Re: [Xen-devel] [PATCH v9 3/9] xen/x86: support per-domain flag for xpti

boot "xpti=dom0=0" > parameter will achieve that. > > Move the xpti boot parameter handling to xen/arch/x86/pv/domain.c as > it is pv-domain specific. > > Signed-off-by: Juergen Gross <jgr...@suse.com> > Reviewed-by: Jan Beulich <jbeul...@suse.com> >

[Xen-devel] [PATCH v1 for 4.7] x86/cpuid: fix raw FEATURESET_7d0 reporting

Commit 62b1879693e0 ("x86: further CPUID handling adjustments") added FEATURESET_7d0 reporting but forgot to update calculate_raw_featureset() function. As result, the value reported by xen-cpuid contains 0. Fix that by properly filling raw_featureset[FEATURESET_7d0]. Signed-off-

Re: [Xen-devel] [PATCH 2/3] x86/msr: Drop {MISC_ENABLES, PLATFORM_INFO}.available

> /* 0x0140 MSR_INTEL_MISC_FEATURES_ENABLES */ > struct { > -bool available; /* This MSR is non-architectural */ > bool cpuid_faulting; > } misc_features_enables; > }; Could you add comments saying that those 2 MSRs are always available for all gu

Re: [Xen-devel] [PATCH 3/3] x86/msr: Use the architectural layout for MSR_{MISC_ENABLES, PLATFORM_INFO}

ield to move > the cpuid_faulting field to its appropriate position. > > Signed-off-by: Andrew Cooper > --- > Reviewed-by: Sergey Dyasli -- Thanks, Sergey ___ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH RFC v1 57/74] x86/pv-shim: shadow PV console's page for L2 DomU

On Tue, 2018-01-09 at 09:28 -0700, Jan Beulich wrote: > > > > On 09.01.18 at 16:43, wrote: > > > > On Tue, 2018-01-09 at 02:13 -0700, Jan Beulich wrote: > > > > > > On 04.01.18 at 14:06, wrote: > > > > > > > > +size_t consoled_guest_rx(void) > > >

Re: [Xen-devel] [PATCH RFC v1 57/74] x86/pv-shim: shadow PV console's page for L2 DomU

On Tue, 2018-01-09 at 02:13 -0700, Jan Beulich wrote: > > > > On 04.01.18 at 14:06, wrote: > > +size_t consoled_guest_rx(void) > > +{ > > +size_t recv = 0, idx = 0; > > +XENCONS_RING_IDX cons, prod; > > + > > +if ( !cons_ring ) > > +return 0; > > + > > +

[Xen-devel] [PATCH v1] x86/msr: add Raw and Host domain policies

Raw policy contains the actual values from H/W MSRs. Add PLATFORM_INFO msr to the policy during probe_cpuid_faulting(). Host policy might have certain features disabled if Xen decides not to use them. For now, make Host policy equal to Raw policy. Signed-off-by: Sergey Dyasli <sergey.

Re: [Xen-devel] [PATCH v1] x86/msr: add Raw and Host domain policies

On Thu, 2018-02-08 at 11:21 +, Roger Pau Monné wrote: > On Thu, Feb 08, 2018 at 10:23:21AM +0000, Sergey Dyasli wrote: > > +static void __init calculate_host_policy(void) > > +{ > > +struct msr_domain_policy *dp = _msr_domain_policy; > > + > >

Re: [Xen-devel] [PATCH v1] x86/msr: add Raw and Host domain policies

On Thu, 2018-02-15 at 06:33 -0700, Jan Beulich wrote: > > > > On 08.02.18 at 11:23, wrote: > > > > --- a/xen/arch/x86/cpu/common.c > > +++ b/xen/arch/x86/cpu/common.c > > @@ -118,9 +118,18 @@ void (* __read_mostly ctxt_switch_masking)(const > > struct vcpu *next); > >

Re: [Xen-devel] [PATCH v1] x86/msr: add Raw and Host domain policies

On Fri, 2018-02-16 at 04:06 -0700, Jan Beulich wrote: > > > > On 16.02.18 at 11:33, wrote: > > > > On Thu, 2018-02-15 at 06:33 -0700, Jan Beulich wrote: > > > > > > On 08.02.18 at 11:23, wrote: > > > > > > > > uint64_t val; > > > > +

[Xen-devel] [PATCH v2] x86/msr: add Raw and Host domain policies

on X86_FEATURE_CPUID_FAULTING. Finally, derive HVM/PV max domain policies from the Host policy. Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- v2: - Moved *dp into a narrower scope in probe_cpuid_faulting() - Changes to how Host/pv/hvm domain policies are calculated --- xen/arch/x

Re: [Xen-devel] [PATCH v1] x86/msr: add Raw and Host domain policies

On Fri, 2018-02-16 at 11:38 +, Andrew Cooper wrote: > On 16/02/18 11:31, Sergey Dyasli wrote: > > On Fri, 2018-02-16 at 04:06 -0700, Jan Beulich wrote: > > > > > > On 16.02.18 at 11:33, <sergey.dya...@citrix.com> wrote: > > > > > > >

Re: [Xen-devel] x86 Community Call - Wed Aug 15, 14:00 - 15:00 UTC - Agenda items

On Mon, 2018-08-13 at 02:54 -0600, Jan Beulich wrote: > > > > On 13.08.18 at 09:46, wrote: > > > > proposed topics so far: > > * 4.10+ changes to Xen's memory scrubbing: discussion of the changes > > that made to it in recent versions of Xen (4.10+) - Christopher > > * Project

Re: [Xen-devel] [PATCH 10/13] x86/domctl: Implement XEN_DOMCTL_get_cpumsr_policy

On Tue, 2018-07-03 at 21:55 +0100, Andrew Cooper wrote: > From: Sergey Dyasli > > This finally (after literally years of work!) marks the point where the > toolstack can ask the hypervisor for the current CPUID configuration of a > specific domain. > > Also extend xen-

[Xen-devel] [PATCH] mm/page_alloc: correct first_dirty calculations during block merging

tent. Fixes 1a37f33ea613 ("mm: Place unscrubbed pages at the end of pagelist") Signed-off-by: Sergey Dyasli --- CC: Andrew Cooper CC: George Dunlap CC: Jan Beulich CC: Julien Grall CC: Wei Liu CC: Boris Ostrovsky --- xen/common/page_alloc.c | 8 +++- 1 file changed, 7 in

Re: [Xen-devel] [PATCH] mm/page_alloc: correct first_dirty calculations during block merging

he block is scrubbed. > > > > > > Add the missing piece of logic and slightly update the comment for > > > the predecessor case to better capture the code's intent. > > > > > > Fixes 1a37f33ea613 ("mm: Place unscrubbed pages at the end of pagelist") &

Re: [Xen-devel] [PATCH v3 2/3] x86/viridan: Clean up Viridian MSR infrastructure

ed-off-by: Andrew Cooper > Reviewed-by: Paul Durrant > --- > CC: Jan Beulich > CC: Wei Liu > CC: Roger Pau Monné > CC: Sergey Dyasli > > v3: > * Clean up after splitting the series. Retain appropriate R-by's > --- > xen/arch/x86/hvm/viridian.c

Re: [Xen-devel] [PATCH v8 3/9] xen/x86: support per-domain flag for xpti

Hi Juergen, 2 small requests from me below. On Wed, 2018-04-18 at 10:30 +0200, Juergen Gross wrote: > Instead of switching XPTI globally on or off add a per-domain flag for > that purpose. This allows to modify the xpti boot parameter to support > running dom0 without Meltdown mitigations. Using

Re: [Xen-devel] [PATCH v5 1/5] x86/msr: add VMX MSRs definitions and populate Raw domain policy

On Wed, 2018-03-21 at 19:52 +, Andrew Cooper wrote: > On 28/02/18 16:09, Sergey Dyasli wrote: > > > > +struct { > > +/* 0x0480 MSR_IA32_VMX_BASIC */ > > +union { > > +uint64_t

[Xen-devel] [PATCH v6 1/5] x86/msr: add VMX MSRs definitions and populate Raw domain policy

ue_ctls blocks. Add calculate_raw_vmx_policy() which fills Raw policy with H/W values of VMX MSRs. Host policy will contain a copy of these values (for now). Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- v5 --> v6: - Removed "_bits" and "_based" from union names - Removed &qu

[Xen-devel] [PATCH v6 3/5] x86/cpuid: update signature of hvm_cr4_guest_valid_bits()

With the new cpuid infrastructure there is a domain-wide struct cpuid policy and there is no need to pass a separate struct vcpu * into hvm_cr4_guest_valid_bits() anymore. Make the function accept struct domain * instead and update callers. Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.

[Xen-devel] [PATCH v6 4/5] x86/msr: update domain policy on CPUID policy changes

changes availability of VMX MSRs based on domain's nested virt settings. If it's enabled, then the domain receives a copy of HVM_max vmx policy with allowed CR4 bits adjusted by CPUID policy. Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> Reviewed-by: Andrew Cooper <andrew.coop...@c

[Xen-devel] [PATCH v6 5/5] x86/msr: handle VMX MSRs with guest_rd/wrmsr()

-off-by: Sergey Dyasli <sergey.dya...@citrix.com> Reviewed-by: Andrew Cooper <andrew.coop...@citrix.com> --- v5 --> v6: - Moved VMX MSRs case to the read-only block in guest_wrmsr() - Added Reviewed-by --- xen/arch/x86/hvm/vmx/vmx.c | 6 -- xen/arch/x86/hvm/vmx/vvmx

[Xen-devel] [PATCH v6 0/5] VMX MSRs policy for Nested Virt: part 1

3,4 and 5 - Other changes are provided on per-patch basis Sergey Dyasli (5): x86/msr: add VMX MSRs definitions and populate Raw domain policy x86/msr: add VMX MSRs into HVM_max domain policy x86/cpuid: update signature of hvm_cr4_guest_valid_bits() x86/msr: update domain policy on CPUID pol

Re: [Xen-devel] [PATCH v5 2/5] x86/msr: add VMX MSRs into HVM_max domain policy

On Wed, 2018-03-21 at 20:46 +, Andrew Cooper wrote: > On 28/02/2018 16:09, Sergey Dyasli wrote: > > + > > +dp->vmx.pinbased_ctls.allowed_0.raw = VMX_PINBASED_CTLS_DEFAULT1; > > +dp->vmx.pinbased_ctls.allowed_1.raw = VMX_PINBASED_CTLS_D

[Xen-devel] [PATCH v6 2/5] x86/msr: add VMX MSRs into HVM_max domain policy

by guest_rd/wrmsr(). Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- v5 --> v6: - Replaced !cpu_has_vmx check with !hvm_max_cpuid_policy.basic.vmx - Added a TODO reminder - Added brackets around bit or expressions --- xen/arch/x86/ms

Re: [Xen-devel] [PATCH v2] vvmx: fixes after CR4 trapping optimizations

a <jun.nakaj...@intel.com> > Cc: Kevin Tian <kevin.t...@intel.com> > Cc: Jan Beulich <jbeul...@suse.com> > Cc: Andrew Cooper <andrew.coop...@citrix.com> > Cc: Sergey Dyasli <sergey.dya...@citrix.com> > --- > I've manually tested and AFAICT this fixes the os

[Xen-devel] [PATCH v5 2/5] x86/msr: add VMX MSRs into HVM_max domain policy

by guest_rd/wrmsr(). Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- v4 --> v5: - Macros are removed and now supported bitmask is used to derive policy - Added vmx_clear_policy() helper --- xen/arch/x86/msr.c | 134 + 1 file cha

[Xen-devel] [PATCH v5 4/5] x86/msr: update domain policy on CPUID policy changes

() which changes availability of VMX MSRs based on domain's nested virt settings. If it's enabled, then the domain receives a copy of HVM_max vmx policy with allowed CR4 bits adjusted by CPUID policy. Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- v4 --> v5: - Removed _do

[Xen-devel] [PATCH v5 3/5] x86/cpuid: update signature of hvm_cr4_guest_valid_bits()

With the new cpuid infrastructure there is a domain-wide struct cpuid policy and there is no need to pass a separate struct vcpu * into hvm_cr4_guest_valid_bits() anymore. Make the function accept struct domain * instead and update callers. Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.

[Xen-devel] [PATCH v5 0/5] VMX MSRs policy for Nested Virt: part 1

separately - Combined the next 2 patches into 1 Sergey Dyasli (5): x86/msr: add VMX MSRs definitions and populate Raw domain policy x86/msr: add VMX MSRs into HVM_max domain policy x86/cpuid: update signature of hvm_cr4_guest_valid_bits() x86/msr: update domain policy on CPUID policy chan

[Xen-devel] [PATCH v5 1/5] x86/msr: add VMX MSRs definitions and populate Raw domain policy

ue_ctls blocks. Add calculate_raw_vmx_policy() which fills Raw policy with H/W values of VMX MSRs. Host policy will contain a copy of these values (for now). Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- v4 --> v5: - Clarified the reason for splitting MSRs into 5 blocks - Added raw field into

[Xen-devel] [PATCH v5 5/5] x86/msr: handle VMX MSRs with guest_rd/wrmsr()

-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- v4 --> v5: - New msr availability helpers are used --- xen/arch/x86/hvm/vmx/vmx.c | 6 -- xen/arch/x86/hvm/vmx/vvmx.c| 178 - xen/arch/x86/msr.c | 35 xen/in

Re: [Xen-devel] [PATCH] vvmx: fixes after CR4 trapping optimizations

On Thu, 2018-03-01 at 16:19 +, Roger Pau Monne wrote: > Commit 406817 doesn't update nested VMX code in order to take into > account L1 CR4 host mask when nested guest (L2) writes to CR4, and > thus the mask written to CR4_GUEST_HOST_MASK is likely not as > restrictive as it should be. > >

[Xen-devel] [PATCH v1] pv_console: remove unnecessary #ifdefs

. Remove them. Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com> --- Compile tested with aarch64 compiler. --- xen/drivers/char/console.c | 12 ++-- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c index 1210

[Xen-devel] [PATCH v1 6/6] x86/vvmx: fix I/O and MSR bitmaps mapping

only: 1. During the first nested vmentry 2. After L1 has changed an appropriate vmcs field 3. After nvmx_purge_vvmcs() was previously called Signed-off-by: Sergey Dyasli --- xen/arch/x86/hvm/vmx/vvmx.c | 104 +++- 1 file changed, 67 insertions(+), 37

[Xen-devel] [PATCH v1 2/6] x86/vvmx: correct vmfail() usage for vmptrld and vmclear

Calling vmfail_valid() is correct only if vvmcx is valid. Modify functions to use vmfail() instead which performs the necessary check. Signed-off-by: Sergey Dyasli --- xen/arch/x86/hvm/vmx/vvmx.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vvmx.c

[Xen-devel] [PATCH v1 4/6] x86/vvmx: add VMX_INSN_VMCLEAR_WITH_VMXON_PTR errno

And make nvmx_handle_vmclear() return the new errno in case the provided address is the same as vmxon region address. While at it, correct the return value for not-4KB-aligned case and for invalid physaddr. Signed-off-by: Sergey Dyasli --- xen/arch/x86/hvm/vmx/vvmx.c| 23

[Xen-devel] [PATCH v1 0/6] x86/vvmx: various fixes

These were found by running nested VMX tests from kvm-unit-tests. Sergey Dyasli (6): x86/vvmx: introduce vvmcx_valid() x86/vvmx: correct vmfail() usage for vmptrld and vmclear x86/vvmx: add VMX_INSN_VMPTRLD_WITH_VMXON_PTR errno x86/vvmx: add VMX_INSN_VMCLEAR_WITH_VMXON_PTR errno x86

[Xen-devel] [PATCH v1 5/6] x86/vvmx: correctly report vvmcs size

The size of Xen's virtual vmcs region is 4096 bytes. Correctly report it to the guest in case when VMCS shadowing is not available instead of providing H/W value (which is usually smaller). Signed-off-by: Sergey Dyasli --- xen/arch/x86/hvm/vmx/vvmx.c | 8 1 file changed, 8 insertions

[Xen-devel] [PATCH v1 3/6] x86/vvmx: add VMX_INSN_VMPTRLD_WITH_VMXON_PTR errno

And make nvmx_handle_vmptrld() return the new errno in case the provided address is the same as vmxon region address. While at it, correct the return value for not-4KB-aligned case. Signed-off-by: Sergey Dyasli --- xen/arch/x86/hvm/vmx/vvmx.c| 10 -- xen/include/asm-x86/hvm/vmx

[Xen-devel] [PATCH v1 1/6] x86/vvmx: introduce vvmcx_valid()

As a convenient helper function and refactor the code to use it. No functional change. Signed-off-by: Sergey Dyasli --- xen/arch/x86/hvm/vmx/vvmx.c | 17 - xen/include/asm-x86/hvm/nestedhvm.h | 5 + 2 files changed, 13 insertions(+), 9 deletions(-) diff --git

Re: [Xen-devel] [PATCH v2] mm/page_alloc: make bootscrub happen in idle-loop

On 12/10/18 14:40, Jan Beulich wrote: On 09.10.18 at 17:21, wrote: >> --- a/xen/common/page_alloc.c >> +++ b/xen/common/page_alloc.c >> @@ -161,8 +161,42 @@ string_param("badpage", opt_badpage); >> /* >> * no-bootscrub -> Free pages are not zeroed during boot. >> */ >> -static bool_t

[Xen-devel] [PATCH v2] x86/boot: enable NMIs after traps init

nable NMIs during cpu_init() and during __start_xen() for BSP. Signed-off-by: Sergey Dyasli --- v2: - Added enable_nmis() to __start_xen() for BSP - Added comments as per Andrew's suggestion CC: Jan Beulich CC: Andrew Cooper CC: Wei Liu --- xen/arch/x86/cpu/common.c | 3 +++ xen/arch/x

Re: [Xen-devel] [PATCH v1 1/6] x86/vvmx: introduce vvmcx_valid()

On 01/11/2018 02:22, Tian, Kevin wrote: >> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com] >> Sent: Tuesday, October 30, 2018 8:41 PM >> >> On 30/10/2018 07:41, Tian, Kevin wrote: >>>> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com] >>

Re: [Xen-devel] [PATCH v1 1/6] x86/vvmx: introduce vvmcx_valid()

On 30/10/2018 07:41, Tian, Kevin wrote: >> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com] >> Sent: Friday, October 12, 2018 11:28 PM >> >> As a convenient helper function and refactor the code to use it. >> >> No functional change. >> >> Sign

Re: [Xen-devel] [PATCH v1 5/6] x86/vvmx: correctly report vvmcs size

On 30/10/2018 08:06, Tian, Kevin wrote: >> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com] >> Sent: Friday, October 12, 2018 11:28 PM >> >> The size of Xen's virtual vmcs region is 4096 bytes. Correctly report >> it to the guest in case when VMCS shad

Re: [Xen-devel] [PATCH 4/4] x86/vvmx: Don't handle unknown nested vmexit reasons at L0

On 25/10/2018 16:39, Andrew Cooper wrote: > This is very dangerous from a security point of view, because a missing entry > will cause L2's action to be interpreted as L1's action. > > Signed-off-by: Andrew Cooper > --- > CC: Sergey Dyasli > CC: Jan Beulich > CC: Wei

Re: [Xen-devel] [PATCH 3/4] x86/vvmx: INVVPID instructions should be handled at by L1

user_regs *regs, > case EXIT_REASON_VMXOFF: > case EXIT_REASON_VMXON: > case EXIT_REASON_INVEPT: > +case EXIT_REASON_INVVPID: > case EXIT_REASON_XSETBV: > /* inject to L1 */ > nvcpu->nv_vmexit_pending = 1; Reviewed-by: Sergey Dyasli

Re: [Xen-devel] [PATCH 4/4] x86/vvmx: Don't handle unknown nested vmexit reasons at L0

On 26/10/2018 10:10, Andrew Cooper wrote: > On 26/10/2018 10:05, Sergey Dyasli wrote: >> >> On 25/10/2018 16:39, Andrew Cooper wrote: >>> This is very dangerous from a security point of view, because a missing >>> entry >>> will cause L2's action to be

Re: [Xen-devel] [PATCH v2] mm/page_alloc: make bootscrub happen in idle-loop

On 07/11/2018 18:20, Andrew Cooper wrote: > On 09/10/18 16:21, Sergey Dyasli wrote: >> Scrubbing RAM during boot may take a long time on machines with lots >> of RAM. Add 'idle' option to bootscrub which marks all pages dirty >> initially so they will eventually be scrubbed

Re: [Xen-devel] [PATCH v2 7/8] x86/vvmx: correctly report vvmcs size

On 07/11/2018 13:28, Wei Liu wrote: > On Tue, Nov 06, 2018 at 12:07:58PM +0000, Sergey Dyasli wrote: >> The size of Xen's virtual vmcs region is 4096 bytes (see comment about >> Virtual VMCS layout in include/asm-x86/hvm/vmx/vvmx.h). Correctly report >> it to the guest in cas

Re: [Xen-devel] [PATCH v2] mm/page_alloc: make bootscrub happen in idle-loop

(CCing Roger) On 08/11/2018 11:07, Andrew Cooper wrote: > On 08/11/18 10:31, Jan Beulich wrote: >>>>> On 07.11.18 at 19:20, wrote: >>> On 09/10/18 16:21, Sergey Dyasli wrote: >>>> Scrubbing RAM during boot may take a long time on machines with lots >

Re: [Xen-devel] [PATCH 0/4] x86/vvmx: Misc fixes

Don't call vmsucceed() at the end of virtual_vmexit() Reviewed-by: Sergey Dyasli -- Thanks, Sergey > xen/arch/x86/hvm/vmx/vvmx.c | 22 +++--- > 1 file changed, 7 insertions(+), 15 deletions(-) > ___ Xen-devel mailing list Xen-de

Re: [Xen-devel] [PATCH 4/4] x86/vvmx: Don't call vmsucceed() at the end of virtual_vmexit()

think the description must be changed. -- Sergey > Signed-off-by: Andrew Cooper > --- > CC: Jan Beulich > CC: Wei Liu > CC: Roger Pau Monné > CC: Sergey Dyasli > CC: Jun Nakajima > CC: Kevin Tian > --- > xen/arch/x86/hvm/vmx/vvmx.c | 1 - > 1 file changed, 1

[Xen-devel] [PATCH v3] mm/page_alloc: make bootscrub happen in idle-loop

scrubbing during allocation (unless MEMF_no_scrub was provided). Use the new 'idle' option as the default one. Signed-off-by: Sergey Dyasli Reviewed-by: Jan Beulich --- v2 --> v3: - Removed "= 0" from enum bootscrub_mode - Removed num_online_nodes() from printk() - Added Reviewed-b

[Xen-devel] [PATCH v2 2/8] x86/nestedhvm: introduce vvmcx_valid()

As a convenient helper function and refactor the code to use it. No functional change. Signed-off-by: Sergey Dyasli --- CC: Boris Ostrovsky CC: Suravee Suthikulpanit CC: Brian Woods v2: - Use the new helper in nestedsvm.c --- xen/arch/x86/hvm/svm/nestedsvm.c| 2 +- xen/arch/x86/hvm

[Xen-devel] [PATCH v2 0/8] x86/vvmx: various fixes

These were found by running nested VMX tests from kvm-unit-tests. Sergey Dyasli (8): x86/vvmx: introduce nvmx_vcpu_preinit() x86/nestedhvm: introduce vvmcx_valid() x86/vvmx: add VMX_INSN_INVEPT_INVVPID_INVALID_OP errno x86/vvmx: correct vmfail() usage for vmptrld and vmclear x86/vvmx

[Xen-devel] [PATCH v2 5/8] x86/vvmx: add VMX_INSN_VMPTRLD_WITH_VMXON_PTR errno

And make nvmx_handle_vmptrld() return the new errno in case the provided address is the same as vmxon region address. While at it, correct the return value for not-4KB-aligned case. Signed-off-by: Sergey Dyasli Acked-by: Kevin Tian --- v2: - Added Acked-by --- xen/arch/x86/hvm/vmx/vvmx.c

[Xen-devel] [PATCH v2 6/8] x86/vvmx: refactor nvmx_handle_vmclear()

-off-by: Sergey Dyasli --- v2: - Removal of enum vmx_ops_result and refactoring --- xen/arch/x86/hvm/vmx/vvmx.c| 52 +- xen/include/asm-x86/hvm/vmx/vmcs.h | 1 + 2 files changed, 30 insertions(+), 23 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen

[Xen-devel] [PATCH v2 8/8] x86/vvmx: fix I/O and MSR bitmaps mapping

reasons, Xen maps bitmaps only: 1. During the first nested vmentry 2. After L1 has changed an appropriate vmcs field 3. After nvmx_purge_vvmcs() was previously called Signed-off-by: Sergey Dyasli --- v2: - slight commit message change --- xen/arch/x86/hvm/vmx/vvmx.c | 105

[Xen-devel] [PATCH v2 4/8] x86/vvmx: correct vmfail() usage for vmptrld and vmclear

Calling vmfail_valid() is correct only if vvmcx is valid. Modify functions to use vmfail() instead which performs the necessary check. While at it, add ASSERTs into vmfail_valid/invalid() to quickly catch an incorrect usage in the future. Signed-off-by: Sergey Dyasli --- v2: - Added ASSERTs

[Xen-devel] [PATCH v2 1/8] x86/vvmx: introduce nvmx_vcpu_preinit()

And call it during vmx_vcpu_initialise(). This allows to safely use vvmx functions that rely on the values inside struct nestedvmx and struct nestedvcpu, independently of the nested virtualisation (HVM_PARAM_NESTEDHVM) status of a domain. Signed-off-by: Sergey Dyasli --- v2: - new patch --- xen

[Xen-devel] [PATCH v2 3/8] x86/vvmx: add VMX_INSN_INVEPT_INVVPID_INVALID_OP errno

And use it in nvmx_handle_invept() and nvmx_handle_invvpid(). Signed-off-by: Sergey Dyasli --- v2: - new patch --- xen/arch/x86/hvm/vmx/vvmx.c| 4 ++-- xen/include/asm-x86/hvm/vmx/vmcs.h | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b

[Xen-devel] [PATCH v2 7/8] x86/vvmx: correctly report vvmcs size

The size of Xen's virtual vmcs region is 4096 bytes (see comment about Virtual VMCS layout in include/asm-x86/hvm/vmx/vvmx.h). Correctly report it to the guest in case when VMCS shadowing is not available instead of providing H/W value (which is usually smaller). Signed-off-by: Sergey Dyasli

[Xen-devel] [PATCH v3 1/8] x86/nestedhvm: init nv_vvmcxaddr in hvm_vcpu_initialise()

This allows to safely use nestedhvm functions that rely on the values inside struct nestedvcpu independently of the nested virtualisation (HVM_PARAM_NESTEDHVM) status of a domain. Signed-off-by: Sergey Dyasli --- v3: - new patch --- xen/arch/x86/hvm/hvm.c | 2 ++ 1 file changed, 2 insertions

[Xen-devel] [PATCH v3 2/8] x86/nestedhvm: introduce vvmcx_valid()

As a convenient helper function and refactor the code to use it. No functional change. Signed-off-by: Sergey Dyasli Reviewed-by: Boris Ostrovsky Reviewed-by: Wei Liu Reviewed-by: Kevin Tian --- CC: Boris Ostrovsky CC: Suravee Suthikulpanit CC: Brian Woods v3: - Added R-by v2: - Use

[Xen-devel] [PATCH v3 3/8] x86/vvmx: add VMX_INSN_INVEPT_INVVPID_INVALID_OP errno

And use it in nvmx_handle_invept() and nvmx_handle_invvpid(). Signed-off-by: Sergey Dyasli Acked-by: Kevin Tian --- v3: - Added Acked-by v2: - new patch --- xen/arch/x86/hvm/vmx/vvmx.c| 4 ++-- xen/include/asm-x86/hvm/vmx/vmcs.h | 1 + 2 files changed, 3 insertions(+), 2 deletions

[Xen-devel] [PATCH v3 6/8] x86/vvmx: refactor nvmx_handle_vmclear()

-off-by: Sergey Dyasli Acked-by: Kevin Tian --- v3: - Added Acked-by v2: - Removal of enum vmx_ops_result and refactoring --- xen/arch/x86/hvm/vmx/vvmx.c| 52 +- xen/include/asm-x86/hvm/vmx/vmcs.h | 1 + 2 files changed, 30 insertions(+), 23 deletions(-) diff

[Xen-devel] [PATCH v3 5/8] x86/vvmx: add VMX_INSN_VMPTRLD_WITH_VMXON_PTR errno

And make nvmx_handle_vmptrld() return the new errno in case the provided address is the same as vmxon region address. While at it, correct the return value for not-4KB-aligned case. Signed-off-by: Sergey Dyasli Acked-by: Kevin Tian --- v3: - no changes v2: - Added Acked-by --- xen/arch/x86

[Xen-devel] [PATCH v3 8/8] x86/vvmx: fix I/O and MSR bitmaps mapping

reasons, Xen maps bitmaps only: 1. During the first nested vmentry 2. After L1 has changed an appropriate vmcs field 3. After nvmx_purge_vvmcs() was previously called Signed-off-by: Sergey Dyasli Acked-by: Kevin Tian --- v3: - Added Acked-by v2: - slight commit message change

[Xen-devel] [PATCH v3 4/8] x86/vvmx: correct vmfail() usage for vmptrld and vmclear

Calling vmfail_valid() is correct only if vvmcx is valid. Modify functions to use vmfail() instead which performs the necessary check. While at it, add ASSERTs into vmfail_valid/invalid() to quickly catch an incorrect usage in the future. Signed-off-by: Sergey Dyasli Acked-by: Kevin Tian

[Xen-devel] [PATCH v3 0/8] x86/vvmx: various fixes

These were found by running nested VMX tests from kvm-unit-tests. v3: - Removed 1/8 "x86/vvmx: introduce nvmx_vcpu_preinit()" - Added 1/8 "x86/nestedhvm: init nv_vvmcxaddr in hvm_vcpu_initialise()" - Added R-by and Acked-by to other patches Sergey Dyasli (8): x86/nestedhv

[Xen-devel] [PATCH v3 7/8] x86/vvmx: correctly report vvmcs size

The size of Xen's virtual vmcs region is 4096 bytes (see comment about Virtual VMCS layout in include/asm-x86/hvm/vmx/vvmx.h). Correctly report it to the guest in case when VMCS shadowing is not available instead of providing H/W value (which is usually smaller). Signed-off-by: Sergey Dyasli

[Xen-devel] [PATCH trivial] mm/page_alloc: fix a typo in printk for idle scrub

Signed-off-by: Sergey Dyasli --- CC: Jan Beulich CC: Wei Liu --- xen/common/page_alloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c index 88d1637247..08ee8cfbb9 100644 --- a/xen/common/page_alloc.c +++ b/xen/common

Re: [Xen-devel] [PATCH v2] mm/page_alloc: make bootscrub happen in idle-loop

On 08/11/2018 15:18, Roger Pau Monné wrote: > On Thu, Nov 08, 2018 at 02:48:40PM +0000, Sergey Dyasli wrote: >> (CCing Roger) >> >> On 08/11/2018 11:07, Andrew Cooper wrote: >>> On 08/11/18 10:31, Jan Beulich wrote: >>>>>>> On 07.11.18 at 19:20,

Re: [Xen-devel] [PATCH v3] mm/page_alloc: make bootscrub happen in idle-loop

On 07/11/2018 12:17, Wei Liu wrote: > On Wed, Nov 07, 2018 at 11:11:49AM +0000, Sergey Dyasli wrote: >> Scrubbing RAM during boot may take a long time on machines with lots >> of RAM. Add 'idle' option to bootscrub which marks all pages dirty >> initially so they will e

[Xen-devel] [PATCH v2] mm/page_alloc: make bootscrub happen in idle-loop

scrubbing during allocation (unless MEMF_no_scrub was provided). Use the new 'idle' option as the default one. Signed-off-by: Sergey Dyasli --- v1 --> v2: - dropped comment about performance - changed default to 'idle' - changed type of opt_bootscrub to enum - restored __initdata for opt_bootsc

[Xen-devel] [PATCH] mm/page_alloc: always scrub pages given to the allocator

to return scrubbed pages to a caller unless MEMF_no_scrub flag was provided. Signed-off-by: Sergey Dyasli --- CC: Andrew Cooper CC: Boris Ostrovsky CC: George Dunlap CC: Jan Beulich CC: Julien Grall CC: Tim Deegan --- docs/misc/xen-command-line.markdown | 3 ++- xen/common/page_alloc.c

Re: [Xen-devel] [PATCH] mm/page_alloc: always scrub pages given to the allocator

On Mon, 2018-10-01 at 14:54 +0100, George Dunlap wrote: > On 10/01/2018 02:44 PM, Sergey Dyasli wrote: > > On Mon, 2018-10-01 at 07:38 -0600, Jan Beulich wrote: > > > > > > On 01.10.18 at 15:12, wrote: > > > > > > > > On 01/10/18 12:13, Jan

Re: [Xen-devel] [PATCH] mm/page_alloc: always scrub pages given to the allocator

On Mon, 2018-10-01 at 07:38 -0600, Jan Beulich wrote: > > > > On 01.10.18 at 15:12, wrote: > > > > On 01/10/18 12:13, Jan Beulich wrote: > > > > > > On 01.10.18 at 11:58, wrote: > > > > > > > > Having the allocator return unscrubbed pages is a potential security > > > > concern: some domain

Re: [Xen-devel] [PATCH] mm/page_alloc: always scrub pages given to the allocator

On 01/10/18 12:13, Jan Beulich wrote: On 01.10.18 at 11:58, wrote: >> Having the allocator return unscrubbed pages is a potential security >> concern: some domain can be given pages with memory contents of another >> domain. This may happen, for example, if a domain voluntarily releases >>

Re: [Xen-devel] [PATCH] mm/page_alloc: always scrub pages given to the allocator

On Mon, 2018-10-01 at 07:38 -0600, Jan Beulich wrote: > > > > On 01.10.18 at 15:12, wrote: > > > > On 01/10/18 12:13, Jan Beulich wrote: > > > > > > On 01.10.18 at 11:58, wrote: > > > > > > > > Having the allocator return unscrubbed pages is a potential security > > > > concern: some domain

[Xen-devel] [PATCH] mm/page_alloc: add bootscrub=idle cmdline option

that the allocator will return scrubbed pages by doing eager scrubbing during allocation (unless MEMF_no_scrub was provided). Signed-off-by: Sergey Dyasli --- CC: Andrew Cooper CC: Boris Ostrovsky CC: George Dunlap CC: Jan Beulich CC: Julien Grall CC: Tim Deegan --- docs/misc/xen-command-line.markdown

Re: [Xen-devel] [PATCH] mm: make opt_bootscrub non-init

; https://bugs.llvm.org/show_bug.cgi?id=39707 > > I haven't been able to find any other instances of such conditional > expression that uses system_state together with an init variable or > function. > > Signed-off-by: Roger Pau Monné Reviewed-by: Sergey Dyas

Re: [Xen-devel] [PATCH v3] tools: set Dom0 UUID if requested

les changed, 47 insertions(+), 6 deletions(-) Reviewed-by: Sergey Dyasli Thanks ___ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel

Re: [Xen-devel] [PATCH v1] x86/dom0: use MEMF_no_scrub for Dom0 RAM allocation

On 20/11/2018 17:16, Jan Beulich wrote: On 20.11.18 at 18:00, wrote: >> Now that idle scrub is the default option, all memory is marked as dirty >> and alloc_domheap_pages() will do eager scrubbing by default. This can >> lead to longer Dom0 construction and potentially to a watchdog

[Xen-devel] [PATCH v2] x86/dom0: use MEMF_no_scrub during Dom0 construction

this process since there is little point in scrubbing memory for Dom0. Signed-off-by: Sergey Dyasli --- v2: - use MEMF_no_scrub in more calls CC: Jan Beulich CC: Andrew Cooper CC: Wei Liu CC: "Roger Pau Monné" --- xen/arch/x86/hvm/dom0_build.c | 2 +- xen/arch/x86/pv/dom0_bui

[Xen-devel] [PATCH v1] x86/dom0: use MEMF_no_scrub for Dom0 RAM allocation

this process since there is little point in scrubbing memory for Dom0 RAM. Signed-off-by: Sergey Dyasli --- CC: Jan Beulich CC: Andrew Cooper CC: Wei Liu CC: "Roger Pau Monné" --- xen/arch/x86/hvm/dom0_build.c | 2 +- xen/arch/x86/pv/dom0_build.c | 5 +++-- 2 files changed, 4 insert

[Xen-devel] [PATCH v1 0/2] Fix Broadwell microcode update after idle-scrub was added

This issue was discovered during internal testing. Sergey Dyasli (2): system_state: introduce SYS_STATE_smp_booted common/page_alloc: don't idle-scrub before microcode update xen/arch/arm/setup.c | 6 ++ xen/arch/x86/setup.c | 4 xen/common/page_alloc.c | 7 +++ xen

[Xen-devel] [PATCH v1 1/2] system_state: introduce SYS_STATE_smp_booted

The new state means that all secondary CPUs are up. On x86 this also means that a microcode was (potentially) updated on all CPUs. On ARM side of things, additionally set system_state to SYS_STATE_smp_boot just before bringing up secondary CPUs. Signed-off-by: Sergey Dyasli --- xen/arch/arm

[Xen-devel] [PATCH v1 2/2] common/page_alloc: don't idle-scrub before microcode update

11 to 0x1e, d€  Prevent this situation by disabling idle scrubbing until SYS_STATE_smp_booted is reached. Signed-off-by: Sergey Dyasli --- xen/arch/arm/setup.c| 2 ++ xen/arch/x86/setup.c| 2 ++ xen/common/page_alloc.c | 7 +++ 3 files changed, 11 insertions(+)

Re: [Xen-devel] [PATCH v1 2/2] common/page_alloc: don't idle-scrub before microcode update

On 27/11/2018 10:15, Jan Beulich wrote: >>>> On 27.11.18 at 11:10, wrote: >> Hi, >> >> On 11/27/18 10:00 AM, Sergey Dyasli wrote: >>> Some x86 CPUs has errata regarding microcode updates. The most notorious >>> is Broadwell's BDX90: "Loading

Re: [Xen-devel] [PATCH v1 1/2] system_state: introduce SYS_STATE_smp_booted

On 27/11/2018 10:22, Jan Beulich wrote: On 27.11.18 at 11:00, wrote: >> The new state means that all secondary CPUs are up. On x86 this also >> means that a microcode was (potentially) updated on all CPUs. > > I'm slightly concerned by such an x86 specific: Could we settle on > a more

[Xen-devel] [PATCH v1] mm/page_alloc: fix MEMF_no_dma allocations for single NUMA

; in Xen's cmdline manually. Fix the issue by initialising dma_bitsize even on single NUMA machines. Signed-off-by: Sergey Dyasli --- CC: Andrew Cooper CC: Jan Beulich CC: Julien Grall CC: Wei Liu CC: Boris Ostrovsky CC: George Dunlap CC: Roger Pau Monné --- xen/common/page_alloc.c | 2

Re: [Xen-devel] [PATCH v1] mm/page_alloc: fix MEMF_no_dma allocations for single NUMA

On 07/01/2019 12:05, Jan Beulich wrote: On 07.01.19 at 12:27, wrote: >> Currently dma_bitsize is zero by default on single NUMA node machines. >> This makes all alloc_domheap_pages() calls with MEMF_no_dma return NULL. >> >> There is only 1 user of MEMF_no_dma: dom0_memflags, which are used

[Xen-devel] [PATCH v2] mm/page_alloc: fix MEMF_no_dma allocations for single NUMA

; in Xen's cmdline manually. Fix the issue by ignoring MEMF_no_dma in cases when dma_bitsize is zero, which means there is no DMA zone. This shouldn't cause any issues for Dom0 because alloc_heap_pages() will first use higher memory addresses for satisfying memory allocation requests. Signed-off-

Re: [Xen-devel] [PATCH v3 3/3] x86: Clean up the Xen MSR infrastructure

On Wed, 2018-09-12 at 11:23 +0100, Andrew Cooper wrote: > On 12/09/18 10:46, Sergey Dyasli wrote: > > On Wed, 2018-09-12 at 10:12 +0100, Andrew Cooper wrote: > > > On 12/09/18 09:29, Sergey Dyasli wrote: > > > > On Tue, 2018-09-11 at 19:56 +0100, Andrew Coope

Re: [Xen-devel] [PATCH v4 1/3] x86/msr: Dispatch Xen and Viridian MSRs from guest_{wr, rd}msr()

eviewed-by: Kevin Tian > Reviewed-by: Paul Durrant > --- > CC: Jan Beulich > CC: Wei Liu > CC: Roger Pau Monné > CC: Sergey Dyasli > > v3: > * Split out of previous series. Retain appropriate R-by's > v4: > * Retain switch() for interpretin

Re: [Xen-devel] [PATCH v3 3/3] x86: Clean up the Xen MSR infrastructure

86EMUL_* return values. > > Signed-off-by: Andrew Cooper > --- > CC: Jan Beulich > CC: Wei Liu > CC: Roger Pau Monné > CC: Sergey Dyasli > > v3: > * Clean up after splitting the series. > --- > xen/arch/x86/msr.c

  1   2   3   >