xref: /openbmc/linux/arch/x86/kvm/vmx/capabilities.h (revision 710b797c)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef __KVM_X86_VMX_CAPS_H
3 #define __KVM_X86_VMX_CAPS_H
4 
5 #include <asm/vmx.h>
6 
7 #include "lapic.h"
8 
9 extern bool __read_mostly enable_vpid;
10 extern bool __read_mostly flexpriority_enabled;
11 extern bool __read_mostly enable_ept;
12 extern bool __read_mostly enable_unrestricted_guest;
13 extern bool __read_mostly enable_ept_ad_bits;
14 extern bool __read_mostly enable_pml;
15 extern bool __read_mostly enable_apicv;
16 extern int __read_mostly pt_mode;
17 
18 #define PT_MODE_SYSTEM		0
19 #define PT_MODE_HOST_GUEST	1
20 
21 #define PMU_CAP_FW_WRITES	(1ULL << 13)
22 #define PMU_CAP_LBR_FMT		0x3f
23 
24 #define DEBUGCTLMSR_LBR_MASK		(DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI)
25 
26 struct nested_vmx_msrs {
27 	/*
28 	 * We only store the "true" versions of the VMX capability MSRs. We
29 	 * generate the "non-true" versions by setting the must-be-1 bits
30 	 * according to the SDM.
31 	 */
32 	u32 procbased_ctls_low;
33 	u32 procbased_ctls_high;
34 	u32 secondary_ctls_low;
35 	u32 secondary_ctls_high;
36 	u32 pinbased_ctls_low;
37 	u32 pinbased_ctls_high;
38 	u32 exit_ctls_low;
39 	u32 exit_ctls_high;
40 	u32 entry_ctls_low;
41 	u32 entry_ctls_high;
42 	u32 misc_low;
43 	u32 misc_high;
44 	u32 ept_caps;
45 	u32 vpid_caps;
46 	u64 basic;
47 	u64 cr0_fixed0;
48 	u64 cr0_fixed1;
49 	u64 cr4_fixed0;
50 	u64 cr4_fixed1;
51 	u64 vmcs_enum;
52 	u64 vmfunc_controls;
53 };
54 
55 struct vmcs_config {
56 	int size;
57 	int order;
58 	u32 basic_cap;
59 	u32 revision_id;
60 	u32 pin_based_exec_ctrl;
61 	u32 cpu_based_exec_ctrl;
62 	u32 cpu_based_2nd_exec_ctrl;
63 	u32 vmexit_ctrl;
64 	u32 vmentry_ctrl;
65 	struct nested_vmx_msrs nested;
66 };
67 extern struct vmcs_config vmcs_config;
68 
69 struct vmx_capability {
70 	u32 ept;
71 	u32 vpid;
72 };
73 extern struct vmx_capability vmx_capability;
74 
75 static inline bool cpu_has_vmx_basic_inout(void)
76 {
77 	return	(((u64)vmcs_config.basic_cap << 32) & VMX_BASIC_INOUT);
78 }
79 
80 static inline bool cpu_has_virtual_nmis(void)
81 {
82 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS;
83 }
84 
85 static inline bool cpu_has_vmx_preemption_timer(void)
86 {
87 	return vmcs_config.pin_based_exec_ctrl &
88 		PIN_BASED_VMX_PREEMPTION_TIMER;
89 }
90 
91 static inline bool cpu_has_vmx_posted_intr(void)
92 {
93 	return IS_ENABLED(CONFIG_X86_LOCAL_APIC) &&
94 		vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR;
95 }
96 
97 static inline bool cpu_has_load_ia32_efer(void)
98 {
99 	return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_EFER) &&
100 	       (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_EFER);
101 }
102 
103 static inline bool cpu_has_load_perf_global_ctrl(void)
104 {
105 	return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL) &&
106 	       (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL);
107 }
108 
109 static inline bool cpu_has_vmx_mpx(void)
110 {
111 	return (vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_BNDCFGS) &&
112 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_BNDCFGS);
113 }
114 
115 static inline bool cpu_has_vmx_tpr_shadow(void)
116 {
117 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW;
118 }
119 
120 static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu)
121 {
122 	return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu);
123 }
124 
125 static inline bool cpu_has_vmx_msr_bitmap(void)
126 {
127 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS;
128 }
129 
130 static inline bool cpu_has_secondary_exec_ctrls(void)
131 {
132 	return vmcs_config.cpu_based_exec_ctrl &
133 		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
134 }
135 
136 static inline bool cpu_has_vmx_virtualize_apic_accesses(void)
137 {
138 	return vmcs_config.cpu_based_2nd_exec_ctrl &
139 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
140 }
141 
142 static inline bool cpu_has_vmx_ept(void)
143 {
144 	return vmcs_config.cpu_based_2nd_exec_ctrl &
145 		SECONDARY_EXEC_ENABLE_EPT;
146 }
147 
148 static inline bool vmx_umip_emulated(void)
149 {
150 	return vmcs_config.cpu_based_2nd_exec_ctrl &
151 		SECONDARY_EXEC_DESC;
152 }
153 
154 static inline bool cpu_has_vmx_rdtscp(void)
155 {
156 	return vmcs_config.cpu_based_2nd_exec_ctrl &
157 		SECONDARY_EXEC_ENABLE_RDTSCP;
158 }
159 
160 static inline bool cpu_has_vmx_virtualize_x2apic_mode(void)
161 {
162 	return vmcs_config.cpu_based_2nd_exec_ctrl &
163 		SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE;
164 }
165 
166 static inline bool cpu_has_vmx_vpid(void)
167 {
168 	return vmcs_config.cpu_based_2nd_exec_ctrl &
169 		SECONDARY_EXEC_ENABLE_VPID;
170 }
171 
172 static inline bool cpu_has_vmx_wbinvd_exit(void)
173 {
174 	return vmcs_config.cpu_based_2nd_exec_ctrl &
175 		SECONDARY_EXEC_WBINVD_EXITING;
176 }
177 
178 static inline bool cpu_has_vmx_unrestricted_guest(void)
179 {
180 	return vmcs_config.cpu_based_2nd_exec_ctrl &
181 		SECONDARY_EXEC_UNRESTRICTED_GUEST;
182 }
183 
184 static inline bool cpu_has_vmx_apic_register_virt(void)
185 {
186 	return vmcs_config.cpu_based_2nd_exec_ctrl &
187 		SECONDARY_EXEC_APIC_REGISTER_VIRT;
188 }
189 
190 static inline bool cpu_has_vmx_virtual_intr_delivery(void)
191 {
192 	return vmcs_config.cpu_based_2nd_exec_ctrl &
193 		SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
194 }
195 
196 static inline bool cpu_has_vmx_ple(void)
197 {
198 	return vmcs_config.cpu_based_2nd_exec_ctrl &
199 		SECONDARY_EXEC_PAUSE_LOOP_EXITING;
200 }
201 
202 static inline bool cpu_has_vmx_rdrand(void)
203 {
204 	return vmcs_config.cpu_based_2nd_exec_ctrl &
205 		SECONDARY_EXEC_RDRAND_EXITING;
206 }
207 
208 static inline bool cpu_has_vmx_invpcid(void)
209 {
210 	return vmcs_config.cpu_based_2nd_exec_ctrl &
211 		SECONDARY_EXEC_ENABLE_INVPCID;
212 }
213 
214 static inline bool cpu_has_vmx_vmfunc(void)
215 {
216 	return vmcs_config.cpu_based_2nd_exec_ctrl &
217 		SECONDARY_EXEC_ENABLE_VMFUNC;
218 }
219 
220 static inline bool cpu_has_vmx_shadow_vmcs(void)
221 {
222 	u64 vmx_msr;
223 
224 	/* check if the cpu supports writing r/o exit information fields */
225 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
226 	if (!(vmx_msr & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS))
227 		return false;
228 
229 	return vmcs_config.cpu_based_2nd_exec_ctrl &
230 		SECONDARY_EXEC_SHADOW_VMCS;
231 }
232 
233 static inline bool cpu_has_vmx_encls_vmexit(void)
234 {
235 	return vmcs_config.cpu_based_2nd_exec_ctrl &
236 		SECONDARY_EXEC_ENCLS_EXITING;
237 }
238 
239 static inline bool cpu_has_vmx_rdseed(void)
240 {
241 	return vmcs_config.cpu_based_2nd_exec_ctrl &
242 		SECONDARY_EXEC_RDSEED_EXITING;
243 }
244 
245 static inline bool cpu_has_vmx_pml(void)
246 {
247 	return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML;
248 }
249 
250 static inline bool cpu_has_vmx_xsaves(void)
251 {
252 	return vmcs_config.cpu_based_2nd_exec_ctrl &
253 		SECONDARY_EXEC_XSAVES;
254 }
255 
256 static inline bool cpu_has_vmx_waitpkg(void)
257 {
258 	return vmcs_config.cpu_based_2nd_exec_ctrl &
259 		SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE;
260 }
261 
262 static inline bool cpu_has_vmx_tsc_scaling(void)
263 {
264 	return vmcs_config.cpu_based_2nd_exec_ctrl &
265 		SECONDARY_EXEC_TSC_SCALING;
266 }
267 
268 static inline bool cpu_has_vmx_bus_lock_detection(void)
269 {
270 	return vmcs_config.cpu_based_2nd_exec_ctrl &
271 	    SECONDARY_EXEC_BUS_LOCK_DETECTION;
272 }
273 
274 static inline bool cpu_has_vmx_apicv(void)
275 {
276 	return cpu_has_vmx_apic_register_virt() &&
277 		cpu_has_vmx_virtual_intr_delivery() &&
278 		cpu_has_vmx_posted_intr();
279 }
280 
281 static inline bool cpu_has_vmx_flexpriority(void)
282 {
283 	return cpu_has_vmx_tpr_shadow() &&
284 		cpu_has_vmx_virtualize_apic_accesses();
285 }
286 
287 static inline bool cpu_has_vmx_ept_execute_only(void)
288 {
289 	return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT;
290 }
291 
292 static inline bool cpu_has_vmx_ept_4levels(void)
293 {
294 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT;
295 }
296 
297 static inline bool cpu_has_vmx_ept_5levels(void)
298 {
299 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_5_BIT;
300 }
301 
302 static inline bool cpu_has_vmx_ept_mt_wb(void)
303 {
304 	return vmx_capability.ept & VMX_EPTP_WB_BIT;
305 }
306 
307 static inline bool cpu_has_vmx_ept_2m_page(void)
308 {
309 	return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT;
310 }
311 
312 static inline bool cpu_has_vmx_ept_1g_page(void)
313 {
314 	return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT;
315 }
316 
317 static inline bool cpu_has_vmx_ept_ad_bits(void)
318 {
319 	return vmx_capability.ept & VMX_EPT_AD_BIT;
320 }
321 
322 static inline bool cpu_has_vmx_invept_context(void)
323 {
324 	return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT;
325 }
326 
327 static inline bool cpu_has_vmx_invept_global(void)
328 {
329 	return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT;
330 }
331 
332 static inline bool cpu_has_vmx_invvpid(void)
333 {
334 	return vmx_capability.vpid & VMX_VPID_INVVPID_BIT;
335 }
336 
337 static inline bool cpu_has_vmx_invvpid_individual_addr(void)
338 {
339 	return vmx_capability.vpid & VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT;
340 }
341 
342 static inline bool cpu_has_vmx_invvpid_single(void)
343 {
344 	return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT;
345 }
346 
347 static inline bool cpu_has_vmx_invvpid_global(void)
348 {
349 	return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT;
350 }
351 
352 static inline bool cpu_has_vmx_intel_pt(void)
353 {
354 	u64 vmx_msr;
355 
356 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
357 	return (vmx_msr & MSR_IA32_VMX_MISC_INTEL_PT) &&
358 		(vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) &&
359 		(vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_IA32_RTIT_CTL) &&
360 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL);
361 }
362 
363 /*
364  * Processor Trace can operate in one of three modes:
365  *  a. system-wide: trace both host/guest and output to host buffer
366  *  b. host-only:   only trace host and output to host buffer
367  *  c. host-guest:  trace host and guest simultaneously and output to their
368  *                  respective buffer
369  *
370  * KVM currently only supports (a) and (c).
371  */
372 static inline bool vmx_pt_mode_is_system(void)
373 {
374 	return pt_mode == PT_MODE_SYSTEM;
375 }
376 static inline bool vmx_pt_mode_is_host_guest(void)
377 {
378 	return pt_mode == PT_MODE_HOST_GUEST;
379 }
380 
381 static inline u64 vmx_get_perf_capabilities(void)
382 {
383 	u64 perf_cap = 0;
384 
385 	if (boot_cpu_has(X86_FEATURE_PDCM))
386 		rdmsrl(MSR_IA32_PERF_CAPABILITIES, perf_cap);
387 
388 	perf_cap &= PMU_CAP_LBR_FMT;
389 
390 	/*
391 	 * Since counters are virtualized, KVM would support full
392 	 * width counting unconditionally, even if the host lacks it.
393 	 */
394 	return PMU_CAP_FW_WRITES | perf_cap;
395 }
396 
397 static inline u64 vmx_supported_debugctl(void)
398 {
399 	u64 debugctl = 0;
400 
401 	if (boot_cpu_has(X86_FEATURE_BUS_LOCK_DETECT))
402 		debugctl |= DEBUGCTLMSR_BUS_LOCK_DETECT;
403 
404 	if (vmx_get_perf_capabilities() & PMU_CAP_LBR_FMT)
405 		debugctl |= DEBUGCTLMSR_LBR_MASK;
406 
407 	return debugctl;
408 }
409 
410 #endif /* __KVM_X86_VMX_CAPS_H */
411