Migrate to new vmx.h's secondary execution controls, which makes it easier to grok from one code base to another. No functional change intended. Signed-off-by: Jon Kohler --- x86/vmx.c | 6 +- x86/vmx.h | 20 +---- x86/vmx_tests.c | 220 ++++++++++++++++++++++++++++-------------------- 3 files changed, 136 insertions(+), 110 deletions(-) diff --git a/x86/vmx.c b/x86/vmx.c index f3368a4a..dc52efa7 100644 --- a/x86/vmx.c +++ b/x86/vmx.c @@ -1300,7 +1300,8 @@ static void init_vmx_caps(void) ctrl_cpu_rev[1].val = rdmsr(MSR_IA32_VMX_PROCBASED_CTLS2); else ctrl_cpu_rev[1].val = 0; - if ((ctrl_cpu_rev[1].clr & (CPU_EPT | CPU_VPID)) != 0) + if ((ctrl_cpu_rev[1].clr & + (SECONDARY_EXEC_ENABLE_EPT | SECONDARY_EXEC_ENABLE_VPID)) != 0) ept_vpid.val = rdmsr(MSR_IA32_VMX_EPT_VPID_CAP); else ept_vpid.val = 0; @@ -1607,7 +1608,8 @@ static void test_vmx_caps(void) "MSR_IA32_VMX_BASIC"); val = rdmsr(MSR_IA32_VMX_MISC); - report((!(ctrl_cpu_rev[1].clr & CPU_URG) || val & (1ul << 5)) && + report((!(ctrl_cpu_rev[1].clr & + SECONDARY_EXEC_UNRESTRICTED_GUEST) || val & (1ul << 5)) && ((val >> 16) & 0x1ff) <= 256 && (val & 0x80007e00) == 0, "MSR_IA32_VMX_MISC"); diff --git a/x86/vmx.h b/x86/vmx.h index 16332247..36e784a7 100644 --- a/x86/vmx.h +++ b/x86/vmx.h @@ -435,24 +435,6 @@ enum Ctrl_pin { PIN_POST_INTR = 1ul << 7, }; -enum Ctrl1 { - CPU_VIRT_APIC_ACCESSES = 1ul << 0, - CPU_EPT = 1ul << 1, - CPU_DESC_TABLE = 1ul << 2, - CPU_RDTSCP = 1ul << 3, - CPU_VIRT_X2APIC = 1ul << 4, - CPU_VPID = 1ul << 5, - CPU_WBINVD = 1ul << 6, - CPU_URG = 1ul << 7, - CPU_APIC_REG_VIRT = 1ul << 8, - CPU_VINTD = 1ul << 9, - CPU_RDRAND = 1ul << 11, - CPU_SHADOW_VMCS = 1ul << 14, - CPU_RDSEED = 1ul << 16, - CPU_PML = 1ul << 17, - CPU_USE_TSC_SCALING = 1ul << 25, -}; - enum Intr_type { VMX_INTR_TYPE_EXT_INTR = 0, VMX_INTR_TYPE_NMI_INTR = 2, @@ -686,7 +668,7 @@ static inline bool is_invept_type_supported(u64 type) static inline bool is_vpid_supported(void) { return (ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && - (ctrl_cpu_rev[1].clr & CPU_VPID); + (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_VPID); } static inline bool is_invvpid_supported(void) diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c index f092c22d..ba50f2ee 100644 --- a/x86/vmx_tests.c +++ b/x86/vmx_tests.c @@ -909,17 +909,27 @@ static struct insn_table insn_table[] = { 0, 0, 0, this_cpu_has_mwait}, {"PAUSE", CPU_BASED_PAUSE_EXITING, insn_pause, INSN_CPU0, 40, 0, 0, 0}, // Flags for Secondary Processor-Based VM-Execution Controls - {"WBINVD", CPU_WBINVD, insn_wbinvd, INSN_CPU1, 54, 0, 0, 0}, - {"DESC_TABLE (SGDT)", CPU_DESC_TABLE, insn_sgdt, INSN_CPU1, 46, 0, 0, 0}, - {"DESC_TABLE (LGDT)", CPU_DESC_TABLE, insn_lgdt, INSN_CPU1, 46, 0, 0, 0}, - {"DESC_TABLE (SIDT)", CPU_DESC_TABLE, insn_sidt, INSN_CPU1, 46, 0, 0, 0}, - {"DESC_TABLE (LIDT)", CPU_DESC_TABLE, insn_lidt, INSN_CPU1, 46, 0, 0, 0}, - {"DESC_TABLE (SLDT)", CPU_DESC_TABLE, insn_sldt, INSN_CPU1, 47, 0, 0, 0}, - {"DESC_TABLE (LLDT)", CPU_DESC_TABLE, insn_lldt, INSN_CPU1, 47, 0, 0, 0}, - {"DESC_TABLE (STR)", CPU_DESC_TABLE, insn_str, INSN_CPU1, 47, 0, 0, 0}, + {"WBINVD", SECONDARY_EXEC_WBINVD_EXITING, insn_wbinvd, INSN_CPU1, 54, + 0, 0, 0}, + {"DESC_TABLE (SGDT)", SECONDARY_EXEC_DESC, insn_sgdt, INSN_CPU1, 46, + 0, 0, 0}, + {"DESC_TABLE (LGDT)", SECONDARY_EXEC_DESC, insn_lgdt, INSN_CPU1, 46, + 0, 0, 0}, + {"DESC_TABLE (SIDT)", SECONDARY_EXEC_DESC, insn_sidt, INSN_CPU1, 46, + 0, 0, 0}, + {"DESC_TABLE (LIDT)", SECONDARY_EXEC_DESC, insn_lidt, INSN_CPU1, 46, + 0, 0, 0}, + {"DESC_TABLE (SLDT)", SECONDARY_EXEC_DESC, insn_sldt, INSN_CPU1, 47, + 0, 0, 0}, + {"DESC_TABLE (LLDT)", SECONDARY_EXEC_DESC, insn_lldt, INSN_CPU1, 47, + 0, 0, 0}, + {"DESC_TABLE (STR)", SECONDARY_EXEC_DESC, insn_str, INSN_CPU1, 47, + 0, 0, 0}, /* LTR causes a #GP if done with a busy selector, so it is not tested. */ - {"RDRAND", CPU_RDRAND, insn_rdrand, INSN_CPU1, VMX_RDRAND, 0, 0, 0}, - {"RDSEED", CPU_RDSEED, insn_rdseed, INSN_CPU1, VMX_RDSEED, 0, 0, 0}, + {"RDRAND", SECONDARY_EXEC_RDRAND_EXITING, insn_rdrand, INSN_CPU1, + VMX_RDRAND, 0, 0, 0}, + {"RDSEED", SECONDARY_EXEC_RDSEED_EXITING, insn_rdseed, INSN_CPU1, + VMX_RDSEED, 0, 0, 0}, // Instructions always trap {"CPUID", 0, insn_cpuid, INSN_ALWAYS_TRAP, 10, 0, 0, 0}, {"INVD", 0, insn_invd, INSN_ALWAYS_TRAP, 13, 0, 0, 0}, @@ -1052,7 +1062,7 @@ static int insn_intercept_exit_handler(union exit_reason exit_reason) static int __setup_ept(u64 hpa, bool enable_ad) { if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || - !(ctrl_cpu_rev[1].clr & CPU_EPT)) { + !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_EPT)) { printf("\tEPT is not supported\n"); return 1; } @@ -1077,7 +1087,8 @@ static int __setup_ept(u64 hpa, bool enable_ad) vmcs_write(EPTP, eptp); vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); - vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1)| CPU_EPT); + vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | + SECONDARY_EXEC_ENABLE_EPT); return 0; } @@ -1131,8 +1142,8 @@ static void setup_dummy_ept(void) static int enable_unrestricted_guest(bool need_valid_ept) { if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || - !(ctrl_cpu_rev[1].clr & CPU_URG) || - !(ctrl_cpu_rev[1].clr & CPU_EPT)) + !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_UNRESTRICTED_GUEST) || + !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_EPT)) return 1; if (need_valid_ept) @@ -1142,7 +1153,8 @@ static int enable_unrestricted_guest(bool need_valid_ept) vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); - vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | CPU_URG); + vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | + SECONDARY_EXEC_UNRESTRICTED_GUEST); return 0; } @@ -1550,7 +1562,7 @@ static int pml_init(struct vmcs *vmcs) return r; if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || - !(ctrl_cpu_rev[1].clr & CPU_PML)) { + !(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_PML)) { printf("\tPML is not supported"); return VMX_TEST_EXIT; } @@ -1559,7 +1571,7 @@ static int pml_init(struct vmcs *vmcs) vmcs_write(PMLADDR, (u64)pml_log); vmcs_write(GUEST_PML_INDEX, PML_INDEX - 1); - ctrl_cpu = vmcs_read(CPU_EXEC_CTRL1) | CPU_PML; + ctrl_cpu = vmcs_read(CPU_EXEC_CTRL1) | SECONDARY_EXEC_ENABLE_PML; vmcs_write(CPU_EXEC_CTRL1, ctrl_cpu); return VMX_TEST_START; @@ -2104,7 +2116,7 @@ static int disable_rdtscp_init(struct vmcs *vmcs) if (ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) { ctrl_cpu1 = vmcs_read(CPU_EXEC_CTRL1); - ctrl_cpu1 &= ~CPU_RDTSCP; + ctrl_cpu1 &= ~SECONDARY_EXEC_ENABLE_RDTSCP; vmcs_write(CPU_EXEC_CTRL1, ctrl_cpu1); } @@ -3885,7 +3897,8 @@ static void test_apic_access_addr(void) vmcs_write(APIC_ACCS_ADDR, virt_to_phys(apic_access_page)); - test_vmcs_addr_reference(CPU_VIRT_APIC_ACCESSES, APIC_ACCS_ADDR, + test_vmcs_addr_reference(SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES, + APIC_ACCS_ADDR, "APIC-access address", "virtualize APIC-accesses", PAGE_SIZE, true, false); @@ -3896,9 +3909,9 @@ static bool set_bit_pattern(u8 mask, u32 *secondary) u8 i; bool flag = false; u32 test_bits[3] = { - CPU_VIRT_X2APIC, - CPU_APIC_REG_VIRT, - CPU_VINTD + SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE, + SECONDARY_EXEC_APIC_REGISTER_VIRT, + SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY }; for (i = 0; i < ARRAY_SIZE(test_bits); i++) { @@ -3948,7 +3961,9 @@ static void test_apic_virtual_ctls(void) while (1) { for (j = 1; j < 8; j++) { - secondary &= ~(CPU_VIRT_X2APIC | CPU_APIC_REG_VIRT | CPU_VINTD); + secondary &= ~(SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | + SECONDARY_EXEC_APIC_REGISTER_VIRT | + SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY); if (primary & CPU_BASED_TPR_SHADOW) { is_ctrl_valid = true; } else { @@ -3959,8 +3974,12 @@ static void test_apic_virtual_ctls(void) } vmcs_write(CPU_EXEC_CTRL1, secondary); - report_prefix_pushf("Use TPR shadow %s, virtualize x2APIC mode %s, APIC-register virtualization %s, virtual-interrupt delivery %s", - str, (secondary & CPU_VIRT_X2APIC) ? "enabled" : "disabled", (secondary & CPU_APIC_REG_VIRT) ? "enabled" : "disabled", (secondary & CPU_VINTD) ? "enabled" : "disabled"); + report_prefix_pushf( + "Use TPR shadow %s, virtualize x2APIC mode %s, APIC-register virtualization %s, virtual-interrupt delivery %s", + str, + (secondary & SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE) ? "enabled" : "disabled", + (secondary & SECONDARY_EXEC_APIC_REGISTER_VIRT) ? "enabled" : "disabled", + (secondary & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) ? "enabled" : "disabled"); if (is_ctrl_valid) test_vmx_valid_controls(); else @@ -3980,7 +3999,8 @@ static void test_apic_virtual_ctls(void) /* * Second test */ - u32 apic_virt_ctls = (CPU_VIRT_X2APIC | CPU_VIRT_APIC_ACCESSES); + u32 apic_virt_ctls = (SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES); primary = saved_primary; secondary = saved_secondary; @@ -3989,23 +4009,27 @@ static void test_apic_virtual_ctls(void) vmcs_write(CPU_EXEC_CTRL0, primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); - secondary &= ~CPU_VIRT_APIC_ACCESSES; - vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VIRT_X2APIC); + secondary &= ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; + vmcs_write(CPU_EXEC_CTRL1, + secondary & ~SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE); report_prefix_pushf("Virtualize x2APIC mode disabled; virtualize APIC access disabled"); test_vmx_valid_controls(); report_prefix_pop(); - vmcs_write(CPU_EXEC_CTRL1, secondary | CPU_VIRT_APIC_ACCESSES); + vmcs_write(CPU_EXEC_CTRL1, + secondary | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES); report_prefix_pushf("Virtualize x2APIC mode disabled; virtualize APIC access enabled"); test_vmx_valid_controls(); report_prefix_pop(); - vmcs_write(CPU_EXEC_CTRL1, secondary | CPU_VIRT_X2APIC); + vmcs_write(CPU_EXEC_CTRL1, + secondary | SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE); report_prefix_pushf("Virtualize x2APIC mode enabled; virtualize APIC access enabled"); test_vmx_invalid_controls(); report_prefix_pop(); - vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VIRT_APIC_ACCESSES); + vmcs_write(CPU_EXEC_CTRL1, + secondary & ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES); report_prefix_pushf("Virtualize x2APIC mode enabled; virtualize APIC access disabled"); test_vmx_valid_controls(); report_prefix_pop(); @@ -4028,20 +4052,22 @@ static void test_virtual_intr_ctls(void) u32 secondary = saved_secondary; u32 pin = saved_pin; - if (!((ctrl_cpu_rev[1].clr & CPU_VINTD) && + if (!((ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) && (ctrl_pin_rev.clr & PIN_EXTINT))) return; vmcs_write(CPU_EXEC_CTRL0, primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW); - vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VINTD); + vmcs_write(CPU_EXEC_CTRL1, + secondary & ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY); vmcs_write(PIN_CONTROLS, pin & ~PIN_EXTINT); report_prefix_pushf("Virtualize interrupt-delivery disabled; external-interrupt exiting disabled"); test_vmx_valid_controls(); report_prefix_pop(); - vmcs_write(CPU_EXEC_CTRL1, secondary | CPU_VINTD); + vmcs_write(CPU_EXEC_CTRL1, + secondary | SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY); report_prefix_pushf("Virtualize interrupt-delivery enabled; external-interrupt exiting disabled"); test_vmx_invalid_controls(); report_prefix_pop(); @@ -4099,7 +4125,7 @@ static void test_posted_intr(void) int i; if (!((ctrl_pin_rev.clr & PIN_POST_INTR) && - (ctrl_cpu_rev[1].clr & CPU_VINTD) && + (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) && (ctrl_exit_rev.clr & EXI_INTA))) return; @@ -4112,13 +4138,13 @@ static void test_posted_intr(void) */ pin |= PIN_POST_INTR; vmcs_write(PIN_CONTROLS, pin); - secondary &= ~CPU_VINTD; + secondary &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery disabled"); test_vmx_invalid_controls(); report_prefix_pop(); - secondary |= CPU_VINTD; + secondary |= SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled"); test_vmx_invalid_controls(); @@ -4136,13 +4162,13 @@ static void test_posted_intr(void) test_vmx_valid_controls(); report_prefix_pop(); - secondary &= ~CPU_VINTD; + secondary &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery disabled; acknowledge-interrupt-on-exit enabled"); test_vmx_invalid_controls(); report_prefix_pop(); - secondary |= CPU_VINTD; + secondary |= SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled; acknowledge-interrupt-on-exit enabled"); test_vmx_valid_controls(); @@ -4223,13 +4249,15 @@ static void test_vpid(void) vmcs_write(CPU_EXEC_CTRL0, saved_primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); - vmcs_write(CPU_EXEC_CTRL1, saved_secondary & ~CPU_VPID); + vmcs_write(CPU_EXEC_CTRL1, + saved_secondary & ~SECONDARY_EXEC_ENABLE_VPID); vmcs_write(VPID, vpid); report_prefix_pushf("VPID disabled; VPID value %x", vpid); test_vmx_valid_controls(); report_prefix_pop(); - vmcs_write(CPU_EXEC_CTRL1, saved_secondary | CPU_VPID); + vmcs_write(CPU_EXEC_CTRL1, + saved_secondary | SECONDARY_EXEC_ENABLE_VPID); report_prefix_pushf("VPID enabled; VPID value %x", vpid); test_vmx_invalid_controls(); report_prefix_pop(); @@ -4259,7 +4287,8 @@ static void try_tpr_threshold_and_vtpr(unsigned threshold, unsigned vtpr) if ((primary & CPU_BASED_TPR_SHADOW) && (!(primary & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || - !(secondary & (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)))) + !(secondary & (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)))) valid = (threshold & 0xf) <= ((vtpr >> 4) & 0xf); set_vtpr(vtpr); @@ -4352,7 +4381,7 @@ static void test_invalid_event_injection(void) /* Assert that unrestricted guest is disabled or unsupported */ assert(!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || - !(secondary_save & CPU_URG)); + !(secondary_save & SECONDARY_EXEC_UNRESTRICTED_GUEST)); ent_intr_info = ent_intr_info_base | INTR_TYPE_HARD_EXCEPTION | GP_VECTOR; @@ -4593,7 +4622,7 @@ static void try_tpr_threshold(unsigned threshold) if ((primary & CPU_BASED_TPR_SHADOW) && !((primary & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && - (secondary & CPU_VINTD))) + (secondary & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY))) valid = !(threshold >> 4); set_vtpr(-1); @@ -4667,12 +4696,14 @@ static void test_tpr_threshold(void) report_prefix_pop(); if (!((ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && - (ctrl_cpu_rev[1].clr & (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)))) + (ctrl_cpu_rev[1].clr & (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)))) goto out; u32 secondary = vmcs_read(CPU_EXEC_CTRL1); - if (ctrl_cpu_rev[1].clr & CPU_VINTD) { - vmcs_write(CPU_EXEC_CTRL1, CPU_VINTD); + if (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) { + vmcs_write(CPU_EXEC_CTRL1, + SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY); report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses disabled"); test_tpr_threshold_values(); report_prefix_pop(); @@ -4685,11 +4716,12 @@ static void test_tpr_threshold(void) report_prefix_pop(); } - if (ctrl_cpu_rev[1].clr & CPU_VIRT_APIC_ACCESSES) { + if (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES) { vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) & ~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); - vmcs_write(CPU_EXEC_CTRL1, CPU_VIRT_APIC_ACCESSES); + vmcs_write(CPU_EXEC_CTRL1, + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES); report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled"); test_tpr_threshold_values(); report_prefix_pop(); @@ -4703,13 +4735,14 @@ static void test_tpr_threshold(void) } if ((ctrl_cpu_rev[1].clr & - (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)) == - (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)) { + (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) == + (SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) { vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) & ~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, - CPU_VINTD | CPU_VIRT_APIC_ACCESSES); + SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES); report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled"); test_tpr_threshold_values(); report_prefix_pop(); @@ -4961,29 +4994,30 @@ static void test_ept_eptp(void) report_prefix_pop(); } - secondary &= ~(CPU_EPT | CPU_URG); + secondary &= ~(SECONDARY_EXEC_ENABLE_EPT | + SECONDARY_EXEC_UNRESTRICTED_GUEST); vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("Enable-EPT disabled, unrestricted-guest disabled"); test_vmx_valid_controls(); report_prefix_pop(); - if (!(ctrl_cpu_rev[1].clr & CPU_URG)) + if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_UNRESTRICTED_GUEST)) goto skip_unrestricted_guest; - secondary |= CPU_URG; + secondary |= SECONDARY_EXEC_UNRESTRICTED_GUEST; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("Enable-EPT disabled, unrestricted-guest enabled"); test_vmx_invalid_controls(); report_prefix_pop(); - secondary |= CPU_EPT; + secondary |= SECONDARY_EXEC_ENABLE_EPT; setup_dummy_ept(); report_prefix_pushf("Enable-EPT enabled, unrestricted-guest enabled"); test_vmx_valid_controls(); report_prefix_pop(); skip_unrestricted_guest: - secondary &= ~CPU_URG; + secondary &= ~SECONDARY_EXEC_UNRESTRICTED_GUEST; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("Enable-EPT enabled, unrestricted-guest disabled"); test_vmx_valid_controls(); @@ -5013,38 +5047,40 @@ static void test_pml(void) u32 secondary = secondary_saved; if (!((ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && - (ctrl_cpu_rev[1].clr & CPU_EPT) && (ctrl_cpu_rev[1].clr & CPU_PML))) { + (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_EPT) && + (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_ENABLE_PML))) { report_skip("%s : \"Secondary execution\" or \"enable EPT\" or \"enable PML\" control not supported", __func__); return; } primary |= CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; vmcs_write(CPU_EXEC_CTRL0, primary); - secondary &= ~(CPU_PML | CPU_EPT); + secondary &= ~(SECONDARY_EXEC_ENABLE_PML | SECONDARY_EXEC_ENABLE_EPT); vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("enable-PML disabled, enable-EPT disabled"); test_vmx_valid_controls(); report_prefix_pop(); - secondary |= CPU_PML; + secondary |= SECONDARY_EXEC_ENABLE_PML; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("enable-PML enabled, enable-EPT disabled"); test_vmx_invalid_controls(); report_prefix_pop(); - secondary |= CPU_EPT; + secondary |= SECONDARY_EXEC_ENABLE_EPT; setup_dummy_ept(); report_prefix_pushf("enable-PML enabled, enable-EPT enabled"); test_vmx_valid_controls(); report_prefix_pop(); - secondary &= ~CPU_PML; + secondary &= ~SECONDARY_EXEC_ENABLE_PML; vmcs_write(CPU_EXEC_CTRL1, secondary); report_prefix_pushf("enable-PML disabled, enable EPT enabled"); test_vmx_valid_controls(); report_prefix_pop(); - test_vmcs_addr_reference(CPU_PML, PMLADDR, "PML address", "PML", + test_vmcs_addr_reference(SECONDARY_EXEC_ENABLE_PML, + PMLADDR, "PML address", "PML", PAGE_SIZE, false, false); vmcs_write(CPU_EXEC_CTRL0, primary_saved); @@ -5297,13 +5333,14 @@ static void vmx_mtf_pdpte_test(void) return; } - if (!(ctrl_cpu_rev[1].clr & CPU_URG)) { + if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_UNRESTRICTED_GUEST)) { report_skip("%s : \"Unrestricted guest\" exec control not supported", __func__); return; } vmcs_write(EXC_BITMAP, ~0); - vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | CPU_URG); + vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | + SECONDARY_EXEC_UNRESTRICTED_GUEST); /* * Copy the guest code to an identity-mapped page. @@ -6205,13 +6242,13 @@ static enum Config_type configure_apic_reg_virt_test( } if (apic_reg_virt_config->virtualize_apic_accesses) { - if (!(ctrl_cpu_rev[1].clr & CPU_VIRT_APIC_ACCESSES)) { + if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES)) { printf("VM-execution control \"virtualize APIC accesses\" NOT supported.\n"); return CONFIG_TYPE_UNSUPPORTED; } - cpu_exec_ctrl1 |= CPU_VIRT_APIC_ACCESSES; + cpu_exec_ctrl1 |= SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; } else { - cpu_exec_ctrl1 &= ~CPU_VIRT_APIC_ACCESSES; + cpu_exec_ctrl1 &= ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; } if (apic_reg_virt_config->use_tpr_shadow) { @@ -6225,23 +6262,23 @@ static enum Config_type configure_apic_reg_virt_test( } if (apic_reg_virt_config->apic_register_virtualization) { - if (!(ctrl_cpu_rev[1].clr & CPU_APIC_REG_VIRT)) { + if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_APIC_REGISTER_VIRT)) { printf("VM-execution control \"APIC-register virtualization\" NOT supported.\n"); return CONFIG_TYPE_UNSUPPORTED; } - cpu_exec_ctrl1 |= CPU_APIC_REG_VIRT; + cpu_exec_ctrl1 |= SECONDARY_EXEC_APIC_REGISTER_VIRT; } else { - cpu_exec_ctrl1 &= ~CPU_APIC_REG_VIRT; + cpu_exec_ctrl1 &= ~SECONDARY_EXEC_APIC_REGISTER_VIRT; } if (apic_reg_virt_config->virtualize_x2apic_mode) { - if (!(ctrl_cpu_rev[1].clr & CPU_VIRT_X2APIC)) { + if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE)) { printf("VM-execution control \"virtualize x2APIC mode\" NOT supported.\n"); return CONFIG_TYPE_UNSUPPORTED; } - cpu_exec_ctrl1 |= CPU_VIRT_X2APIC; + cpu_exec_ctrl1 |= SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; } else { - cpu_exec_ctrl1 &= ~CPU_VIRT_X2APIC; + cpu_exec_ctrl1 &= ~SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; } vmcs_write(CPU_EXEC_CTRL0, cpu_exec_ctrl0); @@ -6255,8 +6292,8 @@ static enum Config_type configure_apic_reg_virt_test( static bool cpu_has_apicv(void) { - return ((ctrl_cpu_rev[1].clr & CPU_APIC_REG_VIRT) && - (ctrl_cpu_rev[1].clr & CPU_VINTD) && + return ((ctrl_cpu_rev[1].clr & SECONDARY_EXEC_APIC_REGISTER_VIRT) && + (ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) && (ctrl_pin_rev.clr & PIN_POST_INTR)); } @@ -6277,7 +6314,7 @@ static void apic_reg_virt_test(void) } control = cpu_exec_ctrl1; - control &= ~CPU_VINTD; + control &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; vmcs_write(CPU_EXEC_CTRL1, control); test_set_guest(apic_reg_virt_guest); @@ -7004,13 +7041,13 @@ static enum Config_type configure_virt_x2apic_mode_test( } if (virt_x2apic_mode_config->virtual_interrupt_delivery) { - if (!(ctrl_cpu_rev[1].clr & CPU_VINTD)) { + if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY)) { report_skip("%s : \"virtual-interrupt delivery\" exec control not supported", __func__); return CONFIG_TYPE_UNSUPPORTED; } - cpu_exec_ctrl1 |= CPU_VINTD; + cpu_exec_ctrl1 |= SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; } else { - cpu_exec_ctrl1 &= ~CPU_VINTD; + cpu_exec_ctrl1 &= ~SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; } vmcs_write(CPU_EXEC_CTRL0, cpu_exec_ctrl0); @@ -8089,7 +8126,7 @@ static void test_guest_segment_sel_fields(void) cpu_ctrl1_saved = vmcs_read(CPU_EXEC_CTRL1); ar_saved = vmcs_read(GUEST_AR_SS); /* Turn off "unrestricted guest" vm-execution control */ - vmcs_write(CPU_EXEC_CTRL1, cpu_ctrl1_saved & ~CPU_URG); + vmcs_write(CPU_EXEC_CTRL1, cpu_ctrl1_saved & ~SECONDARY_EXEC_UNRESTRICTED_GUEST); cs_rpl_bits = vmcs_read(GUEST_SEL_CS) & 0x3; sel_saved = vmcs_read(GUEST_SEL_SS); TEST_INVALID_SEG_SEL(GUEST_SEL_SS, ((sel_saved & ~0x3) | (~cs_rpl_bits & 0x3))); @@ -8302,13 +8339,17 @@ static void vmentry_unrestricted_guest_test(void) test_set_guest(unrestricted_guest_main); setup_unrestricted_guest(); - test_guest_state("Unrestricted guest test", false, CPU_URG, "CPU_URG"); + test_guest_state("Unrestricted guest test", false, + SECONDARY_EXEC_UNRESTRICTED_GUEST, + "SECONDARY_EXEC_UNRESTRICTED_GUEST"); /* * Let the guest finish execution as a regular guest */ unsetup_unrestricted_guest(); - vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) & ~CPU_URG); + vmcs_write(CPU_EXEC_CTRL1, + vmcs_read(CPU_EXEC_CTRL1) & + ~SECONDARY_EXEC_UNRESTRICTED_GUEST); enter_guest(); } @@ -9538,7 +9579,8 @@ static void enable_vid(void) vmcs_set_bits(CPU_EXEC_CTRL0, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW); - vmcs_set_bits(CPU_EXEC_CTRL1, CPU_VINTD | CPU_VIRT_X2APIC); + vmcs_set_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | + SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE); } #define PI_VECTOR 255 @@ -10395,7 +10437,7 @@ static void vmx_vmcs_shadow_test(void) return; } - if (!(ctrl_cpu_rev[1].clr & CPU_SHADOW_VMCS)) { + if (!(ctrl_cpu_rev[1].clr & SECONDARY_EXEC_SHADOW_VMCS)) { report_skip("%s : \"VMCS shadowing\" not supported", __func__); return; } @@ -10421,7 +10463,7 @@ static void vmx_vmcs_shadow_test(void) vmcs_clear_bits(CPU_EXEC_CTRL0, CPU_BASED_RDTSC_EXITING); vmcs_set_bits(CPU_EXEC_CTRL0, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); - vmcs_set_bits(CPU_EXEC_CTRL1, CPU_SHADOW_VMCS); + vmcs_set_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_SHADOW_VMCS); vmcs_write(VMCS_LINK_PTR, virt_to_phys(shadow)); report_prefix_push("valid link pointer"); @@ -10475,7 +10517,7 @@ static void rdtsc_vmexit_diff_test_guest(void) static unsigned long long host_time_to_guest_time(unsigned long long t) { TEST_ASSERT(!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || - !(vmcs_read(CPU_EXEC_CTRL1) & CPU_USE_TSC_SCALING)); + !(vmcs_read(CPU_EXEC_CTRL1) & SECONDARY_EXEC_TSC_SCALING)); if (vmcs_read(CPU_EXEC_CTRL0) & CPU_BASED_USE_TSC_OFFSETTING) t += vmcs_read(TSC_OFFSET); @@ -10783,7 +10825,7 @@ static void invalidate_tlb_no_vpid(void *data) static void vmx_pf_no_vpid_test(void) { if (is_vpid_supported()) - vmcs_clear_bits(CPU_EXEC_CTRL1, CPU_VPID); + vmcs_clear_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_ENABLE_VPID); __vmx_pf_exception_test(invalidate_tlb_no_vpid, NULL, vmx_pf_exception_test_guest); @@ -10820,7 +10862,7 @@ static void __vmx_pf_vpid_test(invalidate_tlb_t inv_fn, u16 vpid) test_skip("INVVPID unsupported"); vmcs_set_bits(CPU_EXEC_CTRL0, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); - vmcs_set_bits(CPU_EXEC_CTRL1, CPU_VPID); + vmcs_set_bits(CPU_EXEC_CTRL1, SECONDARY_EXEC_ENABLE_VPID); vmcs_write(VPID, vpid); __vmx_pf_exception_test(inv_fn, &vpid, vmx_pf_exception_test_guest); -- 2.43.0