Re: [Xen-devel] [PATCH V2] x86/altp2m: add altp2m_vcpu_disable_notify

2018-12-18 Thread Razvan Cojocaru 
On 12/18/18 4:54 PM, Razvan Cojocaru wrote:
> Allow altp2m users to disable #VE/VMFUNC alone. Currently it is
> only possible to disable this functionality when we disable altp2m
> completely; #VE/VMFUNC can only be enabled once per altp2m session.
> 
> In addition to making things complete, disabling #VE is also a
> workaround for CFW116 ("When Virtualization Exceptions are Enabled,
> EPT Violations May Generate Erroneous Virtualization Exceptions")
> on Xeon E-2100 CPUs.
> 
> Signed-off-by: Razvan Cojocaru 
> 
> ---
> Changes since V1:
>  - Updated the patch description to specify E-2100.
>  - Made trying to disable #VE when it's already disabled a no-op.
>  - Removed leftover uint32_t pad; from struct
>xen_hvm_altp2m_vcpu_disable_notify.
> ---
>  tools/libxc/include/xenctrl.h   |  2 ++
>  tools/libxc/xc_altp2m.c | 22 ++
>  xen/arch/x86/hvm/hvm.c  | 29 +
>  xen/include/public/hvm/hvm_op.h | 11 ++-
>  4 files changed, 63 insertions(+), 1 deletion(-)
> 
> diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h
> index 97ae965..31cdda7 100644
> --- a/tools/libxc/include/xenctrl.h
> +++ b/tools/libxc/include/xenctrl.h
> @@ -1932,6 +1932,8 @@ int xc_altp2m_get_domain_state(xc_interface *handle, 
> uint32_t dom, bool *state);
>  int xc_altp2m_set_domain_state(xc_interface *handle, uint32_t dom, bool 
> state);
>  int xc_altp2m_set_vcpu_enable_notify(xc_interface *handle, uint32_t domid,
>   uint32_t vcpuid, xen_pfn_t gfn);
> +int xc_altp2m_set_vcpu_disable_notify(xc_interface *handle, uint32_t domid,
> +  uint32_t vcpuid);
>  int xc_altp2m_create_view(xc_interface *handle, uint32_t domid,
>xenmem_access_t default_access, uint16_t *view_id);
>  int xc_altp2m_destroy_view(xc_interface *handle, uint32_t domid,
> diff --git a/tools/libxc/xc_altp2m.c b/tools/libxc/xc_altp2m.c
> index 844b9f1..f8cd603 100644
> --- a/tools/libxc/xc_altp2m.c
> +++ b/tools/libxc/xc_altp2m.c
> @@ -91,6 +91,28 @@ int xc_altp2m_set_vcpu_enable_notify(xc_interface *handle, 
> uint32_t domid,
>  return rc;
>  }
>  
> +int xc_altp2m_set_vcpu_disable_notify(xc_interface *handle, uint32_t domid,
> +  uint32_t vcpuid)
> +{
> +int rc;
> +DECLARE_HYPERCALL_BUFFER(xen_hvm_altp2m_op_t, arg);
> +
> +arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
> +if ( arg == NULL )
> +return -1;
> +
> +arg->version = HVMOP_ALTP2M_INTERFACE_VERSION;
> +arg->cmd = HVMOP_altp2m_vcpu_disable_notify;
> +arg->domain = domid;
> +arg->u.disable_notify.vcpu_id = vcpuid;
> +
> +rc = xencall2(handle->xcall, __HYPERVISOR_hvm_op, HVMOP_altp2m,
> +   HYPERCALL_BUFFER_AS_ARG(arg));
> +
> +xc_hypercall_buffer_free(handle, arg);
> +return rc;
> +}
> +
>  int xc_altp2m_create_view(xc_interface *handle, uint32_t domid,
>xenmem_access_t default_access, uint16_t *view_id)
>  {
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index d64b6b6..424e4d1 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -4485,6 +4485,7 @@ static int do_altp2m_op(
>  case HVMOP_altp2m_get_domain_state:
>  case HVMOP_altp2m_set_domain_state:
>  case HVMOP_altp2m_vcpu_enable_notify:
> +case HVMOP_altp2m_vcpu_disable_notify:
>  case HVMOP_altp2m_create_p2m:
>  case HVMOP_altp2m_destroy_p2m:
>  case HVMOP_altp2m_switch_p2m:
> @@ -4602,6 +4603,34 @@ static int do_altp2m_op(
>  break;
>  }
>  
> +case HVMOP_altp2m_vcpu_disable_notify:
> +{
> +struct vcpu *v;
> +
> +if ( a.u.disable_notify.pad ||

Sorry, this should obviously have been removed as well. I'll re-send the
patch.


Thanks,
Razvan

___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

[Xen-devel] [PATCH V2] x86/altp2m: add altp2m_vcpu_disable_notify

2018-12-18 Thread Razvan Cojocaru 
Allow altp2m users to disable #VE/VMFUNC alone. Currently it is
only possible to disable this functionality when we disable altp2m
completely; #VE/VMFUNC can only be enabled once per altp2m session.

In addition to making things complete, disabling #VE is also a
workaround for CFW116 ("When Virtualization Exceptions are Enabled,
EPT Violations May Generate Erroneous Virtualization Exceptions")
on Xeon E-2100 CPUs.

Signed-off-by: Razvan Cojocaru 

---
Changes since V1:
 - Updated the patch description to specify E-2100.
 - Made trying to disable #VE when it's already disabled a no-op.
 - Removed leftover uint32_t pad; from struct
   xen_hvm_altp2m_vcpu_disable_notify.
---
 tools/libxc/include/xenctrl.h   |  2 ++
 tools/libxc/xc_altp2m.c | 22 ++
 xen/arch/x86/hvm/hvm.c  | 29 +
 xen/include/public/hvm/hvm_op.h | 11 ++-
 4 files changed, 63 insertions(+), 1 deletion(-)

diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h
index 97ae965..31cdda7 100644
--- a/tools/libxc/include/xenctrl.h
+++ b/tools/libxc/include/xenctrl.h
@@ -1932,6 +1932,8 @@ int xc_altp2m_get_domain_state(xc_interface *handle, 
uint32_t dom, bool *state);
 int xc_altp2m_set_domain_state(xc_interface *handle, uint32_t dom, bool state);
 int xc_altp2m_set_vcpu_enable_notify(xc_interface *handle, uint32_t domid,
  uint32_t vcpuid, xen_pfn_t gfn);
+int xc_altp2m_set_vcpu_disable_notify(xc_interface *handle, uint32_t domid,
+  uint32_t vcpuid);
 int xc_altp2m_create_view(xc_interface *handle, uint32_t domid,
   xenmem_access_t default_access, uint16_t *view_id);
 int xc_altp2m_destroy_view(xc_interface *handle, uint32_t domid,
diff --git a/tools/libxc/xc_altp2m.c b/tools/libxc/xc_altp2m.c
index 844b9f1..f8cd603 100644
--- a/tools/libxc/xc_altp2m.c
+++ b/tools/libxc/xc_altp2m.c
@@ -91,6 +91,28 @@ int xc_altp2m_set_vcpu_enable_notify(xc_interface *handle, 
uint32_t domid,
 return rc;
 }
 
+int xc_altp2m_set_vcpu_disable_notify(xc_interface *handle, uint32_t domid,
+  uint32_t vcpuid)
+{
+int rc;
+DECLARE_HYPERCALL_BUFFER(xen_hvm_altp2m_op_t, arg);
+
+arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg));
+if ( arg == NULL )
+return -1;
+
+arg->version = HVMOP_ALTP2M_INTERFACE_VERSION;
+arg->cmd = HVMOP_altp2m_vcpu_disable_notify;
+arg->domain = domid;
+arg->u.disable_notify.vcpu_id = vcpuid;
+
+rc = xencall2(handle->xcall, __HYPERVISOR_hvm_op, HVMOP_altp2m,
+ HYPERCALL_BUFFER_AS_ARG(arg));
+
+xc_hypercall_buffer_free(handle, arg);
+return rc;
+}
+
 int xc_altp2m_create_view(xc_interface *handle, uint32_t domid,
   xenmem_access_t default_access, uint16_t *view_id)
 {
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index d64b6b6..424e4d1 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4485,6 +4485,7 @@ static int do_altp2m_op(
 case HVMOP_altp2m_get_domain_state:
 case HVMOP_altp2m_set_domain_state:
 case HVMOP_altp2m_vcpu_enable_notify:
+case HVMOP_altp2m_vcpu_disable_notify:
 case HVMOP_altp2m_create_p2m:
 case HVMOP_altp2m_destroy_p2m:
 case HVMOP_altp2m_switch_p2m:
@@ -4602,6 +4603,34 @@ static int do_altp2m_op(
 break;
 }
 
+case HVMOP_altp2m_vcpu_disable_notify:
+{
+struct vcpu *v;
+
+if ( a.u.disable_notify.pad ||
+ a.u.disable_notify.vcpu_id >= d->max_vcpus )
+{
+rc = -EINVAL;
+break;
+}
+
+if ( !cpu_has_vmx_virt_exceptions )
+{
+rc = -EOPNOTSUPP;
+break;
+}
+
+v = d->vcpu[a.u.enable_notify.vcpu_id];
+
+/* Already disabled, nothing to do. */
+if ( gfn_eq(vcpu_altp2m(v).veinfo_gfn, INVALID_GFN) )
+break;
+
+vcpu_altp2m(v).veinfo_gfn = INVALID_GFN;
+altp2m_vcpu_update_vmfunc_ve(v);
+break;
+}
+
 case HVMOP_altp2m_create_p2m:
 if ( !(rc = p2m_init_next_altp2m(d, )) )
 rc = __copy_to_guest(arg, , 1) ? -EFAULT : 0;
diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h
index 5878a25..c6cd12f 100644
--- a/xen/include/public/hvm/hvm_op.h
+++ b/xen/include/public/hvm/hvm_op.h
@@ -232,6 +232,12 @@ struct xen_hvm_altp2m_vcpu_enable_notify {
 typedef struct xen_hvm_altp2m_vcpu_enable_notify 
xen_hvm_altp2m_vcpu_enable_notify_t;
 DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_vcpu_enable_notify_t);
 
+struct xen_hvm_altp2m_vcpu_disable_notify {
+uint32_t vcpu_id;
+};
+typedef struct xen_hvm_altp2m_vcpu_disable_notify 
xen_hvm_altp2m_vcpu_disable_notify_t;
+DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_vcpu_disable_notify_t);
+
 struct xen_hvm_altp2m_view {
 /* IN/OUT variable */
 uint16_t view;
@@ -304,7 +310,7 @@ struct