xref: /linux/arch/x86/kvm/vmx/capabilities.h (revision e1914add2799225a87502051415fc5c32aeb02ae) 
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef __KVM_X86_VMX_CAPS_H
3 #define __KVM_X86_VMX_CAPS_H
4 
5 #include <asm/vmx.h>
6 
7 #include "../lapic.h"
8 #include "../x86.h"
9 #include "../pmu.h"
10 #include "../cpuid.h"
11 
12 extern bool __read_mostly enable_vpid;
13 extern bool __read_mostly flexpriority_enabled;
14 extern bool __read_mostly enable_ept;
15 extern bool __read_mostly enable_unrestricted_guest;
16 extern bool __read_mostly enable_ept_ad_bits;
17 extern bool __read_mostly enable_cet;
18 extern bool __read_mostly enable_pml;
19 extern int __read_mostly pt_mode;
20 
21 #define PT_MODE_SYSTEM		0
22 #define PT_MODE_HOST_GUEST	1
23 
24 struct nested_vmx_msrs {
25 	/*
26 	 * We only store the "true" versions of the VMX capability MSRs. We
27 	 * generate the "non-true" versions by setting the must-be-1 bits
28 	 * according to the SDM.
29 	 */
30 	u32 procbased_ctls_low;
31 	u32 procbased_ctls_high;
32 	u32 secondary_ctls_low;
33 	u32 secondary_ctls_high;
34 	u32 pinbased_ctls_low;
35 	u32 pinbased_ctls_high;
36 	u32 exit_ctls_low;
37 	u32 exit_ctls_high;
38 	u32 entry_ctls_low;
39 	u32 entry_ctls_high;
40 	u32 misc_low;
41 	u32 misc_high;
42 	u32 ept_caps;
43 	u32 vpid_caps;
44 	u64 basic;
45 	u64 cr0_fixed0;
46 	u64 cr0_fixed1;
47 	u64 cr4_fixed0;
48 	u64 cr4_fixed1;
49 	u64 vmcs_enum;
50 	u64 vmfunc_controls;
51 };
52 
53 struct vmcs_config {
54 	u64 basic;
55 	u32 pin_based_exec_ctrl;
56 	u32 cpu_based_exec_ctrl;
57 	u32 cpu_based_2nd_exec_ctrl;
58 	u64 cpu_based_3rd_exec_ctrl;
59 	u32 vmexit_ctrl;
60 	u32 vmentry_ctrl;
61 	u64 misc;
62 	struct nested_vmx_msrs nested;
63 };
64 extern struct vmcs_config vmcs_config __ro_after_init;
65 
66 struct vmx_capability {
67 	u32 ept;
68 	u32 vpid;
69 };
70 extern struct vmx_capability vmx_capability __ro_after_init;
71 
cpu_has_vmx_basic_inout(void)72 static inline bool cpu_has_vmx_basic_inout(void)
73 {
74 	return	vmcs_config.basic & VMX_BASIC_INOUT;
75 }
76 
cpu_has_vmx_basic_no_hw_errcode_cc(void)77 static inline bool cpu_has_vmx_basic_no_hw_errcode_cc(void)
78 {
79 	return	vmcs_config.basic & VMX_BASIC_NO_HW_ERROR_CODE_CC;
80 }
81 
cpu_has_virtual_nmis(void)82 static inline bool cpu_has_virtual_nmis(void)
83 {
84 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS &&
85 	       vmcs_config.cpu_based_exec_ctrl & CPU_BASED_NMI_WINDOW_EXITING;
86 }
87 
cpu_has_vmx_preemption_timer(void)88 static inline bool cpu_has_vmx_preemption_timer(void)
89 {
90 	return vmcs_config.pin_based_exec_ctrl &
91 		PIN_BASED_VMX_PREEMPTION_TIMER;
92 }
93 
cpu_has_vmx_posted_intr(void)94 static inline bool cpu_has_vmx_posted_intr(void)
95 {
96 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR;
97 }
98 
cpu_has_load_ia32_efer(void)99 static inline bool cpu_has_load_ia32_efer(void)
100 {
101 	return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_EFER;
102 }
103 
cpu_has_load_perf_global_ctrl(void)104 static inline bool cpu_has_load_perf_global_ctrl(void)
105 {
106 	return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL;
107 }
108 
cpu_has_load_cet_ctrl(void)109 static inline bool cpu_has_load_cet_ctrl(void)
110 {
111 	return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_CET_STATE;
112 }
113 
cpu_has_save_perf_global_ctrl(void)114 static inline bool cpu_has_save_perf_global_ctrl(void)
115 {
116 	return vmcs_config.vmexit_ctrl & VM_EXIT_SAVE_IA32_PERF_GLOBAL_CTRL;
117 }
118 
cpu_has_vmx_mpx(void)119 static inline bool cpu_has_vmx_mpx(void)
120 {
121 	return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_BNDCFGS;
122 }
123 
cpu_has_vmx_tpr_shadow(void)124 static inline bool cpu_has_vmx_tpr_shadow(void)
125 {
126 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW;
127 }
128 
cpu_need_tpr_shadow(struct kvm_vcpu * vcpu)129 static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu)
130 {
131 	return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu);
132 }
133 
cpu_has_vmx_msr_bitmap(void)134 static inline bool cpu_has_vmx_msr_bitmap(void)
135 {
136 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS;
137 }
138 
cpu_has_secondary_exec_ctrls(void)139 static inline bool cpu_has_secondary_exec_ctrls(void)
140 {
141 	return vmcs_config.cpu_based_exec_ctrl &
142 		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
143 }
144 
cpu_has_tertiary_exec_ctrls(void)145 static inline bool cpu_has_tertiary_exec_ctrls(void)
146 {
147 	return vmcs_config.cpu_based_exec_ctrl &
148 		CPU_BASED_ACTIVATE_TERTIARY_CONTROLS;
149 }
150 
cpu_has_vmx_virtualize_apic_accesses(void)151 static inline bool cpu_has_vmx_virtualize_apic_accesses(void)
152 {
153 	return vmcs_config.cpu_based_2nd_exec_ctrl &
154 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
155 }
156 
cpu_has_vmx_ept(void)157 static inline bool cpu_has_vmx_ept(void)
158 {
159 	return vmcs_config.cpu_based_2nd_exec_ctrl &
160 		SECONDARY_EXEC_ENABLE_EPT;
161 }
162 
vmx_umip_emulated(void)163 static inline bool vmx_umip_emulated(void)
164 {
165 	return !boot_cpu_has(X86_FEATURE_UMIP) &&
166 	       (vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_DESC);
167 }
168 
cpu_has_vmx_rdtscp(void)169 static inline bool cpu_has_vmx_rdtscp(void)
170 {
171 	return vmcs_config.cpu_based_2nd_exec_ctrl &
172 		SECONDARY_EXEC_ENABLE_RDTSCP;
173 }
174 
cpu_has_vmx_virtualize_x2apic_mode(void)175 static inline bool cpu_has_vmx_virtualize_x2apic_mode(void)
176 {
177 	return vmcs_config.cpu_based_2nd_exec_ctrl &
178 		SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE;
179 }
180 
cpu_has_vmx_vpid(void)181 static inline bool cpu_has_vmx_vpid(void)
182 {
183 	return vmcs_config.cpu_based_2nd_exec_ctrl &
184 		SECONDARY_EXEC_ENABLE_VPID;
185 }
186 
cpu_has_vmx_wbinvd_exit(void)187 static inline bool cpu_has_vmx_wbinvd_exit(void)
188 {
189 	return vmcs_config.cpu_based_2nd_exec_ctrl &
190 		SECONDARY_EXEC_WBINVD_EXITING;
191 }
192 
cpu_has_vmx_unrestricted_guest(void)193 static inline bool cpu_has_vmx_unrestricted_guest(void)
194 {
195 	return vmcs_config.cpu_based_2nd_exec_ctrl &
196 		SECONDARY_EXEC_UNRESTRICTED_GUEST;
197 }
198 
cpu_has_vmx_apic_register_virt(void)199 static inline bool cpu_has_vmx_apic_register_virt(void)
200 {
201 	return vmcs_config.cpu_based_2nd_exec_ctrl &
202 		SECONDARY_EXEC_APIC_REGISTER_VIRT;
203 }
204 
cpu_has_vmx_virtual_intr_delivery(void)205 static inline bool cpu_has_vmx_virtual_intr_delivery(void)
206 {
207 	return vmcs_config.cpu_based_2nd_exec_ctrl &
208 		SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
209 }
210 
cpu_has_vmx_ple(void)211 static inline bool cpu_has_vmx_ple(void)
212 {
213 	return vmcs_config.cpu_based_2nd_exec_ctrl &
214 		SECONDARY_EXEC_PAUSE_LOOP_EXITING;
215 }
216 
cpu_has_vmx_rdrand(void)217 static inline bool cpu_has_vmx_rdrand(void)
218 {
219 	return vmcs_config.cpu_based_2nd_exec_ctrl &
220 		SECONDARY_EXEC_RDRAND_EXITING;
221 }
222 
cpu_has_vmx_invpcid(void)223 static inline bool cpu_has_vmx_invpcid(void)
224 {
225 	return vmcs_config.cpu_based_2nd_exec_ctrl &
226 		SECONDARY_EXEC_ENABLE_INVPCID;
227 }
228 
cpu_has_vmx_vmfunc(void)229 static inline bool cpu_has_vmx_vmfunc(void)
230 {
231 	return vmcs_config.cpu_based_2nd_exec_ctrl &
232 		SECONDARY_EXEC_ENABLE_VMFUNC;
233 }
234 
cpu_has_vmx_shadow_vmcs(void)235 static inline bool cpu_has_vmx_shadow_vmcs(void)
236 {
237 	/* check if the cpu supports writing r/o exit information fields */
238 	if (!(vmcs_config.misc & VMX_MISC_VMWRITE_SHADOW_RO_FIELDS))
239 		return false;
240 
241 	return vmcs_config.cpu_based_2nd_exec_ctrl &
242 		SECONDARY_EXEC_SHADOW_VMCS;
243 }
244 
cpu_has_vmx_encls_vmexit(void)245 static inline bool cpu_has_vmx_encls_vmexit(void)
246 {
247 	return vmcs_config.cpu_based_2nd_exec_ctrl &
248 		SECONDARY_EXEC_ENCLS_EXITING;
249 }
250 
cpu_has_vmx_rdseed(void)251 static inline bool cpu_has_vmx_rdseed(void)
252 {
253 	return vmcs_config.cpu_based_2nd_exec_ctrl &
254 		SECONDARY_EXEC_RDSEED_EXITING;
255 }
256 
cpu_has_vmx_pml(void)257 static inline bool cpu_has_vmx_pml(void)
258 {
259 	return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML;
260 }
261 
cpu_has_vmx_xsaves(void)262 static inline bool cpu_has_vmx_xsaves(void)
263 {
264 	return vmcs_config.cpu_based_2nd_exec_ctrl &
265 		SECONDARY_EXEC_ENABLE_XSAVES;
266 }
267 
cpu_has_vmx_waitpkg(void)268 static inline bool cpu_has_vmx_waitpkg(void)
269 {
270 	return vmcs_config.cpu_based_2nd_exec_ctrl &
271 		SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE;
272 }
273 
cpu_has_vmx_tsc_scaling(void)274 static inline bool cpu_has_vmx_tsc_scaling(void)
275 {
276 	return vmcs_config.cpu_based_2nd_exec_ctrl &
277 		SECONDARY_EXEC_TSC_SCALING;
278 }
279 
cpu_has_vmx_bus_lock_detection(void)280 static inline bool cpu_has_vmx_bus_lock_detection(void)
281 {
282 	return vmcs_config.cpu_based_2nd_exec_ctrl &
283 	    SECONDARY_EXEC_BUS_LOCK_DETECTION;
284 }
285 
cpu_has_vmx_apicv(void)286 static inline bool cpu_has_vmx_apicv(void)
287 {
288 	return cpu_has_vmx_apic_register_virt() &&
289 		cpu_has_vmx_virtual_intr_delivery() &&
290 		cpu_has_vmx_posted_intr();
291 }
292 
cpu_has_vmx_ipiv(void)293 static inline bool cpu_has_vmx_ipiv(void)
294 {
295 	return vmcs_config.cpu_based_3rd_exec_ctrl & TERTIARY_EXEC_IPI_VIRT;
296 }
297 
cpu_has_vmx_flexpriority(void)298 static inline bool cpu_has_vmx_flexpriority(void)
299 {
300 	return cpu_has_vmx_tpr_shadow() &&
301 		cpu_has_vmx_virtualize_apic_accesses();
302 }
303 
cpu_has_vmx_ept_execute_only(void)304 static inline bool cpu_has_vmx_ept_execute_only(void)
305 {
306 	return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT;
307 }
308 
cpu_has_vmx_ept_4levels(void)309 static inline bool cpu_has_vmx_ept_4levels(void)
310 {
311 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT;
312 }
313 
cpu_has_vmx_ept_5levels(void)314 static inline bool cpu_has_vmx_ept_5levels(void)
315 {
316 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_5_BIT;
317 }
318 
cpu_has_vmx_ept_mt_wb(void)319 static inline bool cpu_has_vmx_ept_mt_wb(void)
320 {
321 	return vmx_capability.ept & VMX_EPTP_WB_BIT;
322 }
323 
cpu_has_vmx_ept_2m_page(void)324 static inline bool cpu_has_vmx_ept_2m_page(void)
325 {
326 	return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT;
327 }
328 
cpu_has_vmx_ept_1g_page(void)329 static inline bool cpu_has_vmx_ept_1g_page(void)
330 {
331 	return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT;
332 }
333 
ept_caps_to_lpage_level(u32 ept_caps)334 static inline int ept_caps_to_lpage_level(u32 ept_caps)
335 {
336 	if (ept_caps & VMX_EPT_1GB_PAGE_BIT)
337 		return PG_LEVEL_1G;
338 	if (ept_caps & VMX_EPT_2MB_PAGE_BIT)
339 		return PG_LEVEL_2M;
340 	return PG_LEVEL_4K;
341 }
342 
cpu_has_vmx_ept_ad_bits(void)343 static inline bool cpu_has_vmx_ept_ad_bits(void)
344 {
345 	return vmx_capability.ept & VMX_EPT_AD_BIT;
346 }
347 
cpu_has_vmx_invept_context(void)348 static inline bool cpu_has_vmx_invept_context(void)
349 {
350 	return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT;
351 }
352 
cpu_has_vmx_invept_global(void)353 static inline bool cpu_has_vmx_invept_global(void)
354 {
355 	return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT;
356 }
357 
cpu_has_vmx_invvpid(void)358 static inline bool cpu_has_vmx_invvpid(void)
359 {
360 	return vmx_capability.vpid & VMX_VPID_INVVPID_BIT;
361 }
362 
cpu_has_vmx_invvpid_individual_addr(void)363 static inline bool cpu_has_vmx_invvpid_individual_addr(void)
364 {
365 	return vmx_capability.vpid & VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT;
366 }
367 
cpu_has_vmx_invvpid_single(void)368 static inline bool cpu_has_vmx_invvpid_single(void)
369 {
370 	return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT;
371 }
372 
cpu_has_vmx_invvpid_global(void)373 static inline bool cpu_has_vmx_invvpid_global(void)
374 {
375 	return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT;
376 }
377 
cpu_has_vmx_intel_pt(void)378 static inline bool cpu_has_vmx_intel_pt(void)
379 {
380 	return (vmcs_config.misc & VMX_MISC_INTEL_PT) &&
381 		(vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) &&
382 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL);
383 }
384 
385 /*
386  * Processor Trace can operate in one of three modes:
387  *  a. system-wide: trace both host/guest and output to host buffer
388  *  b. host-only:   only trace host and output to host buffer
389  *  c. host-guest:  trace host and guest simultaneously and output to their
390  *                  respective buffer
391  *
392  * KVM currently only supports (a) and (c).
393  */
vmx_pt_mode_is_system(void)394 static inline bool vmx_pt_mode_is_system(void)
395 {
396 	return pt_mode == PT_MODE_SYSTEM;
397 }
vmx_pt_mode_is_host_guest(void)398 static inline bool vmx_pt_mode_is_host_guest(void)
399 {
400 	return pt_mode == PT_MODE_HOST_GUEST;
401 }
402 
vmx_pebs_supported(void)403 static inline bool vmx_pebs_supported(void)
404 {
405 	return boot_cpu_has(X86_FEATURE_PEBS) && kvm_pmu_cap.pebs_ept &&
406 	       !enable_mediated_pmu;
407 }
408 
cpu_has_notify_vmexit(void)409 static inline bool cpu_has_notify_vmexit(void)
410 {
411 	return vmcs_config.cpu_based_2nd_exec_ctrl &
412 		SECONDARY_EXEC_NOTIFY_VM_EXITING;
413 }
414 
415 #endif /* __KVM_X86_VMX_CAPS_H */
416