xref: /linux/arch/x86/kvm/vmx/capabilities.h (revision ed5c2f5fd10dda07263f79f338a512c0f49f76f5)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef __KVM_X86_VMX_CAPS_H
3 #define __KVM_X86_VMX_CAPS_H
4 
5 #include <asm/vmx.h>
6 
7 #include "../lapic.h"
8 #include "../x86.h"
9 #include "../pmu.h"
10 #include "../cpuid.h"
11 
12 extern bool __read_mostly enable_vpid;
13 extern bool __read_mostly flexpriority_enabled;
14 extern bool __read_mostly enable_ept;
15 extern bool __read_mostly enable_unrestricted_guest;
16 extern bool __read_mostly enable_ept_ad_bits;
17 extern bool __read_mostly enable_pml;
18 extern bool __read_mostly enable_ipiv;
19 extern int __read_mostly pt_mode;
20 
21 #define PT_MODE_SYSTEM		0
22 #define PT_MODE_HOST_GUEST	1
23 
24 #define PMU_CAP_FW_WRITES	(1ULL << 13)
25 #define PMU_CAP_LBR_FMT		0x3f
26 
27 #define DEBUGCTLMSR_LBR_MASK		(DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI)
28 
29 struct nested_vmx_msrs {
30 	/*
31 	 * We only store the "true" versions of the VMX capability MSRs. We
32 	 * generate the "non-true" versions by setting the must-be-1 bits
33 	 * according to the SDM.
34 	 */
35 	u32 procbased_ctls_low;
36 	u32 procbased_ctls_high;
37 	u32 secondary_ctls_low;
38 	u32 secondary_ctls_high;
39 	u32 pinbased_ctls_low;
40 	u32 pinbased_ctls_high;
41 	u32 exit_ctls_low;
42 	u32 exit_ctls_high;
43 	u32 entry_ctls_low;
44 	u32 entry_ctls_high;
45 	u32 misc_low;
46 	u32 misc_high;
47 	u32 ept_caps;
48 	u32 vpid_caps;
49 	u64 basic;
50 	u64 cr0_fixed0;
51 	u64 cr0_fixed1;
52 	u64 cr4_fixed0;
53 	u64 cr4_fixed1;
54 	u64 vmcs_enum;
55 	u64 vmfunc_controls;
56 };
57 
58 struct vmcs_config {
59 	int size;
60 	u32 basic_cap;
61 	u32 revision_id;
62 	u32 pin_based_exec_ctrl;
63 	u32 cpu_based_exec_ctrl;
64 	u32 cpu_based_2nd_exec_ctrl;
65 	u64 cpu_based_3rd_exec_ctrl;
66 	u32 vmexit_ctrl;
67 	u32 vmentry_ctrl;
68 	struct nested_vmx_msrs nested;
69 };
70 extern struct vmcs_config vmcs_config;
71 
72 struct vmx_capability {
73 	u32 ept;
74 	u32 vpid;
75 };
76 extern struct vmx_capability vmx_capability;
77 
78 static inline bool cpu_has_vmx_basic_inout(void)
79 {
80 	return	(((u64)vmcs_config.basic_cap << 32) & VMX_BASIC_INOUT);
81 }
82 
83 static inline bool cpu_has_virtual_nmis(void)
84 {
85 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS;
86 }
87 
88 static inline bool cpu_has_vmx_preemption_timer(void)
89 {
90 	return vmcs_config.pin_based_exec_ctrl &
91 		PIN_BASED_VMX_PREEMPTION_TIMER;
92 }
93 
94 static inline bool cpu_has_vmx_posted_intr(void)
95 {
96 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR;
97 }
98 
99 static inline bool cpu_has_load_ia32_efer(void)
100 {
101 	return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_EFER;
102 }
103 
104 static inline bool cpu_has_load_perf_global_ctrl(void)
105 {
106 	return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL;
107 }
108 
109 static inline bool cpu_has_vmx_mpx(void)
110 {
111 	return vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_BNDCFGS;
112 }
113 
114 static inline bool cpu_has_vmx_tpr_shadow(void)
115 {
116 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW;
117 }
118 
119 static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu)
120 {
121 	return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu);
122 }
123 
124 static inline bool cpu_has_vmx_msr_bitmap(void)
125 {
126 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS;
127 }
128 
129 static inline bool cpu_has_secondary_exec_ctrls(void)
130 {
131 	return vmcs_config.cpu_based_exec_ctrl &
132 		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
133 }
134 
135 static inline bool cpu_has_tertiary_exec_ctrls(void)
136 {
137 	return vmcs_config.cpu_based_exec_ctrl &
138 		CPU_BASED_ACTIVATE_TERTIARY_CONTROLS;
139 }
140 
141 static inline bool cpu_has_vmx_virtualize_apic_accesses(void)
142 {
143 	return vmcs_config.cpu_based_2nd_exec_ctrl &
144 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
145 }
146 
147 static inline bool cpu_has_vmx_ept(void)
148 {
149 	return vmcs_config.cpu_based_2nd_exec_ctrl &
150 		SECONDARY_EXEC_ENABLE_EPT;
151 }
152 
153 static inline bool vmx_umip_emulated(void)
154 {
155 	return vmcs_config.cpu_based_2nd_exec_ctrl &
156 		SECONDARY_EXEC_DESC;
157 }
158 
159 static inline bool cpu_has_vmx_rdtscp(void)
160 {
161 	return vmcs_config.cpu_based_2nd_exec_ctrl &
162 		SECONDARY_EXEC_ENABLE_RDTSCP;
163 }
164 
165 static inline bool cpu_has_vmx_virtualize_x2apic_mode(void)
166 {
167 	return vmcs_config.cpu_based_2nd_exec_ctrl &
168 		SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE;
169 }
170 
171 static inline bool cpu_has_vmx_vpid(void)
172 {
173 	return vmcs_config.cpu_based_2nd_exec_ctrl &
174 		SECONDARY_EXEC_ENABLE_VPID;
175 }
176 
177 static inline bool cpu_has_vmx_wbinvd_exit(void)
178 {
179 	return vmcs_config.cpu_based_2nd_exec_ctrl &
180 		SECONDARY_EXEC_WBINVD_EXITING;
181 }
182 
183 static inline bool cpu_has_vmx_unrestricted_guest(void)
184 {
185 	return vmcs_config.cpu_based_2nd_exec_ctrl &
186 		SECONDARY_EXEC_UNRESTRICTED_GUEST;
187 }
188 
189 static inline bool cpu_has_vmx_apic_register_virt(void)
190 {
191 	return vmcs_config.cpu_based_2nd_exec_ctrl &
192 		SECONDARY_EXEC_APIC_REGISTER_VIRT;
193 }
194 
195 static inline bool cpu_has_vmx_virtual_intr_delivery(void)
196 {
197 	return vmcs_config.cpu_based_2nd_exec_ctrl &
198 		SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
199 }
200 
201 static inline bool cpu_has_vmx_ple(void)
202 {
203 	return vmcs_config.cpu_based_2nd_exec_ctrl &
204 		SECONDARY_EXEC_PAUSE_LOOP_EXITING;
205 }
206 
207 static inline bool cpu_has_vmx_rdrand(void)
208 {
209 	return vmcs_config.cpu_based_2nd_exec_ctrl &
210 		SECONDARY_EXEC_RDRAND_EXITING;
211 }
212 
213 static inline bool cpu_has_vmx_invpcid(void)
214 {
215 	return vmcs_config.cpu_based_2nd_exec_ctrl &
216 		SECONDARY_EXEC_ENABLE_INVPCID;
217 }
218 
219 static inline bool cpu_has_vmx_vmfunc(void)
220 {
221 	return vmcs_config.cpu_based_2nd_exec_ctrl &
222 		SECONDARY_EXEC_ENABLE_VMFUNC;
223 }
224 
225 static inline bool cpu_has_vmx_shadow_vmcs(void)
226 {
227 	u64 vmx_msr;
228 
229 	/* check if the cpu supports writing r/o exit information fields */
230 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
231 	if (!(vmx_msr & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS))
232 		return false;
233 
234 	return vmcs_config.cpu_based_2nd_exec_ctrl &
235 		SECONDARY_EXEC_SHADOW_VMCS;
236 }
237 
238 static inline bool cpu_has_vmx_encls_vmexit(void)
239 {
240 	return vmcs_config.cpu_based_2nd_exec_ctrl &
241 		SECONDARY_EXEC_ENCLS_EXITING;
242 }
243 
244 static inline bool cpu_has_vmx_rdseed(void)
245 {
246 	return vmcs_config.cpu_based_2nd_exec_ctrl &
247 		SECONDARY_EXEC_RDSEED_EXITING;
248 }
249 
250 static inline bool cpu_has_vmx_pml(void)
251 {
252 	return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML;
253 }
254 
255 static inline bool cpu_has_vmx_xsaves(void)
256 {
257 	return vmcs_config.cpu_based_2nd_exec_ctrl &
258 		SECONDARY_EXEC_XSAVES;
259 }
260 
261 static inline bool cpu_has_vmx_waitpkg(void)
262 {
263 	return vmcs_config.cpu_based_2nd_exec_ctrl &
264 		SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE;
265 }
266 
267 static inline bool cpu_has_vmx_tsc_scaling(void)
268 {
269 	return vmcs_config.cpu_based_2nd_exec_ctrl &
270 		SECONDARY_EXEC_TSC_SCALING;
271 }
272 
273 static inline bool cpu_has_vmx_bus_lock_detection(void)
274 {
275 	return vmcs_config.cpu_based_2nd_exec_ctrl &
276 	    SECONDARY_EXEC_BUS_LOCK_DETECTION;
277 }
278 
279 static inline bool cpu_has_vmx_apicv(void)
280 {
281 	return cpu_has_vmx_apic_register_virt() &&
282 		cpu_has_vmx_virtual_intr_delivery() &&
283 		cpu_has_vmx_posted_intr();
284 }
285 
286 static inline bool cpu_has_vmx_ipiv(void)
287 {
288 	return vmcs_config.cpu_based_3rd_exec_ctrl & TERTIARY_EXEC_IPI_VIRT;
289 }
290 
291 static inline bool cpu_has_vmx_flexpriority(void)
292 {
293 	return cpu_has_vmx_tpr_shadow() &&
294 		cpu_has_vmx_virtualize_apic_accesses();
295 }
296 
297 static inline bool cpu_has_vmx_ept_execute_only(void)
298 {
299 	return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT;
300 }
301 
302 static inline bool cpu_has_vmx_ept_4levels(void)
303 {
304 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT;
305 }
306 
307 static inline bool cpu_has_vmx_ept_5levels(void)
308 {
309 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_5_BIT;
310 }
311 
312 static inline bool cpu_has_vmx_ept_mt_wb(void)
313 {
314 	return vmx_capability.ept & VMX_EPTP_WB_BIT;
315 }
316 
317 static inline bool cpu_has_vmx_ept_2m_page(void)
318 {
319 	return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT;
320 }
321 
322 static inline bool cpu_has_vmx_ept_1g_page(void)
323 {
324 	return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT;
325 }
326 
327 static inline int ept_caps_to_lpage_level(u32 ept_caps)
328 {
329 	if (ept_caps & VMX_EPT_1GB_PAGE_BIT)
330 		return PG_LEVEL_1G;
331 	if (ept_caps & VMX_EPT_2MB_PAGE_BIT)
332 		return PG_LEVEL_2M;
333 	return PG_LEVEL_4K;
334 }
335 
336 static inline bool cpu_has_vmx_ept_ad_bits(void)
337 {
338 	return vmx_capability.ept & VMX_EPT_AD_BIT;
339 }
340 
341 static inline bool cpu_has_vmx_invept_context(void)
342 {
343 	return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT;
344 }
345 
346 static inline bool cpu_has_vmx_invept_global(void)
347 {
348 	return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT;
349 }
350 
351 static inline bool cpu_has_vmx_invvpid(void)
352 {
353 	return vmx_capability.vpid & VMX_VPID_INVVPID_BIT;
354 }
355 
356 static inline bool cpu_has_vmx_invvpid_individual_addr(void)
357 {
358 	return vmx_capability.vpid & VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT;
359 }
360 
361 static inline bool cpu_has_vmx_invvpid_single(void)
362 {
363 	return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT;
364 }
365 
366 static inline bool cpu_has_vmx_invvpid_global(void)
367 {
368 	return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT;
369 }
370 
371 static inline bool cpu_has_vmx_intel_pt(void)
372 {
373 	u64 vmx_msr;
374 
375 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
376 	return (vmx_msr & MSR_IA32_VMX_MISC_INTEL_PT) &&
377 		(vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) &&
378 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL);
379 }
380 
381 /*
382  * Processor Trace can operate in one of three modes:
383  *  a. system-wide: trace both host/guest and output to host buffer
384  *  b. host-only:   only trace host and output to host buffer
385  *  c. host-guest:  trace host and guest simultaneously and output to their
386  *                  respective buffer
387  *
388  * KVM currently only supports (a) and (c).
389  */
390 static inline bool vmx_pt_mode_is_system(void)
391 {
392 	return pt_mode == PT_MODE_SYSTEM;
393 }
394 static inline bool vmx_pt_mode_is_host_guest(void)
395 {
396 	return pt_mode == PT_MODE_HOST_GUEST;
397 }
398 
399 static inline bool vmx_pebs_supported(void)
400 {
401 	return boot_cpu_has(X86_FEATURE_PEBS) && kvm_pmu_cap.pebs_ept;
402 }
403 
404 static inline u64 vmx_get_perf_capabilities(void)
405 {
406 	u64 perf_cap = PMU_CAP_FW_WRITES;
407 	u64 host_perf_cap = 0;
408 
409 	if (!enable_pmu)
410 		return 0;
411 
412 	if (boot_cpu_has(X86_FEATURE_PDCM))
413 		rdmsrl(MSR_IA32_PERF_CAPABILITIES, host_perf_cap);
414 
415 	perf_cap |= host_perf_cap & PMU_CAP_LBR_FMT;
416 
417 	if (vmx_pebs_supported()) {
418 		perf_cap |= host_perf_cap & PERF_CAP_PEBS_MASK;
419 		if ((perf_cap & PERF_CAP_PEBS_FORMAT) < 4)
420 			perf_cap &= ~PERF_CAP_PEBS_BASELINE;
421 	}
422 
423 	return perf_cap;
424 }
425 
426 static inline u64 vmx_supported_debugctl(void)
427 {
428 	u64 debugctl = 0;
429 
430 	if (boot_cpu_has(X86_FEATURE_BUS_LOCK_DETECT))
431 		debugctl |= DEBUGCTLMSR_BUS_LOCK_DETECT;
432 
433 	if (vmx_get_perf_capabilities() & PMU_CAP_LBR_FMT)
434 		debugctl |= DEBUGCTLMSR_LBR_MASK;
435 
436 	return debugctl;
437 }
438 
439 static inline bool cpu_has_notify_vmexit(void)
440 {
441 	return vmcs_config.cpu_based_2nd_exec_ctrl &
442 		SECONDARY_EXEC_NOTIFY_VM_EXITING;
443 }
444 
445 #endif /* __KVM_X86_VMX_CAPS_H */
446