hv: nested: implement the framework for VMX MSR emulation

Define LIST_OF_VMX_MSRS which includes a list of MSRs that are visible to L1 guests if nested virtualization is enabled. - If CONFIG_NVMX_ENABLED is set, these MSRs are included in emulated_guest_msrs[]. - otherwise, they are included in unsupported_msrs[]. In this way we can take advantage of the existing infrastructure to emulate these MSRs. Tracked-On: #5923 Spick igned-off-by: Zide Chen <zide.chen@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com>
2025-06-22 13:37:10 +00:00 · 2021-05-10 16:29:17 -07:00 · 2021-05-10 16:29:17 -07:00 · 4930992118
commit 4930992118
parent 97df220f49
5 changed files with 152 additions and 22 deletions
--- a/hypervisor/Makefile
+++ b/hypervisor/Makefile
@ -275,6 +275,9 @@ VP_BASE_C_SRCS += arch/x86/guest/ucode.c
 ifeq ($(CONFIG_HYPERV_ENABLED),y)
 VP_BASE_C_SRCS += arch/x86/guest/hyperv.c
 endif
+ifeq ($(CONFIG_NVMX_ENABLED),y)
+VP_BASE_C_SRCS += arch/x86/guest/nested.c
+endif
 VP_BASE_C_SRCS += boot/guest/vboot_info.c
 VP_BASE_C_SRCS += common/hv_main.c
 VP_BASE_C_SRCS += common/vm_load.c
--- a/hypervisor/arch/x86/guest/nested.c
+++ b/hypervisor/arch/x86/guest/nested.c
@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2021 Intel Corporation.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <types.h>
+#include <logmsg.h>
+#include <asm/guest/vcpu.h>
+#include <asm/guest/vm.h>
+#include <asm/guest/nested.h>
+
+/* The only purpose of this array is to serve the is_vmx_msr() function */
+static const uint32_t vmx_msrs[NUM_VMX_MSRS] = {
+	LIST_OF_VMX_MSRS
+};
+
+bool is_vmx_msr(uint32_t msr)
+{
+	bool found = false;
+	uint32_t i;
+
+	for (i = 0U; i < NUM_VMX_MSRS; i++) {
+		if (msr == vmx_msrs[i]) {
+			found = true;
+			break;
+		}
+	}
+
+	return found;
+}
+
+/*
+ * @pre vcpu != NULL
+ */
+void init_vmx_msrs(__unused struct acrn_vcpu *vcpu)
+{
+	/* implemented in next patch */
+}
+
+/*
+ * @pre vcpu != NULL
+ */
+int32_t read_vmx_msr(struct acrn_vcpu *vcpu, __unused uint32_t msr, uint64_t *val)
+{
+	uint64_t v = 0UL;
+	int32_t err = 0;
+
+	if (is_nvmx_configured(vcpu->vm)) {
+		/* implemented in next patch */
+	} else {
+		err = -EACCES;
+	}
+
+	*val = v;
+	return err;
+}
--- a/hypervisor/arch/x86/guest/vmsr.c
+++ b/hypervisor/arch/x86/guest/vmsr.c
@ -16,6 +16,7 @@
 #include <asm/sgx.h>
 #include <asm/guest/guest_pm.h>
 #include <asm/guest/ucode.h>
+#include <asm/guest/nested.h>
 #include <asm/cpufeatures.h>
 #include <asm/rdt.h>
 #include <trace.h>
@ -71,6 +72,11 @@ static const uint32_t emulated_guest_msrs[NUM_GUEST_MSRS] = {
 	MSR_IA32_IWKEY_BACKUP_STATUS,

 	MSR_TEST_CTL,
+
+	/* VMX: CPUID.01H.ECX[5] */
+#ifdef CONFIG_NVMX_ENABLED
+	LIST_OF_VMX_MSRS,
+#endif
 };

 #define NUM_MTRR_MSRS	13U
@ -91,7 +97,12 @@ static const uint32_t mtrr_msrs[NUM_MTRR_MSRS] = {
 };

 /* Following MSRs are intercepted, but it throws GPs for any guest accesses */
-#define NUM_UNSUPPORTED_MSRS	112U
+#define NUM_ALWAYS_UNSUPPORTED_MSRS	92U
+#ifndef CONFIG_NVMX_ENABLED
+#define NUM_UNSUPPORTED_MSRS	(NUM_ALWAYS_UNSUPPORTED_MSRS + NUM_VMX_MSRS)
+#else
+#define NUM_UNSUPPORTED_MSRS	NUM_ALWAYS_UNSUPPORTED_MSRS
+#endif
 static const uint32_t unsupported_msrs[NUM_UNSUPPORTED_MSRS] = {
 	/* Variable MTRRs are not supported */
 	MSR_IA32_MTRR_PHYSBASE_0,
@ -117,27 +128,10 @@ static const uint32_t unsupported_msrs[NUM_UNSUPPORTED_MSRS] = {
 	MSR_IA32_SMRR_PHYSBASE,
 	MSR_IA32_SMRR_PHYSMASK,

-	/* No level 2 VMX: CPUID.01H.ECX[5] */
-	MSR_IA32_SMBASE,
-	MSR_IA32_VMX_BASIC,
-	MSR_IA32_VMX_PINBASED_CTLS,
-	MSR_IA32_VMX_PROCBASED_CTLS,
-	MSR_IA32_VMX_EXIT_CTLS,
-	MSR_IA32_VMX_ENTRY_CTLS,
-	MSR_IA32_VMX_MISC,
-	MSR_IA32_VMX_CR0_FIXED0,
-	MSR_IA32_VMX_CR0_FIXED1,
-	MSR_IA32_VMX_CR4_FIXED0,
-	MSR_IA32_VMX_CR4_FIXED1,
-	MSR_IA32_VMX_VMCS_ENUM,
-	MSR_IA32_VMX_PROCBASED_CTLS2,
-	MSR_IA32_VMX_EPT_VPID_CAP,
-	MSR_IA32_VMX_TRUE_PINBASED_CTLS,
-	MSR_IA32_VMX_TRUE_PROCBASED_CTLS,
-	MSR_IA32_VMX_TRUE_EXIT_CTLS,
-	MSR_IA32_VMX_TRUE_ENTRY_CTLS,
-	MSR_IA32_VMX_VMFUNC,
-	MSR_IA32_VMX_PROCBASED_CTLS3,
+	/* VMX: CPUID.01H.ECX[5] */
+#ifndef CONFIG_NVMX_ENABLED
+	LIST_OF_VMX_MSRS,
+#endif

 	/* MPX disabled: CPUID.07H.EBX[14] */
 	MSR_IA32_BNDCFGS,
@ -404,6 +398,9 @@ void init_msr_emulation(struct acrn_vcpu *vcpu)

 	/* Setup initial value for emulated MSRs */
 	init_emulated_msrs(vcpu);
+
+	/* Initialize VMX MSRs for nested virtualization */
+	init_vmx_msrs(vcpu);
 }

 static int32_t write_pat_msr(struct acrn_vcpu *vcpu, uint64_t value)
@ -602,6 +599,13 @@ int32_t rdmsr_vmexit_handler(struct acrn_vcpu *vcpu)
 	{
 		if (is_x2apic_msr(msr)) {
 			err = vlapic_x2apic_read(vcpu, msr, &v);
+		} else if (is_vmx_msr(msr)) {
+			/*
+			 * TODO: after the switch statement in this function, there is another
+			 * switch statement inside read_vmx_msr(). Is it possible to reduce it
+			 * to just one switch to improvement  performance?
+			 */
+			err = read_vmx_msr(vcpu, msr, &v);
 		} else {
 			pr_warn("%s(): vm%d vcpu%d reading MSR %lx not supported",
 				__func__, vcpu->vm->vm_id, vcpu->vcpu_id, msr);
--- a/hypervisor/include/arch/x86/asm/guest/nested.h
+++ b/hypervisor/include/arch/x86/asm/guest/nested.h
@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2021 Intel Corporation.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef NESTED_H
+#define NESTED_H
+
+#include <lib/errno.h>
+
+/*
+ * Following MSRs are supported if nested virtualization is enabled
+ * - If CONFIG_NVMX_ENABLED is set, these MSRs are included in emulated_guest_msrs[]
+ * - otherwise, they are included in unsupported_msrs[]
+ */
+#define NUM_VMX_MSRS	20U
+#define LIST_OF_VMX_MSRS	\
+	MSR_IA32_SMBASE,	\
+	MSR_IA32_VMX_BASIC,			\
+	MSR_IA32_VMX_PINBASED_CTLS,		\
+	MSR_IA32_VMX_PROCBASED_CTLS,		\
+	MSR_IA32_VMX_EXIT_CTLS,			\
+	MSR_IA32_VMX_ENTRY_CTLS,		\
+	MSR_IA32_VMX_MISC,			\
+	MSR_IA32_VMX_CR0_FIXED0,		\
+	MSR_IA32_VMX_CR0_FIXED1,		\
+	MSR_IA32_VMX_CR4_FIXED0,		\
+	MSR_IA32_VMX_CR4_FIXED1,		\
+	MSR_IA32_VMX_VMCS_ENUM,			\
+	MSR_IA32_VMX_PROCBASED_CTLS2,		\
+	MSR_IA32_VMX_EPT_VPID_CAP,		\
+	MSR_IA32_VMX_TRUE_PINBASED_CTLS,	\
+	MSR_IA32_VMX_TRUE_PROCBASED_CTLS,	\
+	MSR_IA32_VMX_TRUE_EXIT_CTLS,		\
+	MSR_IA32_VMX_TRUE_ENTRY_CTLS,		\
+	MSR_IA32_VMX_VMFUNC,			\
+	MSR_IA32_VMX_PROCBASED_CTLS3
+
+#ifdef CONFIG_NVMX_ENABLED
+bool is_vmx_msr(uint32_t msr);
+void init_vmx_msrs(struct acrn_vcpu *vcpu);
+int32_t read_vmx_msr(__unused struct acrn_vcpu *vcpu, uint32_t msr, uint64_t *val);
+#else
+static inline bool is_vmx_msr(__unused uint32_t msr)
+{
+	/*
+	 * if nested virtualization is disabled, return false so that
+	 * it can be treated as unsupported MSR.
+	 */
+	return false;
+}
+
+static inline void init_vmx_msrs(__unused struct acrn_vcpu *vcpu) {}
+
+static inline int32_t read_vmx_msr(__unused struct acrn_vcpu *vcpu,
+	__unused uint32_t msr, __unused uint64_t *val)
+{
+	return -EACCES;
+}
+#endif /* CONFIG_NVMX_ENABLED */
+#endif /* NESTED_H */
--- a/hypervisor/include/arch/x86/asm/guest/vcpu.h
+++ b/hypervisor/include/arch/x86/asm/guest/vcpu.h
@ -27,6 +27,7 @@
 #include <asm/msr.h>
 #include <asm/cpu.h>
 #include <asm/guest/instr_emul.h>
+#include <asm/guest/nested.h>
 #include <asm/vmx.h>

 /**
@ -172,7 +173,11 @@ enum reset_mode;

 #define NUM_WORLD_MSRS		2U
 #define NUM_COMMON_MSRS		22U
+#ifdef CONFIG_NVMX_ENABLED
+#define NUM_GUEST_MSRS		(NUM_WORLD_MSRS + NUM_COMMON_MSRS + NUM_VMX_MSRS)
+#else
 #define NUM_GUEST_MSRS		(NUM_WORLD_MSRS + NUM_COMMON_MSRS)
+#endif

 #define EOI_EXIT_BITMAP_SIZE	256U