Migrate to new vmx.h's secondary execution control bit 31, which makes it easier to grok from one code base to another. No functional change intended. Signed-off-by: Jon Kohler --- x86/vmx.c | 4 +- x86/vmx.h | 6 +-- x86/vmx_tests.c | 102 ++++++++++++++++++++++++++++-------------------- 3 files changed, 63 insertions(+), 49 deletions(-) diff --git a/x86/vmx.c b/x86/vmx.c index c1845cea..f3368a4a 100644 --- a/x86/vmx.c +++ b/x86/vmx.c @@ -1107,7 +1107,7 @@ static void init_vmcs_ctrl(void) vmcs_write(PIN_CONTROLS, ctrl_pin); /* Disable VMEXIT of IO instruction */ vmcs_write(CPU_EXEC_CTRL0, ctrl_cpu[0]); - if (ctrl_cpu_rev[0].set & CPU_SECONDARY) { + if (ctrl_cpu_rev[0].set & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) { ctrl_cpu[1] = (ctrl_cpu[1] | ctrl_cpu_rev[1].set) & ctrl_cpu_rev[1].clr; vmcs_write(CPU_EXEC_CTRL1, ctrl_cpu[1]); @@ -1296,7 +1296,7 @@ static void init_vmx_caps(void) : MSR_IA32_VMX_ENTRY_CTLS); ctrl_cpu_rev[0].val = rdmsr(basic_msr.ctrl ? MSR_IA32_VMX_TRUE_PROC : MSR_IA32_VMX_PROCBASED_CTLS); - if ((ctrl_cpu_rev[0].clr & CPU_SECONDARY) != 0) + if ((ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) != 0) ctrl_cpu_rev[1].val = rdmsr(MSR_IA32_VMX_PROCBASED_CTLS2); else ctrl_cpu_rev[1].val = 0; diff --git a/x86/vmx.h b/x86/vmx.h index a83d08b8..16332247 100644 --- a/x86/vmx.h +++ b/x86/vmx.h @@ -435,10 +435,6 @@ enum Ctrl_pin { PIN_POST_INTR = 1ul << 7, }; -enum Ctrl0 { - CPU_SECONDARY = 1ul << 31, -}; - enum Ctrl1 { CPU_VIRT_APIC_ACCESSES = 1ul << 0, CPU_EPT = 1ul << 1, @@ -689,7 +685,7 @@ static inline bool is_invept_type_supported(u64 type) static inline bool is_vpid_supported(void) { - return (ctrl_cpu_rev[0].clr & CPU_SECONDARY) && + return (ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && (ctrl_cpu_rev[1].clr & CPU_VPID); } diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c index 55d151a4..f092c22d 100644 --- a/x86/vmx_tests.c +++ b/x86/vmx_tests.c @@ -931,7 +931,7 @@ static int insn_intercept_init(struct vmcs *vmcs) { u32 ctrl_cpu, cur_insn; - ctrl_cpu = ctrl_cpu_rev[0].set | CPU_SECONDARY; + ctrl_cpu = ctrl_cpu_rev[0].set | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; ctrl_cpu &= ctrl_cpu_rev[0].clr; vmcs_write(CPU_EXEC_CTRL0, ctrl_cpu); vmcs_write(CPU_EXEC_CTRL1, ctrl_cpu_rev[1].set); @@ -1051,7 +1051,7 @@ static int insn_intercept_exit_handler(union exit_reason exit_reason) */ static int __setup_ept(u64 hpa, bool enable_ad) { - if (!(ctrl_cpu_rev[0].clr & CPU_SECONDARY) || + if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || !(ctrl_cpu_rev[1].clr & CPU_EPT)) { printf("\tEPT is not supported\n"); return 1; @@ -1075,7 +1075,8 @@ static int __setup_ept(u64 hpa, bool enable_ad) eptp |= VMX_EPTP_AD_ENABLE_BIT; vmcs_write(EPTP, eptp); - vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0)| CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) | + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1)| CPU_EPT); return 0; @@ -1129,7 +1130,7 @@ static void setup_dummy_ept(void) static int enable_unrestricted_guest(bool need_valid_ept) { - if (!(ctrl_cpu_rev[0].clr & CPU_SECONDARY) || + if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || !(ctrl_cpu_rev[1].clr & CPU_URG) || !(ctrl_cpu_rev[1].clr & CPU_EPT)) return 1; @@ -1139,7 +1140,8 @@ static int enable_unrestricted_guest(bool need_valid_ept) else setup_dummy_ept(); - vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) | CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, vmcs_read(CPU_EXEC_CTRL0) | + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, vmcs_read(CPU_EXEC_CTRL1) | CPU_URG); return 0; @@ -1547,7 +1549,7 @@ static int pml_init(struct vmcs *vmcs) if (r == VMX_TEST_EXIT) return r; - if (!(ctrl_cpu_rev[0].clr & CPU_SECONDARY) || + if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || !(ctrl_cpu_rev[1].clr & CPU_PML)) { printf("\tPML is not supported"); return VMX_TEST_EXIT; @@ -2100,7 +2102,7 @@ static int disable_rdtscp_init(struct vmcs *vmcs) { u32 ctrl_cpu1; - if (ctrl_cpu_rev[0].clr & CPU_SECONDARY) { + if (ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) { ctrl_cpu1 = vmcs_read(CPU_EXEC_CTRL1); ctrl_cpu1 &= ~CPU_RDTSCP; vmcs_write(CPU_EXEC_CTRL1, ctrl_cpu1); @@ -3643,13 +3645,14 @@ static void test_secondary_processor_based_ctls(void) u32 secondary; unsigned bit; - if (!(ctrl_cpu_rev[0].clr & CPU_SECONDARY)) + if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS)) return; primary = vmcs_read(CPU_EXEC_CTRL0); secondary = vmcs_read(CPU_EXEC_CTRL1); - vmcs_write(CPU_EXEC_CTRL0, primary | CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, primary | + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); printf("\nMSR_IA32_VMX_PROCBASED_CTLS2: %lx\n", ctrl_cpu_rev[1].val); for (bit = 0; bit < 32; bit++) test_rsvd_ctl_bit("secondary processor-based controls", @@ -3659,7 +3662,8 @@ static void test_secondary_processor_based_ctls(void) * When the "activate secondary controls" VM-execution control * is clear, there are no checks on the secondary controls. */ - vmcs_write(CPU_EXEC_CTRL0, primary & ~CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, + primary & ~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, ~0); report(vmlaunch(), "Secondary processor-based controls ignored"); @@ -3788,7 +3792,8 @@ static void test_vmcs_addr_reference(u32 control_bit, enum Encoding field, if (control_primary) { vmcs_write(CPU_EXEC_CTRL0, primary | control_bit); } else { - vmcs_write(CPU_EXEC_CTRL0, primary | CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, primary | + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, secondary | control_bit); } @@ -3800,7 +3805,8 @@ static void test_vmcs_addr_reference(u32 control_bit, enum Encoding field, if (control_primary) { vmcs_write(CPU_EXEC_CTRL0, primary & ~control_bit); } else { - vmcs_write(CPU_EXEC_CTRL0, primary & ~CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, + primary & ~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, secondary & ~control_bit); } @@ -3931,11 +3937,12 @@ static void test_apic_virtual_ctls(void) /* * First test */ - if (!((ctrl_cpu_rev[0].clr & (CPU_SECONDARY | CPU_BASED_TPR_SHADOW)) == - (CPU_SECONDARY | CPU_BASED_TPR_SHADOW))) + if (!((ctrl_cpu_rev[0].clr & + (CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW)) == + (CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW))) return; - primary |= CPU_SECONDARY; + primary |= CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; primary &= ~CPU_BASED_TPR_SHADOW; vmcs_write(CPU_EXEC_CTRL0, primary); @@ -3980,7 +3987,8 @@ static void test_apic_virtual_ctls(void) if (!((ctrl_cpu_rev[1].clr & apic_virt_ctls) == apic_virt_ctls)) return; - vmcs_write(CPU_EXEC_CTRL0, primary | CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, + primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); secondary &= ~CPU_VIRT_APIC_ACCESSES; vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VIRT_X2APIC); report_prefix_pushf("Virtualize x2APIC mode disabled; virtualize APIC access disabled"); @@ -4024,7 +4032,8 @@ static void test_virtual_intr_ctls(void) (ctrl_pin_rev.clr & PIN_EXTINT))) return; - vmcs_write(CPU_EXEC_CTRL0, primary | CPU_SECONDARY | + vmcs_write(CPU_EXEC_CTRL0, + primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW); vmcs_write(CPU_EXEC_CTRL1, secondary & ~CPU_VINTD); vmcs_write(PIN_CONTROLS, pin & ~PIN_EXTINT); @@ -4094,7 +4103,8 @@ static void test_posted_intr(void) (ctrl_exit_rev.clr & EXI_INTA))) return; - vmcs_write(CPU_EXEC_CTRL0, primary | CPU_SECONDARY | + vmcs_write(CPU_EXEC_CTRL0, + primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW); /* @@ -4211,7 +4221,8 @@ static void test_vpid(void) return; } - vmcs_write(CPU_EXEC_CTRL0, saved_primary | CPU_SECONDARY); + vmcs_write(CPU_EXEC_CTRL0, + saved_primary | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, saved_secondary & ~CPU_VPID); vmcs_write(VPID, vpid); report_prefix_pushf("VPID disabled; VPID value %x", vpid); @@ -4247,7 +4258,7 @@ static void try_tpr_threshold_and_vtpr(unsigned threshold, unsigned vtpr) u32 secondary = vmcs_read(CPU_EXEC_CTRL1); if ((primary & CPU_BASED_TPR_SHADOW) && - (!(primary & CPU_SECONDARY) || + (!(primary & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || !(secondary & (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)))) valid = (threshold & 0xf) <= ((vtpr >> 4) & 0xf); @@ -4340,7 +4351,7 @@ static void test_invalid_event_injection(void) */ /* Assert that unrestricted guest is disabled or unsupported */ - assert(!(ctrl_cpu_rev[0].clr & CPU_SECONDARY) || + assert(!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || !(secondary_save & CPU_URG)); ent_intr_info = ent_intr_info_base | INTR_TYPE_HARD_EXCEPTION | @@ -4580,7 +4591,8 @@ static void try_tpr_threshold(unsigned threshold) u32 primary = vmcs_read(CPU_EXEC_CTRL0); u32 secondary = vmcs_read(CPU_EXEC_CTRL1); - if ((primary & CPU_BASED_TPR_SHADOW) && !((primary & CPU_SECONDARY) && + if ((primary & CPU_BASED_TPR_SHADOW) && + !((primary & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && (secondary & CPU_VINTD))) valid = !(threshold >> 4); @@ -4644,7 +4656,7 @@ static void test_tpr_threshold(void) vmcs_write(APIC_VIRT_ADDR, virt_to_phys(virtual_apic_page)); vmcs_write(CPU_EXEC_CTRL0, primary & ~(CPU_BASED_TPR_SHADOW | - CPU_SECONDARY)); + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS)); report_prefix_pushf("Use TPR shadow disabled, secondary controls disabled"); test_tpr_threshold_values(); report_prefix_pop(); @@ -4654,7 +4666,7 @@ static void test_tpr_threshold(void) test_tpr_threshold_values(); report_prefix_pop(); - if (!((ctrl_cpu_rev[0].clr & CPU_SECONDARY) && + if (!((ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && (ctrl_cpu_rev[1].clr & (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)))) goto out; u32 secondary = vmcs_read(CPU_EXEC_CTRL1); @@ -4666,7 +4678,8 @@ static void test_tpr_threshold(void) report_prefix_pop(); vmcs_write(CPU_EXEC_CTRL0, - vmcs_read(CPU_EXEC_CTRL0) | CPU_SECONDARY); + vmcs_read(CPU_EXEC_CTRL0) | + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); report_prefix_pushf("Use TPR shadow enabled; secondary controls enabled; virtual-interrupt delivery enabled; virtualize APIC accesses disabled"); test_tpr_threshold_values(); report_prefix_pop(); @@ -4674,14 +4687,16 @@ static void test_tpr_threshold(void) if (ctrl_cpu_rev[1].clr & CPU_VIRT_APIC_ACCESSES) { vmcs_write(CPU_EXEC_CTRL0, - vmcs_read(CPU_EXEC_CTRL0) & ~CPU_SECONDARY); + vmcs_read(CPU_EXEC_CTRL0) & + ~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, CPU_VIRT_APIC_ACCESSES); report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled"); test_tpr_threshold_values(); report_prefix_pop(); vmcs_write(CPU_EXEC_CTRL0, - vmcs_read(CPU_EXEC_CTRL0) | CPU_SECONDARY); + vmcs_read(CPU_EXEC_CTRL0) | + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); report_prefix_pushf("Use TPR shadow enabled; secondary controls enabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled"); test_tpr_threshold_values(); report_prefix_pop(); @@ -4691,7 +4706,8 @@ static void test_tpr_threshold(void) (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)) == (CPU_VINTD | CPU_VIRT_APIC_ACCESSES)) { vmcs_write(CPU_EXEC_CTRL0, - vmcs_read(CPU_EXEC_CTRL0) & ~CPU_SECONDARY); + vmcs_read(CPU_EXEC_CTRL0) & + ~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_write(CPU_EXEC_CTRL1, CPU_VINTD | CPU_VIRT_APIC_ACCESSES); report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled"); @@ -4699,7 +4715,8 @@ static void test_tpr_threshold(void) report_prefix_pop(); vmcs_write(CPU_EXEC_CTRL0, - vmcs_read(CPU_EXEC_CTRL0) | CPU_SECONDARY); + vmcs_read(CPU_EXEC_CTRL0) | + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); report_prefix_pushf("Use TPR shadow enabled; secondary controls enabled; virtual-interrupt delivery enabled; virtualize APIC accesses enabled"); test_tpr_threshold_values(); report_prefix_pop(); @@ -4995,13 +5012,13 @@ static void test_pml(void) u32 primary = primary_saved; u32 secondary = secondary_saved; - if (!((ctrl_cpu_rev[0].clr & CPU_SECONDARY) && + if (!((ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) && (ctrl_cpu_rev[1].clr & CPU_EPT) && (ctrl_cpu_rev[1].clr & CPU_PML))) { report_skip("%s : \"Secondary execution\" or \"enable EPT\" or \"enable PML\" control not supported", __func__); return; } - primary |= CPU_SECONDARY; + primary |= CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; vmcs_write(CPU_EXEC_CTRL0, primary); secondary &= ~(CPU_PML | CPU_EPT); vmcs_write(CPU_EXEC_CTRL1, secondary); @@ -6178,13 +6195,13 @@ static enum Config_type configure_apic_reg_virt_test( virtualize_apic_accesses_incorrectly_on; if (apic_reg_virt_config->activate_secondary_controls) { - if (!(ctrl_cpu_rev[0].clr & CPU_SECONDARY)) { + if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS)) { printf("VM-execution control \"activate secondary controls\" NOT supported.\n"); return CONFIG_TYPE_UNSUPPORTED; } - cpu_exec_ctrl0 |= CPU_SECONDARY; + cpu_exec_ctrl0 |= CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; } else { - cpu_exec_ctrl0 &= ~CPU_SECONDARY; + cpu_exec_ctrl0 &= ~CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; } if (apic_reg_virt_config->virtualize_apic_accesses) { @@ -9519,7 +9536,8 @@ static void enable_vid(void) vmcs_write(EOI_EXIT_BITMAP2, 0x0); vmcs_write(EOI_EXIT_BITMAP3, 0x0); - vmcs_set_bits(CPU_EXEC_CTRL0, CPU_SECONDARY | CPU_BASED_TPR_SHADOW); + vmcs_set_bits(CPU_EXEC_CTRL0, + CPU_BASED_ACTIVATE_SECONDARY_CONTROLS | CPU_BASED_TPR_SHADOW); vmcs_set_bits(CPU_EXEC_CTRL1, CPU_VINTD | CPU_VIRT_X2APIC); } @@ -9696,7 +9714,7 @@ static void vmx_apic_passthrough(bool set_irq_line_from_thread) report_skip("%s : No test device enabled", __func__); return; } - u64 cpu_ctrl_0 = CPU_SECONDARY; + u64 cpu_ctrl_0 = CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; u64 cpu_ctrl_1 = 0; disable_intercept_for_x2apic_msrs(); @@ -10015,7 +10033,7 @@ static void sipi_test_ap_thread(void *data) struct vmcs *ap_vmcs; u64 *ap_vmxon_region; void *ap_stack, *ap_syscall_stack; - u64 cpu_ctrl_0 = CPU_SECONDARY; + u64 cpu_ctrl_0 = CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; u64 cpu_ctrl_1 = 0; /* Enter VMX operation (i.e. exec VMXON) */ @@ -10081,7 +10099,7 @@ static void vmx_sipi_signal_test(void) return; } - u64 cpu_ctrl_0 = CPU_SECONDARY; + u64 cpu_ctrl_0 = CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; u64 cpu_ctrl_1 = 0; /* passthrough lapic to L2 */ @@ -10372,7 +10390,7 @@ static void vmx_vmcs_shadow_test(void) u8 *bitmap[2]; struct vmcs *shadow; - if (!(ctrl_cpu_rev[0].clr & CPU_SECONDARY)) { + if (!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS)) { report_skip("%s : \"Activate secondary controls\" not supported", __func__); return; } @@ -10402,7 +10420,7 @@ static void vmx_vmcs_shadow_test(void) TEST_ASSERT(!vmcs_clear(shadow)); vmcs_clear_bits(CPU_EXEC_CTRL0, CPU_BASED_RDTSC_EXITING); - vmcs_set_bits(CPU_EXEC_CTRL0, CPU_SECONDARY); + vmcs_set_bits(CPU_EXEC_CTRL0, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_set_bits(CPU_EXEC_CTRL1, CPU_SHADOW_VMCS); vmcs_write(VMCS_LINK_PTR, virt_to_phys(shadow)); @@ -10456,7 +10474,7 @@ static void rdtsc_vmexit_diff_test_guest(void) */ static unsigned long long host_time_to_guest_time(unsigned long long t) { - TEST_ASSERT(!(ctrl_cpu_rev[0].clr & CPU_SECONDARY) || + TEST_ASSERT(!(ctrl_cpu_rev[0].clr & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS) || !(vmcs_read(CPU_EXEC_CTRL1) & CPU_USE_TSC_SCALING)); if (vmcs_read(CPU_EXEC_CTRL0) & CPU_BASED_USE_TSC_OFFSETTING) @@ -10801,7 +10819,7 @@ static void __vmx_pf_vpid_test(invalidate_tlb_t inv_fn, u16 vpid) if (!is_invvpid_supported()) test_skip("INVVPID unsupported"); - vmcs_set_bits(CPU_EXEC_CTRL0, CPU_SECONDARY); + vmcs_set_bits(CPU_EXEC_CTRL0, CPU_BASED_ACTIVATE_SECONDARY_CONTROLS); vmcs_set_bits(CPU_EXEC_CTRL1, CPU_VPID); vmcs_write(VPID, vpid); -- 2.43.0