vcpu); 2561 kvm_rip_write(&svm->vcpu, kvm_rip_read(&svm->vcpu) + 3);
2232 2562
2233 if (!nested_svm_vmrun(svm)) 2563 if (!nested_svm_vmrun(svm))
2234 return 1; 2564 return 1;
@@ -2257,6 +2587,7 @@ static int stgi_interception(struct vcpu_svm *svm)
2257 2587
2258 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3; 2588 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3;
2259 skip_emulated_instruction(&svm->vcpu); 2589 skip_emulated_instruction(&svm->vcpu);
2590 kvm_make_request(KVM_REQ_EVENT, &svm->vcpu);
2260 2591
2261 enable_gif(svm); 2592 enable_gif(svm);
2262 2593
@@ -2277,6 +2608,8 @@ static int clgi_interception(struct vcpu_svm *svm)
2277 svm_clear_vintr(svm); 2608 svm_clear_vintr(svm);
2278 svm->vmcb->control.int_ctl &= ~V_IRQ_MASK; 2609 svm->vmcb->control.int_ctl &= ~V_IRQ_MASK;
2279 2610
2611 mark_dirty(svm->vmcb, VMCB_INTR);
2612
2280 return 1; 2613 return 1;
2281} 2614}
2282 2615
@@ -2303,6 +2636,19 @@ static int skinit_interception(struct vcpu_svm *svm)
2303 return 1; 2636 return 1;
2304} 2637}
2305 2638
2639static int xsetbv_interception(struct vcpu_svm *svm)
2640{
2641 u64 new_bv = kvm_read_edx_eax(&svm->vcpu);
2642 u32 index = kvm_register_read(&svm->vcpu, VCPU_REGS_RCX);
2643
2644 if (kvm_set_xcr(&svm->vcpu, index, new_bv) == 0) {
2645 svm->next_rip = kvm_rip_read(&svm->vcpu) + 3;
2646 skip_emulated_instruction(&svm->vcpu);
2647 }
2648
2649 return 1;
2650}
2651
2306static int invalid_op_interception(struct vcpu_svm *svm) 2652static int invalid_op_interception(struct vcpu_svm *svm)
2307{ 2653{
2308 kvm_queue_exception(&svm->vcpu, UD_VECTOR); 2654 kvm_queue_exception(&svm->vcpu, UD_VECTOR);
@@ -2384,34 +2730,162 @@ static int cpuid_interception(struct vcpu_svm *svm)
2384static int iret_interception(struct vcpu_svm *svm) 2730static int iret_interception(struct vcpu_svm *svm)
2385{ 2731{
2386 ++svm->vcpu.stat.nmi_window_exits; 2732 ++svm->vcpu.stat.nmi_window_exits;
2387 svm->vmcb->control.intercept &= ~(1ULL << INTERCEPT_IRET); 2733 clr_intercept(svm, INTERCEPT_IRET);
2388 svm->vcpu.arch.hflags |= HF_IRET_MASK; 2734 svm->vcpu.arch.hflags |= HF_IRET_MASK;
2735 svm->nmi_iret_rip = kvm_rip_read(&svm->vcpu);
2389 return 1; 2736 return 1;
2390} 2737}
2391 2738
2392static int invlpg_interception(struct vcpu_svm *svm) 2739static int invlpg_interception(struct vcpu_svm *svm)
2393{ 2740{
2394 return emulate_instruction(&svm->vcpu, 0, 0, 0) == EMULATE_DONE; 2741 if (!static_cpu_has(X86_FEATURE_DECODEASSISTS))
2742 return emulate_instruction(&svm->vcpu, 0) == EMULATE_DONE;
2743
2744 kvm_mmu_invlpg(&svm->vcpu, svm->vmcb->control.exit_info_1);
2745 skip_emulated_instruction(&svm->vcpu);
2746 return 1;
2395} 2747}
2396 2748
2397static int emulate_on_interception(struct vcpu_svm *svm) 2749static int emulate_on_interception(struct vcpu_svm *svm)
2398{ 2750{
2399 return emulate_instruction(&svm->vcpu, 0, 0, 0) == EMULATE_DONE; 2751 return emulate_instruction(&svm->vcpu, 0) == EMULATE_DONE;
2752}
2753
2754bool check_selective_cr0_intercepted(struct vcpu_svm *svm, unsigned long val)
2755{
2756 unsigned long cr0 = svm->vcpu.arch.cr0;
2757 bool ret = false;
2758 u64 intercept;
2759
2760 intercept = svm->nested.intercept;
2761
2762 if (!is_guest_mode(&svm->vcpu) ||
2763 (!(intercept & (1ULL << INTERCEPT_SELECTIVE_CR0))))
2764 return false;
2765
2766 cr0 &= ~SVM_CR0_SELECTIVE_MASK;
2767 val &= ~SVM_CR0_SELECTIVE_MASK;
2768
2769 if (cr0 ^ val) {
2770 svm->vmcb->control.exit_code = SVM_EXIT_CR0_SEL_WRITE;
2771 ret = (nested_svm_exit_handled(svm) == NESTED_EXIT_DONE);
2772 }
2773
2774 return ret;
2775}
2776
2777#define CR_VALID (1ULL << 63)
2778
2779static int cr_interception(struct vcpu_svm *svm)
2780{
2781 int reg, cr;
2782 unsigned long val;
2783 int err;
2784
2785 if (!static_cpu_has(X86_FEATURE_DECODEASSISTS))
2786 return emulate_on_interception(svm);
2787
2788 if (unlikely((svm->vmcb->control.exit_info_1 & CR_VALID) == 0))
2789 return emulate_on_interception(svm);
2790
2791 reg = svm->vmcb->control.exit_info_1 & SVM_EXITINFO_REG_MASK;
2792 cr = svm->vmcb->control.exit_code - SVM_EXIT_READ_CR0;
2793
2794 err = 0;
2795 if (cr >= 16) { /* mov to cr */
2796 cr -= 16;
2797 val = kvm_register_read(&svm->vcpu, reg);
2798 switch (cr) {
2799 case 0:
2800 if (!check_selective_cr0_intercepted(svm, val))
2801 err = kvm_set_cr0(&svm->vcpu, val);
2802 else
2803 return 1;
2804
2805 break;
2806 case 3:
2807 err = kvm_set_cr3(&svm->vcpu, val);
2808 break;
2809 case 4:
2810 err = kvm_set_cr4(&svm->vcpu, val);
2811 break;
2812 case 8:
2813 err = kvm_set_cr8(&svm->vcpu, val);
2814 break;
2815 default:
2816 WARN(1, "unhandled write to CR%d", cr);
2817 kvm_queue_exception(&svm->vcpu, UD_VECTOR);
2818 return 1;
2819 }
2820 } else { /* mov from cr */
2821 switch (cr) {
2822 case 0:
2823 val = kvm_read_cr0(&svm->vcpu);
2824 break;
2825 case 2:
2826 val = svm->vcpu.arch.cr2;
2827 break;
2828 case 3:
2829 val = kvm_read_cr3(&svm->vcpu);
2830 break;
2831 case 4:
2832 val = kvm_read_cr4(&svm->vcpu);
2833 break;
2834 case 8:
2835 val = kvm_get_cr8(&svm->vcpu);
2836 break;
2837 default:
2838 WARN(1, "unhandled read from CR%d", cr);
2839 kvm_queue_exception(&svm->vcpu, UD_VECTOR);
2840 return 1;
2841 }
2842 kvm_register_write(&svm->vcpu, reg, val);
2843 }
2844 kvm_complete_insn_gp(&svm->vcpu, err);
2845
2846 return 1;
2847}
2848
2849static int dr_interception(struct vcpu_svm *svm)
2850{
2851 int reg, dr;
2852 unsigned long val;
2853 int err;
2854
2855 if (!boot_cpu_has(X86_FEATURE_DECODEASSISTS))
2856 return emulate_on_interception(svm);
2857
2858 reg = svm->vmcb->control.exit_info_1 & SVM_EXITINFO_REG_MASK;
2859 dr = svm->vmcb->control.exit_code - SVM_EXIT_READ_DR0;
2860
2861 if (dr >= 16) { /* mov to DRn */
2862 val = kvm_register_read(&svm->vcpu, reg);
2863 kvm_set_dr(&svm->vcpu, dr - 16, val);
2864 } else {
2865 err = kvm_get_dr(&svm->vcpu, dr, &val);
2866 if (!err)
2867 kvm_register_write(&svm->vcpu, reg, val);
2868 }
2869
2870 skip_emulated_instruction(&svm->vcpu);
2871
2872 return 1;
2400} 2873}
2401 2874
2402static int cr8_write_interception(struct vcpu_svm *svm) 2875static int cr8_write_interception(struct vcpu_svm *svm)
2403{ 2876{
2404 struct kvm_run *kvm_run = svm->vcpu.run; 2877 struct kvm_run *kvm_run = svm->vcpu.run;
2878 int r;
2405 2879
2406 u8 cr8_prev = kvm_get_cr8(&svm->vcpu); 2880 u8 cr8_prev = kvm_get_cr8(&svm->vcpu);
2407 /* instruction emulation calls kvm_set_cr8() */ 2881 /* instruction emulation calls kvm_set_cr8() */
2408 emulate_instruction(&svm->vcpu, 0, 0, 0); 2882 r = cr_interception(svm);
2409 if (irqchip_in_kernel(svm->vcpu.kvm)) { 2883 if (irqchip_in_kernel(svm->vcpu.kvm)) {
2410 svm->vmcb->control.intercept_cr_write &= ~INTERCEPT_CR8_MASK; 2884 clr_cr_intercept(svm, INTERCEPT_CR8_WRITE);
2411 return 1; 2885 return r;
2412 } 2886 }
2413 if (cr8_prev <= kvm_get_cr8(&svm->vcpu)) 2887 if (cr8_prev <= kvm_get_cr8(&svm->vcpu))
2414 return 1; 2888 return r;
2415 kvm_run->exit_reason = KVM_EXIT_SET_TPR; 2889 kvm_run->exit_reason = KVM_EXIT_SET_TPR;
2416 return 0; 2890 return 0;
2417} 2891}
@@ -2422,14 +2896,11 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 *data)
2422 2896
2423 switch (ecx) { 2897 switch (ecx) {
2424 case MSR_IA32_TSC: { 2898 case MSR_IA32_TSC: {
2425 u64 tsc_offset; 2899 struct vmcb *vmcb = get_host_vmcb(svm);
2426 2900
2427 if (is_nested(svm)) 2901 *data = vmcb->control.tsc_offset +
2428 tsc_offset = svm->nested.hsave->control.tsc_offset; 2902 svm_scale_tsc(vcpu, native_read_tsc());
2429 else
2430 tsc_offset = svm->vmcb->control.tsc_offset;
2431 2903
2432 *data = tsc_offset + native_read_tsc();
2433 break; 2904 break;
2434 } 2905 }
2435 case MSR_STAR: 2906 case MSR_STAR:
@@ -2542,20 +3013,9 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 data)
2542 struct vcpu_svm *svm = to_svm(vcpu); 3013 struct vcpu_svm *svm = to_svm(vcpu);
2543 3014
2544 switch (ecx) { 3015 switch (ecx) {
2545 case MSR_IA32_TSC: { 3016 case MSR_IA32_TSC:
2546 u64 tsc_offset = data - native_read_tsc(); 3017 kvm_write_tsc(vcpu, data);
2547 u64 g_tsc_offset = 0;
2548
2549 if (is_nested(svm)) {
2550 g_tsc_offset = svm->vmcb->control.tsc_offset -
2551 svm->nested.hsave->control.tsc_offset;
2552 svm->nested.hsave->control.tsc_offset = tsc_offset;
2553 }
2554
2555 svm->vmcb->control.tsc_offset = tsc_offset + g_tsc_offset;
2556
2557 break; 3018 break;
2558 }
2559 case MSR_STAR: 3019 case MSR_STAR:
2560 svm->vmcb->save.star = data; 3020 svm->vmcb->save.star = data;
2561 break; 3021 break;
@@ -2585,7 +3045,7 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 data)
2585 svm->vmcb->save.sysenter_esp = data; 3045 svm->vmcb->save.sysenter_esp = data;
2586 break; 3046 break;
2587 case MSR_IA32_DEBUGCTLMSR: 3047 case MSR_IA32_DEBUGCTLMSR:
2588 if (!svm_has(SVM_FEATURE_LBRV)) { 3048 if (!boot_cpu_has(X86_FEATURE_LBRV)) {
2589 pr_unimpl(vcpu, "%s: MSR_IA32_DEBUGCTL 0x%llx, nop\n", 3049 pr_unimpl(vcpu, "%s: MSR_IA32_DEBUGCTL 0x%llx, nop\n",
2590 __func__, data); 3050 __func__, data);
2591 break; 3051 break;
@@ -2594,6 +3054,7 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, unsigned ecx, u64 data)
2594 return 1; 3054 return 1;
2595 3055
2596 svm->vmcb->save.dbgctl = data; 3056 svm->vmcb->save.dbgctl = data;
3057 mark_dirty(svm->vmcb, VMCB_LBR);
2597 if (data & (1ULL<<0)) 3058 if (data & (1ULL<<0))
2598 svm_enable_lbrv(svm); 3059 svm_enable_lbrv(svm);
2599 else 3060 else
@@ -2643,8 +3104,10 @@ static int interrupt_window_interception(struct vcpu_svm *svm)
2643{ 3104{
2644 struct kvm_run *kvm_run = svm->vcpu.run; 3105 struct kvm_run *kvm_run = svm->vcpu.run;
2645 3106
3107 kvm_make_request(KVM_REQ_EVENT, &svm->vcpu);
2646 svm_clear_vintr(svm); 3108 svm_clear_vintr(svm);
2647 svm->vmcb->control.int_ctl &= ~V_IRQ_MASK; 3109 svm->vmcb->control.int_ctl &= ~V_IRQ_MASK;
3110 mark_dirty(svm->vmcb, VMCB_INTR);
2648 /* 3111 /*
2649 * If the user space waits to inject interrupts, exit as soon as 3112 * If the user space waits to inject interrupts, exit as soon as
2650 * possible 3113 * possible
@@ -2667,31 +3130,31 @@ static int pause_interception(struct vcpu_svm *svm)
2667} 3130}
2668 3131
2669static int (*svm_exit_handlers[])(struct vcpu_svm *svm) = { 3132static int (*svm_exit_handlers[])(struct vcpu_svm *svm) = {
2670 [SVM_EXIT_READ_CR0] = emulate_on_interception, 3133 [SVM_EXIT_READ_CR0] = cr_interception,
2671 [SVM_EXIT_READ_CR3] = emulate_on_interception, 3134 [SVM_EXIT_READ_CR3] = cr_interception,
2672 [SVM_EXIT_READ_CR4] = emulate_on_interception, 3135 [SVM_EXIT_READ_CR4] = cr_interception,
2673 [SVM_EXIT_READ_CR8] = emulate_on_interception, 3136 [SVM_EXIT_READ_CR8] = cr_interception,
2674 [SVM_EXIT_CR0_SEL_WRITE] = emulate_on_interception, 3137 [SVM_EXIT_CR0_SEL_WRITE] = emulate_on_interception,
2675 [SVM_EXIT_WRITE_CR0] = emulate_on_interception, 3138 [SVM_EXIT_WRITE_CR0] = cr_interception,
2676 [SVM_EXIT_WRITE_CR3] = emulate_on_interception, 3139 [SVM_EXIT_WRITE_CR3] = cr_interception,
2677 [SVM_EXIT_WRITE_CR4] = emulate_on_interception, 3140 [SVM_EXIT_WRITE_CR4] = cr_interception,
2678 [SVM_EXIT_WRITE_CR8] = cr8_write_interception, 3141 [SVM_EXIT_WRITE_CR8] = cr8_write_interception,
2679 [SVM_EXIT_READ_DR0] = emulate_on_interception, 3142 [SVM_EXIT_READ_DR0] = dr_interception,
2680 [SVM_EXIT_READ_DR1] = emulate_on_interception, 3143 [SVM_EXIT_READ_DR1] = dr_interception,
2681 [SVM_EXIT_READ_DR2] = emulate_on_interception, 3144 [SVM_EXIT_READ_DR2] = dr_interception,
2682 [SVM_EXIT_READ_DR3] = emulate_on_interception, 3145 [SVM_EXIT_READ_DR3] = dr_interception,
2683 [SVM_EXIT_READ_DR4] = emulate_on_interception, 3146 [SVM_EXIT_READ_DR4] = dr_interception,
2684 [SVM_EXIT_READ_DR5] = emulate_on_interception, 3147 [SVM_EXIT_READ_DR5] = dr_interception,
2685 [SVM_EXIT_READ_DR6] = emulate_on_interception, 3148 [SVM_EXIT_READ_DR6] = dr_interception,
2686 [SVM_EXIT_READ_DR7] = emulate_on_interception, 3149 [SVM_EXIT_READ_DR7] = dr_interception,
2687 [SVM_EXIT_WRITE_DR0] = emulate_on_interception, 3150 [SVM_EXIT_WRITE_DR0] = dr_interception,
2688 [SVM_EXIT_WRITE_DR1] = emulate_on_interception, 3151 [SVM_EXIT_WRITE_DR1] = dr_interception,
2689 [SVM_EXIT_WRITE_DR2] = emulate_on_interception, 3152 [SVM_EXIT_WRITE_DR2] = dr_interception,
2690 [SVM_EXIT_WRITE_DR3] = emulate_on_interception, 3153 [SVM_EXIT_WRITE_DR3] = dr_interception,
2691 [SVM_EXIT_WRITE_DR4] = emulate_on_interception, 3154 [SVM_EXIT_WRITE_DR4] = dr_interception,
2692 [SVM_EXIT_WRITE_DR5] = emulate_on_interception, 3155 [SVM_EXIT_WRITE_DR5] = dr_interception,
2693 [SVM_EXIT_WRITE_DR6] = emulate_on_interception, 3156 [SVM_EXIT_WRITE_DR6] = dr_interception,
2694 [SVM_EXIT_WRITE_DR7] = emulate_on_interception, 3157 [SVM_EXIT_WRITE_DR7] = dr_interception,
2695 [SVM_EXIT_EXCP_BASE + DB_VECTOR] = db_interception, 3158 [SVM_EXIT_EXCP_BASE + DB_VECTOR] = db_interception,
2696 [SVM_EXIT_EXCP_BASE + BP_VECTOR] = bp_interception, 3159 [SVM_EXIT_EXCP_BASE + BP_VECTOR] = bp_interception,
2697 [SVM_EXIT_EXCP_BASE + UD_VECTOR] = ud_interception, 3160 [SVM_EXIT_EXCP_BASE + UD_VECTOR] = ud_interception,
@@ -2724,100 +3187,121 @@ static int (*svm_exit_handlers[])(struct vcpu_svm *svm) = {
2724 [SVM_EXIT_WBINVD] = emulate_on_interception, 3187 [SVM_EXIT_WBINVD] = emulate_on_interception,
2725 [SVM_EXIT_MONITOR] = invalid_op_interception, 3188 [SVM_EXIT_MONITOR] = invalid_op_interception,
2726 [SVM_EXIT_MWAIT] = invalid_op_interception, 3189 [SVM_EXIT_MWAIT] = invalid_op_interception,
3190 [SVM_EXIT_XSETBV] = xsetbv_interception,
2727 [SVM_EXIT_NPF] = pf_interception, 3191 [SVM_EXIT_NPF] = pf_interception,
2728}; 3192};
2729 3193
2730void dump_vmcb(struct kvm_vcpu *vcpu) 3194static void dump_vmcb(struct kvm_vcpu *vcpu)
2731{ 3195{
2732 struct vcpu_svm *svm = to_svm(vcpu); 3196 struct vcpu_svm *svm = to_svm(vcpu);
2733 struct vmcb_control_area *control = &svm->vmcb->control; 3197 struct vmcb_control_area *control = &svm->vmcb->control;
2734 struct vmcb_save_area *save = &svm->vmcb->save; 3198 struct vmcb_save_area *save = &svm->vmcb->save;
2735 3199
2736 pr_err("VMCB Control Area:\n"); 3200 pr_err("VMCB Control Area:\n");
2737 pr_err("cr_read: %04x\n", control->intercept_cr_read); 3201 pr_err("%-20s%04x\n", "cr_read:", control->intercept_cr & 0xffff);
2738 pr_err("cr_write: %04x\n", control->intercept_cr_write); 3202 pr_err("%-20s%04x\n", "cr_write:", control->intercept_cr >> 16);
2739 pr_err("dr_read: %04x\n", control->intercept_dr_read); 3203 pr_err("%-20s%04x\n", "dr_read:", control->intercept_dr & 0xffff);
2740 pr_err("dr_write: %04x\n", control->intercept_dr_write); 3204 pr_err("%-20s%04x\n", "dr_write:", control->intercept_dr >> 16);
2741 pr_err("exceptions: %08x\n", control->intercept_exceptions); 3205 pr_err("%-20s%08x\n", "exceptions:", control->intercept_exceptions);
2742 pr_err("intercepts: %016llx\n", control->intercept); 3206 pr_err("%-20s%016llx\n", "intercepts:", control->intercept);
2743 pr_err("pause filter count: %d\n", control->pause_filter_count); 3207 pr_err("%-20s%d\n", "pause filter count:", control->pause_filter_count);
2744 pr_err("iopm_base_pa: %016llx\n", control->iopm_base_pa); 3208 pr_err("%-20s%016llx\n", "iopm_base_pa:", control->iopm_base_pa);
2745 pr_err("msrpm_base_pa: %016llx\n", control->msrpm_base_pa); 3209 pr_err("%-20s%016llx\n", "msrpm_base_pa:", control->msrpm_base_pa);
2746 pr_err("tsc_offset: %016llx\n", control->tsc_offset); 3210 pr_err("%-20s%016llx\n", "tsc_offset:", control->tsc_offset);
2747 pr_err("asid: %d\n", control->asid); 3211 pr_err("%-20s%d\n", "asid:", control->asid);
2748 pr_err("tlb_ctl: %d\n", control->tlb_ctl); 3212 pr_err("%-20s%d\n", "tlb_ctl:", control->tlb_ctl);
2749 pr_err("int_ctl: %08x\n", control->int_ctl); 3213 pr_err("%-20s%08x\n", "int_ctl:", control->int_ctl);
2750 pr_err("int_vector: %08x\n", control->int_vector); 3214 pr_err("%-20s%08x\n", "int_vector:", control->int_vector);
2751 pr_err("int_state: %08x\n", control->int_state); 3215 pr_err("%-20s%08x\n", "int_state:", control->int_state);
2752 pr_err("exit_code: %08x\n", control->exit_code); 3216 pr_err("%-20s%08x\n", "exit_code:", control->exit_code);
2753 pr_err("exit_info1: %016llx\n", control->exit_info_1); 3217 pr_err("%-20s%016llx\n", "exit_info1:", control->exit_info_1);
2754 pr_err("exit_info2: %016llx\n", control->exit_info_2); 3218 pr_err("%-20s%016llx\n", "exit_info2:", control->exit_info_2);
2755 pr_err("exit_int_info: %08x\n", control->exit_int_info); 3219 pr_err("%-20s%08x\n", "exit_int_info:", control->exit_int_info);
2756 pr_err("exit_int_info_err: %08x\n", control->exit_int_info_err); 3220 pr_err("%-20s%08x\n", "exit_int_info_err:", control->exit_int_info_err);
2757 pr_err("nested_ctl: %lld\n", control->nested_ctl); 3221 pr_err("%-20s%lld\n", "nested_ctl:", control->nested_ctl);
2758 pr_err("nested_cr3: %016llx\n", control->nested_cr3); 3222 pr_err("%-20s%016llx\n", "nested_cr3:", control->nested_cr3);
2759 pr_err("event_inj: %08x\n", control->event_inj); 3223 pr_err("%-20s%08x\n", "event_inj:", control->event_inj);
2760 pr_err("event_inj_err: %08x\n", control->event_inj_err); 3224 pr_err("%-20s%08x\n", "event_inj_err:", control->event_inj_err);
2761 pr_err("lbr_ctl: %lld\n", control->lbr_ctl); 3225 pr_err("%-20s%lld\n", "lbr_ctl:", control->lbr_ctl);
2762 pr_err("next_rip: %016llx\n", control->next_rip); 3226 pr_err("%-20s%016llx\n", "next_rip:", control->next_rip);
2763 pr_err("VMCB State Save Area:\n"); 3227 pr_err("VMCB State Save Area:\n");
2764 pr_err("es: s: %04x a: %04x l: %08x b: %016llx\n", 3228 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2765 save->es.selector, save->es.attrib, 3229 "es:",
2766 save->es.limit, save->es.base); 3230 save->es.selector, save->es.attrib,
2767 pr_err("cs: s: %04x a: %04x l: %08x b: %016llx\n", 3231 save->es.limit, save->es.base);
2768 save->cs.selector, save->cs.attrib, 3232 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2769 save->cs.limit, save->cs.base); 3233 "cs:",
2770 pr_err("ss: s: %04x a: %04x l: %08x b: %016llx\n", 3234 save->cs.selector, save->cs.attrib,
2771 save->ss.selector, save->ss.attrib, 3235 save->cs.limit, save->cs.base);
2772 save->ss.limit, save->ss.base); 3236 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2773 pr_err("ds: s: %04x a: %04x l: %08x b: %016llx\n", 3237 "ss:",
2774 save->ds.selector, save->ds.attrib, 3238 save->ss.selector, save->ss.attrib,
2775 save->ds.limit, save->ds.base); 3239 save->ss.limit, save->ss.base);
2776 pr_err("fs: s: %04x a: %04x l: %08x b: %016llx\n", 3240 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2777 save->fs.selector, save->fs.attrib, 3241 "ds:",
2778 save->fs.limit, save->fs.base); 3242 save->ds.selector, save->ds.attrib,
2779 pr_err("gs: s: %04x a: %04x l: %08x b: %016llx\n", 3243 save->ds.limit, save->ds.base);
2780 save->gs.selector, save->gs.attrib, 3244 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2781 save->gs.limit, save->gs.base); 3245 "fs:",
2782 pr_err("gdtr: s: %04x a: %04x l: %08x b: %016llx\n", 3246 save->fs.selector, save->fs.attrib,
2783 save->gdtr.selector, save->gdtr.attrib, 3247 save->fs.limit, save->fs.base);
2784 save->gdtr.limit, save->gdtr.base); 3248 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2785 pr_err("ldtr: s: %04x a: %04x l: %08x b: %016llx\n", 3249 "gs:",
2786 save->ldtr.selector, save->ldtr.attrib, 3250 save->gs.selector, save->gs.attrib,
2787 save->ldtr.limit, save->ldtr.base); 3251 save->gs.limit, save->gs.base);
2788 pr_err("idtr: s: %04x a: %04x l: %08x b: %016llx\n", 3252 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2789 save->idtr.selector, save->idtr.attrib, 3253 "gdtr:",
2790 save->idtr.limit, save->idtr.base); 3254 save->gdtr.selector, save->gdtr.attrib,
2791 pr_err("tr: s: %04x a: %04x l: %08x b: %016llx\n", 3255 save->gdtr.limit, save->gdtr.base);
2792 save->tr.selector, save->tr.attrib, 3256 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
2793 save->tr.limit, save->tr.base); 3257 "ldtr:",
3258 save->ldtr.selector, save->ldtr.attrib,
3259 save->ldtr.limit, save->ldtr.base);
3260 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3261 "idtr:",
3262 save->idtr.selector, save->idtr.attrib,
3263 save->idtr.limit, save->idtr.base);
3264 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3265 "tr:",
3266 save->tr.selector, save->tr.attrib,
3267 save->tr.limit, save->tr.base);
2794 pr_err("cpl: %d efer: %016llx\n", 3268 pr_err("cpl: %d efer: %016llx\n",
2795 save->cpl, save->efer); 3269 save->cpl, save->efer);
2796 pr_err("cr0: %016llx cr2: %016llx\n", 3270 pr_err("%-15s %016llx %-13s %016llx\n",
2797 save->cr0, save->cr2); 3271 "cr0:", save->cr0, "cr2:", save->cr2);
2798 pr_err("cr3: %016llx cr4: %016llx\n", 3272 pr_err("%-15s %016llx %-13s %016llx\n",
2799 save->cr3, save->cr4); 3273 "cr3:", save->cr3, "cr4:", save->cr4);
2800 pr_err("dr6: %016llx dr7: %016llx\n", 3274 pr_err("%-15s %016llx %-13s %016llx\n",
2801 save->dr6, save->dr7); 3275 "dr6:", save->dr6, "dr7:", save->dr7);
2802 pr_err("rip: %016llx rflags: %016llx\n", 3276 pr_err("%-15s %016llx %-13s %016llx\n",
2803 save->rip, save->rflags); 3277 "rip:", save->rip, "rflags:", save->rflags);
2804 pr_err("rsp: %016llx rax: %016llx\n", 3278 pr_err("%-15s %016llx %-13s %016llx\n",
2805 save->rsp, save->rax); 3279 "rsp:", save->rsp, "rax:", save->rax);
2806 pr_err("star: %016llx lstar: %016llx\n", 3280 pr_err("%-15s %016llx %-13s %016llx\n",
2807 save->star, save->lstar); 3281 "star:", save->star, "lstar:", save->lstar);
2808 pr_err("cstar: %016llx sfmask: %016llx\n", 3282 pr_err("%-15s %016llx %-13s %016llx\n",
2809 save->cstar, save->sfmask); 3283 "cstar:", save->cstar, "sfmask:", save->sfmask);
2810 pr_err("kernel_gs_base: %016llx sysenter_cs: %016llx\n", 3284 pr_err("%-15s %016llx %-13s %016llx\n",
2811 save->kernel_gs_base, save->sysenter_cs); 3285 "kernel_gs_base:", save->kernel_gs_base,
2812 pr_err("sysenter_esp: %016llx sysenter_eip: %016llx\n", 3286 "sysenter_cs:", save->sysenter_cs);
2813 save->sysenter_esp, save->sysenter_eip); 3287 pr_err("%-15s %016llx %-13s %016llx\n",
2814 pr_err("gpat: %016llx dbgctl: %016llx\n", 3288 "sysenter_esp:", save->sysenter_esp,
2815 save->g_pat, save->dbgctl); 3289 "sysenter_eip:", save->sysenter_eip);
2816 pr_err("br_from: %016llx br_to: %016llx\n", 3290 pr_err("%-15s %016llx %-13s %016llx\n",
2817 save->br_from, save->br_to); 3291 "gpat:", save->g_pat, "dbgctl:", save->dbgctl);
2818 pr_err("excp_from: %016llx excp_to: %016llx\n", 3292 pr_err("%-15s %016llx %-13s %016llx\n",
2819 save->last_excp_from, save->last_excp_to); 3293 "br_from:", save->br_from, "br_to:", save->br_to);
2820 3294 pr_err("%-15s %016llx %-13s %016llx\n",
3295 "excp_from:", save->last_excp_from,
3296 "excp_to:", save->last_excp_to);
3297}
3298
3299static void svm_get_exit_info(struct kvm_vcpu *vcpu, u64 *info1, u64 *info2)
3300{
3301 struct vmcb_control_area *control = &to_svm(vcpu)->vmcb->control;
3302
3303 *info1 = control->exit_info_1;
3304 *info2 = control->exit_info_2;
2821} 3305}
2822 3306
2823static int handle_exit(struct kvm_vcpu *vcpu) 3307static int handle_exit(struct kvm_vcpu *vcpu)
@@ -2826,9 +3310,9 @@ static int handle_exit(struct kvm_vcpu *vcpu)
2826 struct kvm_run *kvm_run = vcpu->run; 3310 struct kvm_run *kvm_run = vcpu->run;
2827 u32 exit_code = svm->vmcb->control.exit_code; 3311 u32 exit_code = svm->vmcb->control.exit_code;
2828 3312
2829 trace_kvm_exit(exit_code, vcpu); 3313 trace_kvm_exit(exit_code, vcpu, KVM_ISA_SVM);
2830 3314
2831 if (!(svm->vmcb->control.intercept_cr_write & INTERCEPT_CR0_MASK)) 3315 if (!is_cr_intercept(svm, INTERCEPT_CR0_WRITE))
2832 vcpu->arch.cr0 = svm->vmcb->save.cr0; 3316 vcpu->arch.cr0 = svm->vmcb->save.cr0;
2833 if (npt_enabled) 3317 if (npt_enabled)
2834 vcpu->arch.cr3 = svm->vmcb->save.cr3; 3318 vcpu->arch.cr3 = svm->vmcb->save.cr3;
@@ -2840,7 +3324,7 @@ static int handle_exit(struct kvm_vcpu *vcpu)
2840 return 1; 3324 return 1;
2841 } 3325 }
2842 3326
2843 if (is_nested(svm)) { 3327 if (is_guest_mode(vcpu)) {
2844 int vmexit; 3328 int vmexit;
2845 3329
2846 trace_kvm_nested_vmexit(svm->vmcb->save.rip, exit_code, 3330 trace_kvm_nested_vmexit(svm->vmcb->save.rip, exit_code,
@@ -2871,7 +3355,8 @@ static int handle_exit(struct kvm_vcpu *vcpu)
2871 3355
2872 if (is_external_interrupt(svm->vmcb->control.exit_int_info) && 3356 if (is_external_interrupt(svm->vmcb->control.exit_int_info) &&
2873 exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR && 3357 exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR &&
2874 exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH) 3358 exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH &&
3359 exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI)
2875 printk(KERN_ERR "%s: unexpected exit_ini_info 0x%x " 3360 printk(KERN_ERR "%s: unexpected exit_ini_info 0x%x "
2876 "exit_code 0x%x\n", 3361 "exit_code 0x%x\n",
2877 __func__, svm->vmcb->control.exit_int_info, 3362 __func__, svm->vmcb->control.exit_int_info,
@@ -2902,7 +3387,6 @@ static void pre_svm_run(struct vcpu_svm *svm)
2902 3387
2903 struct svm_cpu_data *sd = per_cpu(svm_data, cpu); 3388 struct svm_cpu_data *sd = per_cpu(svm_data, cpu);
2904 3389
2905 svm->vmcb->control.tlb_ctl = TLB_CONTROL_DO_NOTHING;
2906 /* FIXME: handle wraparound of asid_generation */ 3390 /* FIXME: handle wraparound of asid_generation */
2907 if (svm->asid_generation != sd->asid_generation) 3391 if (svm->asid_generation != sd->asid_generation)
2908 new_asid(svm, sd); 3392 new_asid(svm, sd);
@@ -2914,7 +3398,7 @@ static void svm_inject_nmi(struct kvm_vcpu *vcpu)
2914 3398
2915 svm->vmcb->control.event_inj = SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI; 3399 svm->vmcb->control.event_inj = SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI;
2916 vcpu->arch.hflags |= HF_NMI_MASK; 3400 vcpu->arch.hflags |= HF_NMI_MASK;
2917 svm->vmcb->control.intercept |= (1ULL << INTERCEPT_IRET); 3401 set_intercept(svm, INTERCEPT_IRET);
2918 ++vcpu->stat.nmi_injections; 3402 ++vcpu->stat.nmi_injections;
2919} 3403}
2920 3404
@@ -2927,6 +3411,7 @@ static inline void svm_inject_irq(struct vcpu_svm *svm, int irq)
2927 control->int_ctl &= ~V_INTR_PRIO_MASK; 3411 control->int_ctl &= ~V_INTR_PRIO_MASK;
2928 control->int_ctl |= V_IRQ_MASK | 3412 control->int_ctl |= V_IRQ_MASK |
2929 ((/*control->int_vector >> 4*/ 0xf) << V_INTR_PRIO_SHIFT); 3413 ((/*control->int_vector >> 4*/ 0xf) << V_INTR_PRIO_SHIFT);
3414 mark_dirty(svm->vmcb, VMCB_INTR);
2930} 3415}
2931 3416
2932static void svm_set_irq(struct kvm_vcpu *vcpu) 3417static void svm_set_irq(struct kvm_vcpu *vcpu)
@@ -2946,14 +3431,14 @@ static void update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr)
2946{ 3431{
2947 struct vcpu_svm *svm = to_svm(vcpu); 3432 struct vcpu_svm *svm = to_svm(vcpu);
2948 3433
2949 if (is_nested(svm) && (vcpu->arch.hflags & HF_VINTR_MASK)) 3434 if (is_guest_mode(vcpu) && (vcpu->arch.hflags & HF_VINTR_MASK))
2950 return; 3435 return;
2951 3436
2952 if (irr == -1) 3437 if (irr == -1)
2953 return; 3438 return;
2954 3439
2955 if (tpr >= irr) 3440 if (tpr >= irr)
2956 svm->vmcb->control.intercept_cr_write |= INTERCEPT_CR8_MASK; 3441 set_cr_intercept(svm, INTERCEPT_CR8_WRITE);
2957} 3442}
2958 3443
2959static int svm_nmi_allowed(struct kvm_vcpu *vcpu) 3444static int svm_nmi_allowed(struct kvm_vcpu *vcpu)
@@ -2981,10 +3466,10 @@ static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked)
2981 3466
2982 if (masked) { 3467 if (masked) {
2983 svm->vcpu.arch.hflags |= HF_NMI_MASK; 3468 svm->vcpu.arch.hflags |= HF_NMI_MASK;
2984 svm->vmcb->control.intercept |= (1ULL << INTERCEPT_IRET); 3469 set_intercept(svm, INTERCEPT_IRET);
2985 } else { 3470 } else {
2986 svm->vcpu.arch.hflags &= ~HF_NMI_MASK; 3471 svm->vcpu.arch.hflags &= ~HF_NMI_MASK;
2987 svm->vmcb->control.intercept &= ~(1ULL << INTERCEPT_IRET); 3472 clr_intercept(svm, INTERCEPT_IRET);
2988 } 3473 }
2989} 3474}
2990 3475
@@ -2998,9 +3483,9 @@ static int svm_interrupt_allowed(struct kvm_vcpu *vcpu)
2998 (vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK)) 3483 (vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK))
2999 return 0; 3484 return 0;
3000 3485
3001 ret = !!(vmcb->save.rflags & X86_EFLAGS_IF); 3486 ret = !!(kvm_get_rflags(vcpu) & X86_EFLAGS_IF);
3002 3487
3003 if (is_nested(svm)) 3488 if (is_guest_mode(vcpu))
3004 return ret && !(svm->vcpu.arch.hflags & HF_VINTR_MASK); 3489 return ret && !(svm->vcpu.arch.hflags & HF_VINTR_MASK);
3005 3490
3006 return ret; 3491 return ret;
@@ -3046,7 +3531,12 @@ static int svm_set_tss_addr(struct kvm *kvm, unsigned int addr)
3046 3531
3047static void svm_flush_tlb(struct kvm_vcpu *vcpu) 3532static void svm_flush_tlb(struct kvm_vcpu *vcpu)
3048{ 3533{
3049 force_new_asid(vcpu); 3534 struct vcpu_svm *svm = to_svm(vcpu);
3535
3536 if (static_cpu_has(X86_FEATURE_FLUSHBYASID))
3537 svm->vmcb->control.tlb_ctl = TLB_CONTROL_FLUSH_ASID;
3538 else
3539 svm->asid_generation--;
3050} 3540}
3051 3541
3052static void svm_prepare_guest_switch(struct kvm_vcpu *vcpu) 3542static void svm_prepare_guest_switch(struct kvm_vcpu *vcpu)
@@ -3057,10 +3547,10 @@ static inline void sync_cr8_to_lapic(struct kvm_vcpu *vcpu)
3057{ 3547{
3058 struct vcpu_svm *svm = to_svm(vcpu); 3548 struct vcpu_svm *svm = to_svm(vcpu);
3059 3549
3060 if (is_nested(svm) && (vcpu->arch.hflags & HF_VINTR_MASK)) 3550 if (is_guest_mode(vcpu) && (vcpu->arch.hflags & HF_VINTR_MASK))
3061 return; 3551 return;
3062 3552
3063 if (!(svm->vmcb->control.intercept_cr_write & INTERCEPT_CR8_MASK)) { 3553 if (!is_cr_intercept(svm, INTERCEPT_CR8_WRITE)) {
3064 int cr8 = svm->vmcb->control.int_ctl & V_TPR_MASK; 3554 int cr8 = svm->vmcb->control.int_ctl & V_TPR_MASK;
3065 kvm_set_cr8(vcpu, cr8); 3555 kvm_set_cr8(vcpu, cr8);
3066 } 3556 }
@@ -3071,7 +3561,7 @@ static inline void sync_lapic_to_cr8(struct kvm_vcpu *vcpu)
3071 struct vcpu_svm *svm = to_svm(vcpu); 3561 struct vcpu_svm *svm = to_svm(vcpu);
3072 u64 cr8; 3562 u64 cr8;
3073 3563
3074 if (is_nested(svm) && (vcpu->arch.hflags & HF_VINTR_MASK)) 3564 if (is_guest_mode(vcpu) && (vcpu->arch.hflags & HF_VINTR_MASK))
3075 return; 3565 return;
3076 3566
3077 cr8 = kvm_get_cr8(vcpu); 3567 cr8 = kvm_get_cr8(vcpu);
@@ -3088,8 +3578,15 @@ static void svm_complete_interrupts(struct vcpu_svm *svm)
3088 3578
3089 svm->int3_injected = 0; 3579 svm->int3_injected = 0;
3090 3580
3091 if (svm->vcpu.arch.hflags & HF_IRET_MASK) 3581 /*
3582 * If we've made progress since setting HF_IRET_MASK, we've
3583 * executed an IRET and can allow NMI injection.
3584 */
3585 if ((svm->vcpu.arch.hflags & HF_IRET_MASK)
3586 && kvm_rip_read(&svm->vcpu) != svm->nmi_iret_rip) {
3092 svm->vcpu.arch.hflags &= ~(HF_NMI_MASK | HF_IRET_MASK); 3587 svm->vcpu.arch.hflags &= ~(HF_NMI_MASK | HF_IRET_MASK);
3588 kvm_make_request(KVM_REQ_EVENT, &svm->vcpu);
3589 }
3093 3590
3094 svm->vcpu.arch.nmi_injected = false; 3591 svm->vcpu.arch.nmi_injected = false;
3095 kvm_clear_exception_queue(&svm->vcpu); 3592 kvm_clear_exception_queue(&svm->vcpu);
@@ -3098,6 +3595,8 @@ static void svm_complete_interrupts(struct vcpu_svm *svm)
3098 if (!(exitintinfo & SVM_EXITINTINFO_VALID)) 3595 if (!(exitintinfo & SVM_EXITINTINFO_VALID))
3099 return; 3596 return;
3100 3597
3598 kvm_make_request(KVM_REQ_EVENT, &svm->vcpu);
3599
3101 vector = exitintinfo & SVM_EXITINTINFO_VEC_MASK; 3600 vector = exitintinfo & SVM_EXITINTINFO_VEC_MASK;
3102 type = exitintinfo & SVM_EXITINTINFO_TYPE_MASK; 3601 type = exitintinfo & SVM_EXITINTINFO_TYPE_MASK;
3103 3602
@@ -3134,6 +3633,17 @@ static void svm_complete_interrupts(struct vcpu_svm *svm)
3134 } 3633 }
3135} 3634}
3136 3635
3636static void svm_cancel_injection(struct kvm_vcpu *vcpu)
3637{
3638 struct vcpu_svm *svm = to_svm(vcpu);
3639 struct vmcb_control_area *control = &svm->vmcb->control;
3640
3641 control->exit_int_info = control->event_inj;
3642 control->exit_int_info_err = control->event_inj_err;
3643 control->event_inj = 0;
3644 svm_complete_interrupts(svm);
3645}
3646
3137#ifdef CONFIG_X86_64 3647#ifdef CONFIG_X86_64
3138#define R "r" 3648#define R "r"
3139#else 3649#else
@@ -3143,9 +3653,6 @@ static void svm_complete_interrupts(struct vcpu_svm *svm)
3143static void svm_vcpu_run(struct kvm_vcpu *vcpu) 3653static void svm_vcpu_run(struct kvm_vcpu *vcpu)
3144{ 3654{
3145 struct vcpu_svm *svm = to_svm(vcpu); 3655 struct vcpu_svm *svm = to_svm(vcpu);
3146 u16 fs_selector;
3147 u16 gs_selector;
3148 u16 ldt_selector;
3149 3656
3150 svm->vmcb->save.rax = vcpu->arch.regs[VCPU_REGS_RAX]; 3657 svm->vmcb->save.rax = vcpu->arch.regs[VCPU_REGS_RAX];
3151 svm->vmcb->save.rsp = vcpu->arch.regs[VCPU_REGS_RSP]; 3658 svm->vmcb->save.rsp = vcpu->arch.regs[VCPU_REGS_RSP];
@@ -3162,14 +3669,7 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
3162 3669
3163 sync_lapic_to_cr8(vcpu); 3670 sync_lapic_to_cr8(vcpu);
3164 3671
3165 save_host_msrs(vcpu);
3166 savesegment(fs, fs_selector);
3167 savesegment(gs, gs_selector);
3168 ldt_selector = kvm_read_ldt();
3169 svm->vmcb->save.cr2 = vcpu->arch.cr2; 3672 svm->vmcb->save.cr2 = vcpu->arch.cr2;
3170 /* required for live migration with NPT */
3171 if (npt_enabled)
3172 svm->vmcb->save.cr3 = vcpu->arch.cr3;
3173 3673
3174 clgi(); 3674 clgi();
3175 3675
@@ -3246,31 +3746,44 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
3246#endif 3746#endif
3247 ); 3747 );
3248 3748
3249 vcpu->arch.cr2 = svm->vmcb->save.cr2;
3250 vcpu->arch.regs[VCPU_REGS_RAX] = svm->vmcb->save.rax;
3251 vcpu->arch.regs[VCPU_REGS_RSP] = svm->vmcb->save.rsp;
3252 vcpu->arch.regs[VCPU_REGS_RIP] = svm->vmcb->save.rip;
3253
3254 load_host_msrs(vcpu);
3255 loadsegment(fs, fs_selector);
3256#ifdef CONFIG_X86_64 3749#ifdef CONFIG_X86_64
3257 load_gs_index(gs_selector); 3750 wrmsrl(MSR_GS_BASE, svm->host.gs_base);
3258 wrmsrl(MSR_KERNEL_GS_BASE, current->thread.gs);
3259#else 3751#else
3260 loadsegment(gs, gs_selector); 3752 loadsegment(fs, svm->host.fs);
3753#ifndef CONFIG_X86_32_LAZY_GS
3754 loadsegment(gs, svm->host.gs);
3755#endif
3261#endif 3756#endif
3262 kvm_load_ldt(ldt_selector);
3263 3757
3264 reload_tss(vcpu); 3758 reload_tss(vcpu);
3265 3759
3266 local_irq_disable(); 3760 local_irq_disable();
3267 3761
3762 vcpu->arch.cr2 = svm->vmcb->save.cr2;
3763 vcpu->arch.regs[VCPU_REGS_RAX] = svm->vmcb->save.rax;
3764 vcpu->arch.regs[VCPU_REGS_RSP] = svm->vmcb->save.rsp;
3765 vcpu->arch.regs[VCPU_REGS_RIP] = svm->vmcb->save.rip;
3766
3767 if (unlikely(svm->vmcb->control.exit_code == SVM_EXIT_NMI))
3768 kvm_before_handle_nmi(&svm->vcpu);
3769
3268 stgi(); 3770 stgi();
3269 3771
3772 /* Any pending NMI will happen here */
3773
3774 if (unlikely(svm->vmcb->control.exit_code == SVM_EXIT_NMI))
3775 kvm_after_handle_nmi(&svm->vcpu);
3776
3270 sync_cr8_to_lapic(vcpu); 3777 sync_cr8_to_lapic(vcpu);
3271 3778
3272 svm->next_rip = 0; 3779 svm->next_rip = 0;
3273 3780
3781 svm->vmcb->control.tlb_ctl = TLB_CONTROL_DO_NOTHING;
3782
3783 /* if exit due to PF check for async PF */
3784 if (svm->vmcb->control.exit_code == SVM_EXIT_EXCP_BASE + PF_VECTOR)
3785 svm->apf_reason = kvm_read_and_reset_pf_reason();
3786
3274 if (npt_enabled) { 3787 if (npt_enabled) {
3275 vcpu->arch.regs_avail &= ~(1 << VCPU_EXREG_PDPTR); 3788 vcpu->arch.regs_avail &= ~(1 << VCPU_EXREG_PDPTR);
3276 vcpu->arch.regs_dirty &= ~(1 << VCPU_EXREG_PDPTR); 3789 vcpu->arch.regs_dirty &= ~(1 << VCPU_EXREG_PDPTR);
@@ -3283,6 +3796,8 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu)
3283 if (unlikely(svm->vmcb->control.exit_code == 3796 if (unlikely(svm->vmcb->control.exit_code ==
3284 SVM_EXIT_EXCP_BASE + MC_VECTOR)) 3797 SVM_EXIT_EXCP_BASE + MC_VECTOR))
3285 svm_handle_mce(svm); 3798 svm_handle_mce(svm);
3799
3800 mark_all_clean(svm->vmcb);
3286} 3801}
3287 3802
3288#undef R 3803#undef R
@@ -3291,14 +3806,23 @@ static void svm_set_cr3(struct kvm_vcpu *vcpu, unsigned long root)
3291{ 3806{
3292 struct vcpu_svm *svm = to_svm(vcpu); 3807 struct vcpu_svm *svm = to_svm(vcpu);
3293 3808
3294 if (npt_enabled) {
3295 svm->vmcb->control.nested_cr3 = root;
3296 force_new_asid(vcpu);
3297 return;
3298 }
3299
3300 svm->vmcb->save.cr3 = root; 3809 svm->vmcb->save.cr3 = root;
3301 force_new_asid(vcpu); 3810 mark_dirty(svm->vmcb, VMCB_CR);
3811 svm_flush_tlb(vcpu);
3812}
3813
3814static void set_tdp_cr3(struct kvm_vcpu *vcpu, unsigned long root)
3815{
3816 struct vcpu_svm *svm = to_svm(vcpu);
3817
3818 svm->vmcb->control.nested_cr3 = root;
3819 mark_dirty(svm->vmcb, VMCB_NPT);
3820
3821 /* Also sync guest cr3 here in case we live migrate */
3822 svm->vmcb->save.cr3 = kvm_read_cr3(vcpu);
3823 mark_dirty(svm->vmcb, VMCB_CR);
3824
3825 svm_flush_tlb(vcpu);
3302} 3826}
3303 3827
3304static int is_disabled(void) 3828static int is_disabled(void)
@@ -3333,15 +3857,6 @@ static bool svm_cpu_has_accelerated_tpr(void)
3333 return false; 3857 return false;
3334} 3858}
3335 3859
3336static int get_npt_level(void)
3337{
3338#ifdef CONFIG_X86_64
3339 return PT64_ROOT_LEVEL;
3340#else
3341 return PT32E_ROOT_LEVEL;
3342#endif
3343}
3344
3345static u64 svm_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio) 3860static u64 svm_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio)
3346{ 3861{
3347 return 0; 3862 return 0;
@@ -3354,12 +3869,25 @@ static void svm_cpuid_update(struct kvm_vcpu *vcpu)
3354static void svm_set_supported_cpuid(u32 func, struct kvm_cpuid_entry2 *entry) 3869static void svm_set_supported_cpuid(u32 func, struct kvm_cpuid_entry2 *entry)
3355{ 3870{
3356 switch (func) { 3871 switch (func) {
3872 case 0x80000001:
3873 if (nested)
3874 entry->ecx |= (1 << 2); /* Set SVM bit */
3875 break;
3357 case 0x8000000A: 3876 case 0x8000000A:
3358 entry->eax = 1; /* SVM revision 1 */ 3877 entry->eax = 1; /* SVM revision 1 */
3359 entry->ebx = 8; /* Lets support 8 ASIDs in case we add proper 3878 entry->ebx = 8; /* Lets support 8 ASIDs in case we add proper
3360 ASID emulation to nested SVM */ 3879 ASID emulation to nested SVM */
3361 entry->ecx = 0; /* Reserved */ 3880 entry->ecx = 0; /* Reserved */
3362 entry->edx = 0; /* Do not support any additional features */ 3881 entry->edx = 0; /* Per default do not support any
3882 additional features */
3883
3884 /* Support next_rip if host supports it */
3885 if (boot_cpu_has(X86_FEATURE_NRIPS))
3886 entry->edx |= SVM_FEATURE_NRIP;
3887
3888 /* Support NPT for the guest if enabled */
3889 if (npt_enabled)
3890 entry->edx |= SVM_FEATURE_NPT;
3363 3891
3364 break; 3892 break;
3365 } 3893 }
@@ -3414,6 +3942,7 @@ static const struct trace_print_flags svm_exit_reasons_str[] = {
3414 { SVM_EXIT_WBINVD, "wbinvd" }, 3942 { SVM_EXIT_WBINVD, "wbinvd" },
3415 { SVM_EXIT_MONITOR, "monitor" }, 3943 { SVM_EXIT_MONITOR, "monitor" },
3416 { SVM_EXIT_MWAIT, "mwait" }, 3944 { SVM_EXIT_MWAIT, "mwait" },
3945 { SVM_EXIT_XSETBV, "xsetbv" },
3417 { SVM_EXIT_NPF, "npf" }, 3946 { SVM_EXIT_NPF, "npf" },
3418 { -1, NULL } 3947 { -1, NULL }
3419}; 3948};
@@ -3437,12 +3966,190 @@ static void svm_fpu_deactivate(struct kvm_vcpu *vcpu)
3437{ 3966{
3438 struct vcpu_svm *svm = to_svm(vcpu); 3967 struct vcpu_svm *svm = to_svm(vcpu);
3439 3968
3440 svm->vmcb->control.intercept_exceptions |= 1 << NM_VECTOR; 3969 set_exception_intercept(svm, NM_VECTOR);
3441 if (is_nested(svm))
3442 svm->nested.hsave->control.intercept_exceptions |= 1 << NM_VECTOR;
3443 update_cr0_intercept(svm); 3970 update_cr0_intercept(svm);
3444} 3971}
3445 3972
3973#define PRE_EX(exit) { .exit_code = (exit), \
3974 .stage = X86_ICPT_PRE_EXCEPT, }
3975#define POST_EX(exit) { .exit_code = (exit), \
3976 .stage = X86_ICPT_POST_EXCEPT, }
3977#define POST_MEM(exit) { .exit_code = (exit), \
3978 .stage = X86_ICPT_POST_MEMACCESS, }
3979
3980static struct __x86_intercept {
3981 u32 exit_code;
3982 enum x86_intercept_stage stage;
3983} x86_intercept_map[] = {
3984 [x86_intercept_cr_read] = POST_EX(SVM_EXIT_READ_CR0),
3985 [x86_intercept_cr_write] = POST_EX(SVM_EXIT_WRITE_CR0),
3986 [x86_intercept_clts] = POST_EX(SVM_EXIT_WRITE_CR0),
3987 [x86_intercept_lmsw] = POST_EX(SVM_EXIT_WRITE_CR0),
3988 [x86_intercept_smsw] = POST_EX(SVM_EXIT_READ_CR0),
3989 [x86_intercept_dr_read] = POST_EX(SVM_EXIT_READ_DR0),
3990 [x86_intercept_dr_write] = POST_EX(SVM_EXIT_WRITE_DR0),
3991 [x86_intercept_sldt] = POST_EX(SVM_EXIT_LDTR_READ),
3992 [x86_intercept_str] = POST_EX(SVM_EXIT_TR_READ),
3993 [x86_intercept_lldt] = POST_EX(SVM_EXIT_LDTR_WRITE),
3994 [x86_intercept_ltr] = POST_EX(SVM_EXIT_TR_WRITE),
3995 [x86_intercept_sgdt] = POST_EX(SVM_EXIT_GDTR_READ),
3996 [x86_intercept_sidt] = POST_EX(SVM_EXIT_IDTR_READ),
3997 [x86_intercept_lgdt] = POST_EX(SVM_EXIT_GDTR_WRITE),
3998 [x86_intercept_lidt] = POST_EX(SVM_EXIT_IDTR_WRITE),
3999 [x86_intercept_vmrun] = POST_EX(SVM_EXIT_VMRUN),
4000 [x86_intercept_vmmcall] = POST_EX(SVM_EXIT_VMMCALL),
4001 [x86_intercept_vmload] = POST_EX(SVM_EXIT_VMLOAD),
4002 [x86_intercept_vmsave] = POST_EX(SVM_EXIT_VMSAVE),
4003 [x86_intercept_stgi] = POST_EX(SVM_EXIT_STGI),
4004 [x86_intercept_clgi] = POST_EX(SVM_EXIT_CLGI),
4005 [x86_intercept_skinit] = POST_EX(SVM_EXIT_SKINIT),
4006 [x86_intercept_invlpga] = POST_EX(SVM_EXIT_INVLPGA),
4007 [x86_intercept_rdtscp] = POST_EX(SVM_EXIT_RDTSCP),
4008 [x86_intercept_monitor] = POST_MEM(SVM_EXIT_MONITOR),
4009 [x86_intercept_mwait] = POST_EX(SVM_EXIT_MWAIT),
4010 [x86_intercept_invlpg] = POST_EX(SVM_EXIT_INVLPG),
4011 [x86_intercept_invd] = POST_EX(SVM_EXIT_INVD),
4012 [x86_intercept_wbinvd] = POST_EX(SVM_EXIT_WBINVD),
4013 [x86_intercept_wrmsr] = POST_EX(SVM_EXIT_MSR),
4014 [x86_intercept_rdtsc] = POST_EX(SVM_EXIT_RDTSC),
4015 [x86_intercept_rdmsr] = POST_EX(SVM_EXIT_MSR),
4016 [x86_intercept_rdpmc] = POST_EX(SVM_EXIT_RDPMC),
4017 [x86_intercept_cpuid] = PRE_EX(SVM_EXIT_CPUID),
4018 [x86_intercept_rsm] = PRE_EX(SVM_EXIT_RSM),
4019 [x86_intercept_pause] = PRE_EX(SVM_EXIT_PAUSE),
4020 [x86_intercept_pushf] = PRE_EX(SVM_EXIT_PUSHF),
4021 [x86_intercept_popf] = PRE_EX(SVM_EXIT_POPF),
4022 [x86_intercept_intn] = PRE_EX(SVM_EXIT_SWINT),
4023 [x86_intercept_iret] = PRE_EX(SVM_EXIT_IRET),
4024 [x86_intercept_icebp] = PRE_EX(SVM_EXIT_ICEBP),
4025 [x86_intercept_hlt] = POST_EX(SVM_EXIT_HLT),
4026 [x86_intercept_in] = POST_EX(SVM_EXIT_IOIO),
4027 [x86_intercept_ins] = POST_EX(SVM_EXIT_IOIO),
4028 [x86_intercept_out] = POST_EX(SVM_EXIT_IOIO),
4029 [x86_intercept_outs] = POST_EX(SVM_EXIT_IOIO),
4030};
4031
4032#undef PRE_EX
4033#undef POST_EX
4034#undef POST_MEM
4035
4036static int svm_check_intercept(struct kvm_vcpu *vcpu,
4037 struct x86_instruction_info *info,
4038 enum x86_intercept_stage stage)
4039{
4040 struct vcpu_svm *svm = to_svm(vcpu);
4041 int vmexit, ret = X86EMUL_CONTINUE;
4042 struct __x86_intercept icpt_info;
4043 struct vmcb *vmcb = svm->vmcb;
4044
4045 if (info->intercept >= ARRAY_SIZE(x86_intercept_map))
4046 goto out;
4047
4048 icpt_info = x86_intercept_map[info->intercept];
4049
4050 if (stage != icpt_info.stage)
4051 goto out;
4052
4053 switch (icpt_info.exit_code) {
4054 case SVM_EXIT_READ_CR0:
4055 if (info->intercept == x86_intercept_cr_read)
4056 icpt_info.exit_code += info->modrm_reg;
4057 break;
4058 case SVM_EXIT_WRITE_CR0: {
4059 unsigned long cr0, val;
4060 u64 intercept;
4061
4062 if (info->intercept == x86_intercept_cr_write)
4063 icpt_info.exit_code += info->modrm_reg;
4064
4065 if (icpt_info.exit_code != SVM_EXIT_WRITE_CR0)
4066 break;
4067
4068 intercept = svm->nested.intercept;
4069
4070 if (!(intercept & (1ULL << INTERCEPT_SELECTIVE_CR0)))
4071 break;
4072
4073 cr0 = vcpu->arch.cr0 & ~SVM_CR0_SELECTIVE_MASK;
4074 val = info->src_val & ~SVM_CR0_SELECTIVE_MASK;
4075
4076 if (info->intercept == x86_intercept_lmsw) {
4077 cr0 &= 0xfUL;
4078 val &= 0xfUL;
4079 /* lmsw can't clear PE - catch this here */
4080 if (cr0 & X86_CR0_PE)
4081 val |= X86_CR0_PE;
4082 }
4083
4084 if (cr0 ^ val)
4085 icpt_info.exit_code = SVM_EXIT_CR0_SEL_WRITE;
4086
4087 break;
4088 }
4089 case SVM_EXIT_READ_DR0:
4090 case SVM_EXIT_WRITE_DR0:
4091 icpt_info.exit_code += info->modrm_reg;
4092 break;
4093 case SVM_EXIT_MSR:
4094 if (info->intercept == x86_intercept_wrmsr)
4095 vmcb->control.exit_info_1 = 1;
4096 else
4097 vmcb->control.exit_info_1 = 0;
4098 break;
4099 case SVM_EXIT_PAUSE:
4100 /*
4101 * We get this for NOP only, but pause
4102 * is rep not, check this here
4103 */
4104 if (info->rep_prefix != REPE_PREFIX)
4105 goto out;
4106 case SVM_EXIT_IOIO: {
4107 u64 exit_info;
4108 u32 bytes;
4109
4110 exit_info = (vcpu->arch.regs[VCPU_REGS_RDX] & 0xffff) << 16;
4111
4112 if (info->intercept == x86_intercept_in ||
4113 info->intercept == x86_intercept_ins) {
4114 exit_info |= SVM_IOIO_TYPE_MASK;
4115 bytes = info->src_bytes;
4116 } else {
4117 bytes = info->dst_bytes;
4118 }
4119
4120 if (info->intercept == x86_intercept_outs ||
4121 info->intercept == x86_intercept_ins)
4122 exit_info |= SVM_IOIO_STR_MASK;
4123
4124 if (info->rep_prefix)
4125 exit_info |= SVM_IOIO_REP_MASK;
4126
4127 bytes = min(bytes, 4u);
4128
4129 exit_info |= bytes << SVM_IOIO_SIZE_SHIFT;
4130
4131 exit_info |= (u32)info->ad_bytes << (SVM_IOIO_ASIZE_SHIFT - 1);
4132
4133 vmcb->control.exit_info_1 = exit_info;
4134 vmcb->control.exit_info_2 = info->next_rip;
4135
4136 break;
4137 }
4138 default:
4139 break;
4140 }
4141
4142 vmcb->control.next_rip = info->next_rip;
4143 vmcb->control.exit_code = icpt_info.exit_code;
4144 vmexit = nested_svm_exit_handled(svm);
4145
4146 ret = (vmexit == NESTED_EXIT_DONE) ? X86EMUL_INTERCEPTED
4147 : X86EMUL_CONTINUE;
4148
4149out:
4150 return ret;
4151}
4152
3446static struct kvm_x86_ops svm_x86_ops = { 4153static struct kvm_x86_ops svm_x86_ops = {
3447 .cpu_has_kvm_support = has_svm, 4154 .cpu_has_kvm_support = has_svm,
3448 .disabled_by_bios = is_disabled, 4155 .disabled_by_bios = is_disabled,
@@ -3470,6 +4177,7 @@ static struct kvm_x86_ops svm_x86_ops = {
3470 .get_cpl = svm_get_cpl, 4177 .get_cpl = svm_get_cpl,
3471 .get_cs_db_l_bits = kvm_get_cs_db_l_bits, 4178 .get_cs_db_l_bits = kvm_get_cs_db_l_bits,
3472 .decache_cr0_guest_bits = svm_decache_cr0_guest_bits, 4179 .decache_cr0_guest_bits = svm_decache_cr0_guest_bits,
4180 .decache_cr3 = svm_decache_cr3,
3473 .decache_cr4_guest_bits = svm_decache_cr4_guest_bits, 4181 .decache_cr4_guest_bits = svm_decache_cr4_guest_bits,
3474 .set_cr0 = svm_set_cr0, 4182 .set_cr0 = svm_set_cr0,
3475 .set_cr3 = svm_set_cr3, 4183 .set_cr3 = svm_set_cr3,
@@ -3497,6 +4205,7 @@ static struct kvm_x86_ops svm_x86_ops = {
3497 .set_irq = svm_set_irq, 4205 .set_irq = svm_set_irq,
3498 .set_nmi = svm_inject_nmi, 4206 .set_nmi = svm_inject_nmi,
3499 .queue_exception = svm_queue_exception, 4207 .queue_exception = svm_queue_exception,
4208 .cancel_injection = svm_cancel_injection,
3500 .interrupt_allowed = svm_interrupt_allowed, 4209 .interrupt_allowed = svm_interrupt_allowed,
3501 .nmi_allowed = svm_nmi_allowed, 4210 .nmi_allowed = svm_nmi_allowed,
3502 .get_nmi_mask = svm_get_nmi_mask, 4211 .get_nmi_mask = svm_get_nmi_mask,
@@ -3509,7 +4218,9 @@ static struct kvm_x86_ops svm_x86_ops = {
3509 .get_tdp_level = get_npt_level, 4218 .get_tdp_level = get_npt_level,
3510 .get_mt_mask = svm_get_mt_mask, 4219 .get_mt_mask = svm_get_mt_mask,
3511 4220
4221 .get_exit_info = svm_get_exit_info,
3512 .exit_reasons_str = svm_exit_reasons_str, 4222 .exit_reasons_str = svm_exit_reasons_str,
4223
3513 .get_lpage_level = svm_get_lpage_level, 4224 .get_lpage_level = svm_get_lpage_level,
3514 4225
3515 .cpuid_update = svm_cpuid_update, 4226 .cpuid_update = svm_cpuid_update,
@@ -3519,6 +4230,15 @@ static struct kvm_x86_ops svm_x86_ops = {
3519 .set_supported_cpuid = svm_set_supported_cpuid, 4230 .set_supported_cpuid = svm_set_supported_cpuid,
3520 4231
3521 .has_wbinvd_exit = svm_has_wbinvd_exit, 4232 .has_wbinvd_exit = svm_has_wbinvd_exit,
4233
4234 .set_tsc_khz = svm_set_tsc_khz,
4235 .write_tsc_offset = svm_write_tsc_offset,
4236 .adjust_tsc_offset = svm_adjust_tsc_offset,
4237 .compute_tsc_offset = svm_compute_tsc_offset,
4238
4239 .set_tdp_cr3 = set_tdp_cr3,
4240
4241 .check_intercept = svm_check_intercept,
3522}; 4242};
3523 4243
3524static int __init svm_init(void) 4244static int __init svm_init(void)
generated by cgit v1.2.2 (git 2.25.0) at 2025-03-14 19:37:16 -0400