1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __KVM_X86_VMX_CAPS_H 3 #define __KVM_X86_VMX_CAPS_H 4 5 #include <asm/vmx.h> 6 7 #include "lapic.h" 8 9 extern bool __read_mostly enable_vpid; 10 extern bool __read_mostly flexpriority_enabled; 11 extern bool __read_mostly enable_ept; 12 extern bool __read_mostly enable_unrestricted_guest; 13 extern bool __read_mostly enable_ept_ad_bits; 14 extern bool __read_mostly enable_pml; 15 extern bool __read_mostly enable_apicv; 16 extern int __read_mostly pt_mode; 17 18 #define PT_MODE_SYSTEM 0 19 #define PT_MODE_HOST_GUEST 1 20 21 #define PMU_CAP_FW_WRITES (1ULL << 13) 22 #define PMU_CAP_LBR_FMT 0x3f 23 24 #define DEBUGCTLMSR_LBR_MASK (DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI) 25 26 struct nested_vmx_msrs { 27 /* 28 * We only store the "true" versions of the VMX capability MSRs. We 29 * generate the "non-true" versions by setting the must-be-1 bits 30 * according to the SDM. 31 */ 32 u32 procbased_ctls_low; 33 u32 procbased_ctls_high; 34 u32 secondary_ctls_low; 35 u32 secondary_ctls_high; 36 u32 pinbased_ctls_low; 37 u32 pinbased_ctls_high; 38 u32 exit_ctls_low; 39 u32 exit_ctls_high; 40 u32 entry_ctls_low; 41 u32 entry_ctls_high; 42 u32 misc_low; 43 u32 misc_high; 44 u32 ept_caps; 45 u32 vpid_caps; 46 u64 basic; 47 u64 cr0_fixed0; 48 u64 cr0_fixed1; 49 u64 cr4_fixed0; 50 u64 cr4_fixed1; 51 u64 vmcs_enum; 52 u64 vmfunc_controls; 53 }; 54 55 struct vmcs_config { 56 int size; 57 int order; 58 u32 basic_cap; 59 u32 revision_id; 60 u32 pin_based_exec_ctrl; 61 u32 cpu_based_exec_ctrl; 62 u32 cpu_based_2nd_exec_ctrl; 63 u32 vmexit_ctrl; 64 u32 vmentry_ctrl; 65 struct nested_vmx_msrs nested; 66 }; 67 extern struct vmcs_config vmcs_config; 68 69 struct vmx_capability { 70 u32 ept; 71 u32 vpid; 72 }; 73 extern struct vmx_capability vmx_capability; 74 75 static inline bool cpu_has_vmx_basic_inout(void) 76 { 77 return (((u64)vmcs_config.basic_cap << 32) & VMX_BASIC_INOUT); 78 } 79 80 static inline bool cpu_has_virtual_nmis(void) 81 { 82 return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS; 83 } 84 85 static inline bool cpu_has_vmx_preemption_timer(void) 86 { 87 return vmcs_config.pin_based_exec_ctrl & 88 PIN_BASED_VMX_PREEMPTION_TIMER; 89 } 90 91 static inline bool cpu_has_vmx_posted_intr(void) 92 { 93 return IS_ENABLED(CONFIG_X86_LOCAL_APIC) && 94 vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR; 95 } 96 97 static inline bool cpu_has_load_ia32_efer(void) 98 { 99 return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_EFER) && 100 (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_EFER); 101 } 102 103 static inline bool cpu_has_load_perf_global_ctrl(void) 104 { 105 return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL) && 106 (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL); 107 } 108 109 static inline bool cpu_has_vmx_mpx(void) 110 { 111 return (vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_BNDCFGS) && 112 (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_BNDCFGS); 113 } 114 115 static inline bool cpu_has_vmx_tpr_shadow(void) 116 { 117 return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW; 118 } 119 120 static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu) 121 { 122 return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu); 123 } 124 125 static inline bool cpu_has_vmx_msr_bitmap(void) 126 { 127 return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS; 128 } 129 130 static inline bool cpu_has_secondary_exec_ctrls(void) 131 { 132 return vmcs_config.cpu_based_exec_ctrl & 133 CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; 134 } 135 136 static inline bool cpu_has_vmx_virtualize_apic_accesses(void) 137 { 138 return vmcs_config.cpu_based_2nd_exec_ctrl & 139 SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; 140 } 141 142 static inline bool cpu_has_vmx_ept(void) 143 { 144 return vmcs_config.cpu_based_2nd_exec_ctrl & 145 SECONDARY_EXEC_ENABLE_EPT; 146 } 147 148 static inline bool vmx_umip_emulated(void) 149 { 150 return vmcs_config.cpu_based_2nd_exec_ctrl & 151 SECONDARY_EXEC_DESC; 152 } 153 154 static inline bool cpu_has_vmx_rdtscp(void) 155 { 156 return vmcs_config.cpu_based_2nd_exec_ctrl & 157 SECONDARY_EXEC_ENABLE_RDTSCP; 158 } 159 160 static inline bool cpu_has_vmx_virtualize_x2apic_mode(void) 161 { 162 return vmcs_config.cpu_based_2nd_exec_ctrl & 163 SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; 164 } 165 166 static inline bool cpu_has_vmx_vpid(void) 167 { 168 return vmcs_config.cpu_based_2nd_exec_ctrl & 169 SECONDARY_EXEC_ENABLE_VPID; 170 } 171 172 static inline bool cpu_has_vmx_wbinvd_exit(void) 173 { 174 return vmcs_config.cpu_based_2nd_exec_ctrl & 175 SECONDARY_EXEC_WBINVD_EXITING; 176 } 177 178 static inline bool cpu_has_vmx_unrestricted_guest(void) 179 { 180 return vmcs_config.cpu_based_2nd_exec_ctrl & 181 SECONDARY_EXEC_UNRESTRICTED_GUEST; 182 } 183 184 static inline bool cpu_has_vmx_apic_register_virt(void) 185 { 186 return vmcs_config.cpu_based_2nd_exec_ctrl & 187 SECONDARY_EXEC_APIC_REGISTER_VIRT; 188 } 189 190 static inline bool cpu_has_vmx_virtual_intr_delivery(void) 191 { 192 return vmcs_config.cpu_based_2nd_exec_ctrl & 193 SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; 194 } 195 196 static inline bool cpu_has_vmx_ple(void) 197 { 198 return vmcs_config.cpu_based_2nd_exec_ctrl & 199 SECONDARY_EXEC_PAUSE_LOOP_EXITING; 200 } 201 202 static inline bool cpu_has_vmx_rdrand(void) 203 { 204 return vmcs_config.cpu_based_2nd_exec_ctrl & 205 SECONDARY_EXEC_RDRAND_EXITING; 206 } 207 208 static inline bool cpu_has_vmx_invpcid(void) 209 { 210 return vmcs_config.cpu_based_2nd_exec_ctrl & 211 SECONDARY_EXEC_ENABLE_INVPCID; 212 } 213 214 static inline bool cpu_has_vmx_vmfunc(void) 215 { 216 return vmcs_config.cpu_based_2nd_exec_ctrl & 217 SECONDARY_EXEC_ENABLE_VMFUNC; 218 } 219 220 static inline bool cpu_has_vmx_shadow_vmcs(void) 221 { 222 u64 vmx_msr; 223 224 /* check if the cpu supports writing r/o exit information fields */ 225 rdmsrl(MSR_IA32_VMX_MISC, vmx_msr); 226 if (!(vmx_msr & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS)) 227 return false; 228 229 return vmcs_config.cpu_based_2nd_exec_ctrl & 230 SECONDARY_EXEC_SHADOW_VMCS; 231 } 232 233 static inline bool cpu_has_vmx_encls_vmexit(void) 234 { 235 return vmcs_config.cpu_based_2nd_exec_ctrl & 236 SECONDARY_EXEC_ENCLS_EXITING; 237 } 238 239 static inline bool cpu_has_vmx_rdseed(void) 240 { 241 return vmcs_config.cpu_based_2nd_exec_ctrl & 242 SECONDARY_EXEC_RDSEED_EXITING; 243 } 244 245 static inline bool cpu_has_vmx_pml(void) 246 { 247 return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML; 248 } 249 250 static inline bool cpu_has_vmx_xsaves(void) 251 { 252 return vmcs_config.cpu_based_2nd_exec_ctrl & 253 SECONDARY_EXEC_XSAVES; 254 } 255 256 static inline bool cpu_has_vmx_waitpkg(void) 257 { 258 return vmcs_config.cpu_based_2nd_exec_ctrl & 259 SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE; 260 } 261 262 static inline bool cpu_has_vmx_tsc_scaling(void) 263 { 264 return vmcs_config.cpu_based_2nd_exec_ctrl & 265 SECONDARY_EXEC_TSC_SCALING; 266 } 267 268 static inline bool cpu_has_vmx_bus_lock_detection(void) 269 { 270 return vmcs_config.cpu_based_2nd_exec_ctrl & 271 SECONDARY_EXEC_BUS_LOCK_DETECTION; 272 } 273 274 static inline bool cpu_has_vmx_apicv(void) 275 { 276 return cpu_has_vmx_apic_register_virt() && 277 cpu_has_vmx_virtual_intr_delivery() && 278 cpu_has_vmx_posted_intr(); 279 } 280 281 static inline bool cpu_has_vmx_flexpriority(void) 282 { 283 return cpu_has_vmx_tpr_shadow() && 284 cpu_has_vmx_virtualize_apic_accesses(); 285 } 286 287 static inline bool cpu_has_vmx_ept_execute_only(void) 288 { 289 return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT; 290 } 291 292 static inline bool cpu_has_vmx_ept_4levels(void) 293 { 294 return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT; 295 } 296 297 static inline bool cpu_has_vmx_ept_5levels(void) 298 { 299 return vmx_capability.ept & VMX_EPT_PAGE_WALK_5_BIT; 300 } 301 302 static inline bool cpu_has_vmx_ept_mt_wb(void) 303 { 304 return vmx_capability.ept & VMX_EPTP_WB_BIT; 305 } 306 307 static inline bool cpu_has_vmx_ept_2m_page(void) 308 { 309 return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT; 310 } 311 312 static inline bool cpu_has_vmx_ept_1g_page(void) 313 { 314 return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT; 315 } 316 317 static inline bool cpu_has_vmx_ept_ad_bits(void) 318 { 319 return vmx_capability.ept & VMX_EPT_AD_BIT; 320 } 321 322 static inline bool cpu_has_vmx_invept_context(void) 323 { 324 return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT; 325 } 326 327 static inline bool cpu_has_vmx_invept_global(void) 328 { 329 return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT; 330 } 331 332 static inline bool cpu_has_vmx_invvpid(void) 333 { 334 return vmx_capability.vpid & VMX_VPID_INVVPID_BIT; 335 } 336 337 static inline bool cpu_has_vmx_invvpid_individual_addr(void) 338 { 339 return vmx_capability.vpid & VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT; 340 } 341 342 static inline bool cpu_has_vmx_invvpid_single(void) 343 { 344 return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT; 345 } 346 347 static inline bool cpu_has_vmx_invvpid_global(void) 348 { 349 return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT; 350 } 351 352 static inline bool cpu_has_vmx_intel_pt(void) 353 { 354 u64 vmx_msr; 355 356 rdmsrl(MSR_IA32_VMX_MISC, vmx_msr); 357 return (vmx_msr & MSR_IA32_VMX_MISC_INTEL_PT) && 358 (vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) && 359 (vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_IA32_RTIT_CTL) && 360 (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL); 361 } 362 363 /* 364 * Processor Trace can operate in one of three modes: 365 * a. system-wide: trace both host/guest and output to host buffer 366 * b. host-only: only trace host and output to host buffer 367 * c. host-guest: trace host and guest simultaneously and output to their 368 * respective buffer 369 * 370 * KVM currently only supports (a) and (c). 371 */ 372 static inline bool vmx_pt_mode_is_system(void) 373 { 374 return pt_mode == PT_MODE_SYSTEM; 375 } 376 static inline bool vmx_pt_mode_is_host_guest(void) 377 { 378 return pt_mode == PT_MODE_HOST_GUEST; 379 } 380 381 static inline u64 vmx_get_perf_capabilities(void) 382 { 383 u64 perf_cap = 0; 384 385 if (boot_cpu_has(X86_FEATURE_PDCM)) 386 rdmsrl(MSR_IA32_PERF_CAPABILITIES, perf_cap); 387 388 perf_cap &= PMU_CAP_LBR_FMT; 389 390 /* 391 * Since counters are virtualized, KVM would support full 392 * width counting unconditionally, even if the host lacks it. 393 */ 394 return PMU_CAP_FW_WRITES | perf_cap; 395 } 396 397 static inline u64 vmx_supported_debugctl(void) 398 { 399 u64 debugctl = 0; 400 401 if (boot_cpu_has(X86_FEATURE_BUS_LOCK_DETECT)) 402 debugctl |= DEBUGCTLMSR_BUS_LOCK_DETECT; 403 404 if (vmx_get_perf_capabilities() & PMU_CAP_LBR_FMT) 405 debugctl |= DEBUGCTLMSR_LBR_MASK; 406 407 return debugctl; 408 } 409 410 #endif /* __KVM_X86_VMX_CAPS_H */ 411