From: Ștefan Șicleru <ssicl...@bitdefender.com>

This will be used by the introspection tool to control the EPT views to
which the guest is allowed to switch.

Signed-off-by: Ștefan Șicleru <ssicl...@bitdefender.com>
Signed-off-by: Adalbert Lazăr <ala...@bitdefender.com>
---
 arch/x86/include/asm/kvm_host.h |  1 +
 arch/x86/kvm/vmx/vmx.c          | 18 +++++++++++++++++-
 arch/x86/kvm/vmx/vmx.h          |  2 ++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 300f7fc43987..5e241863153f 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1310,6 +1310,7 @@ struct kvm_x86_ops {
        bool (*get_eptp_switching_status)(void);
        u16 (*get_ept_view)(struct kvm_vcpu *vcpu);
        int (*set_ept_view)(struct kvm_vcpu *vcpu, u16 view);
+       int (*control_ept_view)(struct kvm_vcpu *vcpu, u16 view, u8 visible);
 };
 
 struct kvm_x86_nested_ops {
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 0d39487ce5c6..cbc943d217e3 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -3138,8 +3138,11 @@ static void vmx_construct_eptp_with_index(struct 
kvm_vcpu *vcpu,
        if (!eptp_list)
                return;
 
-       eptp_list[view] = construct_eptp(vcpu,
+       if (test_bit(view, &vmx->allowed_views))
+               eptp_list[view] = construct_eptp(vcpu,
                                vcpu->arch.mmu->root_hpa_altviews[view]);
+       else
+               eptp_list[view] = (~0ULL);
 }
 
 static void vmx_construct_eptp_list(struct kvm_vcpu *vcpu)
@@ -4395,6 +4398,18 @@ static int vmx_set_ept_view(struct kvm_vcpu *vcpu, u16 
view)
        return 0;
 }
 
+static int vmx_control_ept_view(struct kvm_vcpu *vcpu, u16 view, u8 visible)
+{
+       if (visible)
+               set_bit(view, &to_vmx(vcpu)->allowed_views);
+       else
+               clear_bit(view, &to_vmx(vcpu)->allowed_views);
+
+       vmx_construct_eptp_with_index(vcpu, view);
+
+       return 0;
+}
+
 #define VMX_XSS_EXIT_BITMAP 0
 
 /*
@@ -8284,6 +8299,7 @@ static struct kvm_x86_ops vmx_x86_ops __initdata = {
        .get_eptp_switching_status = vmx_get_eptp_switching_status,
        .get_ept_view = vmx_get_ept_view,
        .set_ept_view = vmx_set_ept_view,
+       .control_ept_view = vmx_control_ept_view,
 };
 
 static __init int hardware_setup(void)
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index 4e2f86458ca2..38d50fc7357b 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -300,6 +300,8 @@ struct vcpu_vmx {
        struct page *eptp_list_pg;
        /* The view this vcpu operates on. */
        u16 view;
+       /* Visible EPT views bitmap for in-guest VMFUNC. */
+       unsigned long allowed_views;
 };
 
 enum ept_pointers_status {
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization

Reply via email to