1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __KVM_X86_VMX_CAPS_H 3 #define __KVM_X86_VMX_CAPS_H 4 5 #include <asm/vmx.h> 6 7 #include "../lapic.h" 8 #include "../x86.h" 9 #include "../pmu.h" 10 #include "../cpuid.h" 11 12 extern bool __read_mostly enable_vpid; 13 extern bool __read_mostly flexpriority_enabled; 14 extern bool __read_mostly enable_ept; 15 extern bool __read_mostly enable_unrestricted_guest; 16 extern bool __read_mostly enable_ept_ad_bits; 17 extern bool __read_mostly enable_pml; 18 extern bool __read_mostly enable_ipiv; 19 extern int __read_mostly pt_mode; 20 21 #define PT_MODE_SYSTEM 0 22 #define PT_MODE_HOST_GUEST 1 23 24 #define PMU_CAP_FW_WRITES (1ULL << 13) 25 #define PMU_CAP_LBR_FMT 0x3f 26 27 #define DEBUGCTLMSR_LBR_MASK (DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI) 28 29 struct nested_vmx_msrs { 30 /* 31 * We only store the "true" versions of the VMX capability MSRs. We 32 * generate the "non-true" versions by setting the must-be-1 bits 33 * according to the SDM. 34 */ 35 u32 procbased_ctls_low; 36 u32 procbased_ctls_high; 37 u32 secondary_ctls_low; 38 u32 secondary_ctls_high; 39 u32 pinbased_ctls_low; 40 u32 pinbased_ctls_high; 41 u32 exit_ctls_low; 42 u32 exit_ctls_high; 43 u32 entry_ctls_low; 44 u32 entry_ctls_high; 45 u32 misc_low; 46 u32 misc_high; 47 u32 ept_caps; 48 u32 vpid_caps; 49 u64 basic; 50 u64 cr0_fixed0; 51 u64 cr0_fixed1; 52 u64 cr4_fixed0; 53 u64 cr4_fixed1; 54 u64 vmcs_enum; 55 u64 vmfunc_controls; 56 }; 57 58 struct vmcs_config { 59 int size; 60 u32 basic_cap; 61 u32 revision_id; 62 u32 pin_based_exec_ctrl; 63 u32 cpu_based_exec_ctrl; 64 u32 cpu_based_2nd_exec_ctrl; 65 u64 cpu_based_3rd_exec_ctrl; 66 u32 vmexit_ctrl; 67 u32 vmentry_ctrl; 68 u64 misc; 69 struct nested_vmx_msrs nested; 70 }; 71 extern struct vmcs_config vmcs_config; 72 73 struct vmx_capability { 74 u32 ept; 75 u32 vpid; 76 }; 77 extern struct vmx_capability vmx_capability; 78 79 static inline bool cpu_has_vmx_basic_inout(void) 80 { 81 return (((u64)vmcs_config.basic_cap << 32) & VMX_BASIC_INOUT); 82 } 83 84 static inline bool cpu_has_virtual_nmis(void) 85 { 86 return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS && 87 vmcs_config.cpu_based_exec_ctrl & CPU_BASED_NMI_WINDOW_EXITING; 88 } 89 90 static inline bool cpu_has_vmx_preemption_timer(void) 91 { 92 return vmcs_config.pin_based_exec_ctrl & 93 PIN_BASED_VMX_PREEMPTION_TIMER; 94 } 95 96 static inline bool cpu_has_vmx_posted_intr(void) 97 { 98 return vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR; 99 } 100 101 static inline bool cpu_has_load_ia32_efer(void) 102 { 103 return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_EFER; 104 } 105 106 static inline bool cpu_has_load_perf_global_ctrl(void) 107 { 108 return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; 109 } 110 111 static inline bool cpu_has_vmx_mpx(void) 112 { 113 return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_BNDCFGS; 114 } 115 116 static inline bool cpu_has_vmx_tpr_shadow(void) 117 { 118 return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW; 119 } 120 121 static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu) 122 { 123 return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu); 124 } 125 126 static inline bool cpu_has_vmx_msr_bitmap(void) 127 { 128 return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS; 129 } 130 131 static inline bool cpu_has_secondary_exec_ctrls(void) 132 { 133 return vmcs_config.cpu_based_exec_ctrl & 134 CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; 135 } 136 137 static inline bool cpu_has_tertiary_exec_ctrls(void) 138 { 139 return vmcs_config.cpu_based_exec_ctrl & 140 CPU_BASED_ACTIVATE_TERTIARY_CONTROLS; 141 } 142 143 static inline bool cpu_has_vmx_virtualize_apic_accesses(void) 144 { 145 return vmcs_config.cpu_based_2nd_exec_ctrl & 146 SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; 147 } 148 149 static inline bool cpu_has_vmx_ept(void) 150 { 151 return vmcs_config.cpu_based_2nd_exec_ctrl & 152 SECONDARY_EXEC_ENABLE_EPT; 153 } 154 155 static inline bool vmx_umip_emulated(void) 156 { 157 return vmcs_config.cpu_based_2nd_exec_ctrl & 158 SECONDARY_EXEC_DESC; 159 } 160 161 static inline bool cpu_has_vmx_rdtscp(void) 162 { 163 return vmcs_config.cpu_based_2nd_exec_ctrl & 164 SECONDARY_EXEC_ENABLE_RDTSCP; 165 } 166 167 static inline bool cpu_has_vmx_virtualize_x2apic_mode(void) 168 { 169 return vmcs_config.cpu_based_2nd_exec_ctrl & 170 SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; 171 } 172 173 static inline bool cpu_has_vmx_vpid(void) 174 { 175 return vmcs_config.cpu_based_2nd_exec_ctrl & 176 SECONDARY_EXEC_ENABLE_VPID; 177 } 178 179 static inline bool cpu_has_vmx_wbinvd_exit(void) 180 { 181 return vmcs_config.cpu_based_2nd_exec_ctrl & 182 SECONDARY_EXEC_WBINVD_EXITING; 183 } 184 185 static inline bool cpu_has_vmx_unrestricted_guest(void) 186 { 187 return vmcs_config.cpu_based_2nd_exec_ctrl & 188 SECONDARY_EXEC_UNRESTRICTED_GUEST; 189 } 190 191 static inline bool cpu_has_vmx_apic_register_virt(void) 192 { 193 return vmcs_config.cpu_based_2nd_exec_ctrl & 194 SECONDARY_EXEC_APIC_REGISTER_VIRT; 195 } 196 197 static inline bool cpu_has_vmx_virtual_intr_delivery(void) 198 { 199 return vmcs_config.cpu_based_2nd_exec_ctrl & 200 SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; 201 } 202 203 static inline bool cpu_has_vmx_ple(void) 204 { 205 return vmcs_config.cpu_based_2nd_exec_ctrl & 206 SECONDARY_EXEC_PAUSE_LOOP_EXITING; 207 } 208 209 static inline bool cpu_has_vmx_rdrand(void) 210 { 211 return vmcs_config.cpu_based_2nd_exec_ctrl & 212 SECONDARY_EXEC_RDRAND_EXITING; 213 } 214 215 static inline bool cpu_has_vmx_invpcid(void) 216 { 217 return vmcs_config.cpu_based_2nd_exec_ctrl & 218 SECONDARY_EXEC_ENABLE_INVPCID; 219 } 220 221 static inline bool cpu_has_vmx_vmfunc(void) 222 { 223 return vmcs_config.cpu_based_2nd_exec_ctrl & 224 SECONDARY_EXEC_ENABLE_VMFUNC; 225 } 226 227 static inline bool cpu_has_vmx_shadow_vmcs(void) 228 { 229 /* check if the cpu supports writing r/o exit information fields */ 230 if (!(vmcs_config.misc & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS)) 231 return false; 232 233 return vmcs_config.cpu_based_2nd_exec_ctrl & 234 SECONDARY_EXEC_SHADOW_VMCS; 235 } 236 237 static inline bool cpu_has_vmx_encls_vmexit(void) 238 { 239 return vmcs_config.cpu_based_2nd_exec_ctrl & 240 SECONDARY_EXEC_ENCLS_EXITING; 241 } 242 243 static inline bool cpu_has_vmx_rdseed(void) 244 { 245 return vmcs_config.cpu_based_2nd_exec_ctrl & 246 SECONDARY_EXEC_RDSEED_EXITING; 247 } 248 249 static inline bool cpu_has_vmx_pml(void) 250 { 251 return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML; 252 } 253 254 static inline bool cpu_has_vmx_xsaves(void) 255 { 256 return vmcs_config.cpu_based_2nd_exec_ctrl & 257 SECONDARY_EXEC_XSAVES; 258 } 259 260 static inline bool cpu_has_vmx_waitpkg(void) 261 { 262 return vmcs_config.cpu_based_2nd_exec_ctrl & 263 SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE; 264 } 265 266 static inline bool cpu_has_vmx_tsc_scaling(void) 267 { 268 return vmcs_config.cpu_based_2nd_exec_ctrl & 269 SECONDARY_EXEC_TSC_SCALING; 270 } 271 272 static inline bool cpu_has_vmx_bus_lock_detection(void) 273 { 274 return vmcs_config.cpu_based_2nd_exec_ctrl & 275 SECONDARY_EXEC_BUS_LOCK_DETECTION; 276 } 277 278 static inline bool cpu_has_vmx_apicv(void) 279 { 280 return cpu_has_vmx_apic_register_virt() && 281 cpu_has_vmx_virtual_intr_delivery() && 282 cpu_has_vmx_posted_intr(); 283 } 284 285 static inline bool cpu_has_vmx_ipiv(void) 286 { 287 return vmcs_config.cpu_based_3rd_exec_ctrl & TERTIARY_EXEC_IPI_VIRT; 288 } 289 290 static inline bool cpu_has_vmx_flexpriority(void) 291 { 292 return cpu_has_vmx_tpr_shadow() && 293 cpu_has_vmx_virtualize_apic_accesses(); 294 } 295 296 static inline bool cpu_has_vmx_ept_execute_only(void) 297 { 298 return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT; 299 } 300 301 static inline bool cpu_has_vmx_ept_4levels(void) 302 { 303 return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT; 304 } 305 306 static inline bool cpu_has_vmx_ept_5levels(void) 307 { 308 return vmx_capability.ept & VMX_EPT_PAGE_WALK_5_BIT; 309 } 310 311 static inline bool cpu_has_vmx_ept_mt_wb(void) 312 { 313 return vmx_capability.ept & VMX_EPTP_WB_BIT; 314 } 315 316 static inline bool cpu_has_vmx_ept_2m_page(void) 317 { 318 return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT; 319 } 320 321 static inline bool cpu_has_vmx_ept_1g_page(void) 322 { 323 return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT; 324 } 325 326 static inline int ept_caps_to_lpage_level(u32 ept_caps) 327 { 328 if (ept_caps & VMX_EPT_1GB_PAGE_BIT) 329 return PG_LEVEL_1G; 330 if (ept_caps & VMX_EPT_2MB_PAGE_BIT) 331 return PG_LEVEL_2M; 332 return PG_LEVEL_4K; 333 } 334 335 static inline bool cpu_has_vmx_ept_ad_bits(void) 336 { 337 return vmx_capability.ept & VMX_EPT_AD_BIT; 338 } 339 340 static inline bool cpu_has_vmx_invept_context(void) 341 { 342 return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT; 343 } 344 345 static inline bool cpu_has_vmx_invept_global(void) 346 { 347 return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT; 348 } 349 350 static inline bool cpu_has_vmx_invvpid(void) 351 { 352 return vmx_capability.vpid & VMX_VPID_INVVPID_BIT; 353 } 354 355 static inline bool cpu_has_vmx_invvpid_individual_addr(void) 356 { 357 return vmx_capability.vpid & VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT; 358 } 359 360 static inline bool cpu_has_vmx_invvpid_single(void) 361 { 362 return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT; 363 } 364 365 static inline bool cpu_has_vmx_invvpid_global(void) 366 { 367 return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT; 368 } 369 370 static inline bool cpu_has_vmx_intel_pt(void) 371 { 372 return (vmcs_config.misc & MSR_IA32_VMX_MISC_INTEL_PT) && 373 (vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) && 374 (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL); 375 } 376 377 /* 378 * Processor Trace can operate in one of three modes: 379 * a. system-wide: trace both host/guest and output to host buffer 380 * b. host-only: only trace host and output to host buffer 381 * c. host-guest: trace host and guest simultaneously and output to their 382 * respective buffer 383 * 384 * KVM currently only supports (a) and (c). 385 */ 386 static inline bool vmx_pt_mode_is_system(void) 387 { 388 return pt_mode == PT_MODE_SYSTEM; 389 } 390 static inline bool vmx_pt_mode_is_host_guest(void) 391 { 392 return pt_mode == PT_MODE_HOST_GUEST; 393 } 394 395 static inline bool vmx_pebs_supported(void) 396 { 397 return boot_cpu_has(X86_FEATURE_PEBS) && kvm_pmu_cap.pebs_ept; 398 } 399 400 static inline u64 vmx_get_perf_capabilities(void) 401 { 402 u64 perf_cap = PMU_CAP_FW_WRITES; 403 u64 host_perf_cap = 0; 404 405 if (!enable_pmu) 406 return 0; 407 408 if (boot_cpu_has(X86_FEATURE_PDCM)) 409 rdmsrl(MSR_IA32_PERF_CAPABILITIES, host_perf_cap); 410 411 perf_cap |= host_perf_cap & PMU_CAP_LBR_FMT; 412 413 if (vmx_pebs_supported()) { 414 perf_cap |= host_perf_cap & PERF_CAP_PEBS_MASK; 415 if ((perf_cap & PERF_CAP_PEBS_FORMAT) < 4) 416 perf_cap &= ~PERF_CAP_PEBS_BASELINE; 417 } 418 419 return perf_cap; 420 } 421 422 static inline u64 vmx_supported_debugctl(void) 423 { 424 u64 debugctl = 0; 425 426 if (boot_cpu_has(X86_FEATURE_BUS_LOCK_DETECT)) 427 debugctl |= DEBUGCTLMSR_BUS_LOCK_DETECT; 428 429 if (vmx_get_perf_capabilities() & PMU_CAP_LBR_FMT) 430 debugctl |= DEBUGCTLMSR_LBR_MASK; 431 432 return debugctl; 433 } 434 435 static inline bool cpu_has_notify_vmexit(void) 436 { 437 return vmcs_config.cpu_based_2nd_exec_ctrl & 438 SECONDARY_EXEC_NOTIFY_VM_EXITING; 439 } 440 441 #endif /* __KVM_X86_VMX_CAPS_H */ 442