1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef __KVM_X86_VMX_CAPS_H
3 #define __KVM_X86_VMX_CAPS_H
4 
5 #include <asm/vmx.h>
6 
7 #include "../lapic.h"
8 #include "../x86.h"
9 
10 extern bool __read_mostly enable_vpid;
11 extern bool __read_mostly flexpriority_enabled;
12 extern bool __read_mostly enable_ept;
13 extern bool __read_mostly enable_unrestricted_guest;
14 extern bool __read_mostly enable_ept_ad_bits;
15 extern bool __read_mostly enable_pml;
16 extern int __read_mostly pt_mode;
17 
18 #define PT_MODE_SYSTEM		0
19 #define PT_MODE_HOST_GUEST	1
20 
21 #define PMU_CAP_FW_WRITES	(1ULL << 13)
22 #define PMU_CAP_LBR_FMT		0x3f
23 
24 #define DEBUGCTLMSR_LBR_MASK		(DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI)
25 
26 struct nested_vmx_msrs {
27 	/*
28 	 * We only store the "true" versions of the VMX capability MSRs. We
29 	 * generate the "non-true" versions by setting the must-be-1 bits
30 	 * according to the SDM.
31 	 */
32 	u32 procbased_ctls_low;
33 	u32 procbased_ctls_high;
34 	u32 secondary_ctls_low;
35 	u32 secondary_ctls_high;
36 	u32 pinbased_ctls_low;
37 	u32 pinbased_ctls_high;
38 	u32 exit_ctls_low;
39 	u32 exit_ctls_high;
40 	u32 entry_ctls_low;
41 	u32 entry_ctls_high;
42 	u32 misc_low;
43 	u32 misc_high;
44 	u32 ept_caps;
45 	u32 vpid_caps;
46 	u64 basic;
47 	u64 cr0_fixed0;
48 	u64 cr0_fixed1;
49 	u64 cr4_fixed0;
50 	u64 cr4_fixed1;
51 	u64 vmcs_enum;
52 	u64 vmfunc_controls;
53 };
54 
55 struct vmcs_config {
56 	int size;
57 	u32 basic_cap;
58 	u32 revision_id;
59 	u32 pin_based_exec_ctrl;
60 	u32 cpu_based_exec_ctrl;
61 	u32 cpu_based_2nd_exec_ctrl;
62 	u32 vmexit_ctrl;
63 	u32 vmentry_ctrl;
64 	struct nested_vmx_msrs nested;
65 };
66 extern struct vmcs_config vmcs_config;
67 
68 struct vmx_capability {
69 	u32 ept;
70 	u32 vpid;
71 };
72 extern struct vmx_capability vmx_capability;
73 
cpu_has_vmx_basic_inout(void)74 static inline bool cpu_has_vmx_basic_inout(void)
75 {
76 	return	(((u64)vmcs_config.basic_cap << 32) & VMX_BASIC_INOUT);
77 }
78 
cpu_has_virtual_nmis(void)79 static inline bool cpu_has_virtual_nmis(void)
80 {
81 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS;
82 }
83 
cpu_has_vmx_preemption_timer(void)84 static inline bool cpu_has_vmx_preemption_timer(void)
85 {
86 	return vmcs_config.pin_based_exec_ctrl &
87 		PIN_BASED_VMX_PREEMPTION_TIMER;
88 }
89 
cpu_has_vmx_posted_intr(void)90 static inline bool cpu_has_vmx_posted_intr(void)
91 {
92 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR;
93 }
94 
cpu_has_load_ia32_efer(void)95 static inline bool cpu_has_load_ia32_efer(void)
96 {
97 	return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_EFER) &&
98 	       (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_EFER);
99 }
100 
cpu_has_load_perf_global_ctrl(void)101 static inline bool cpu_has_load_perf_global_ctrl(void)
102 {
103 	return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL) &&
104 	       (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL);
105 }
106 
cpu_has_vmx_mpx(void)107 static inline bool cpu_has_vmx_mpx(void)
108 {
109 	return (vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_BNDCFGS) &&
110 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_BNDCFGS);
111 }
112 
cpu_has_vmx_tpr_shadow(void)113 static inline bool cpu_has_vmx_tpr_shadow(void)
114 {
115 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW;
116 }
117 
cpu_need_tpr_shadow(struct kvm_vcpu * vcpu)118 static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu)
119 {
120 	return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu);
121 }
122 
cpu_has_vmx_msr_bitmap(void)123 static inline bool cpu_has_vmx_msr_bitmap(void)
124 {
125 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS;
126 }
127 
cpu_has_secondary_exec_ctrls(void)128 static inline bool cpu_has_secondary_exec_ctrls(void)
129 {
130 	return vmcs_config.cpu_based_exec_ctrl &
131 		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
132 }
133 
cpu_has_vmx_virtualize_apic_accesses(void)134 static inline bool cpu_has_vmx_virtualize_apic_accesses(void)
135 {
136 	return vmcs_config.cpu_based_2nd_exec_ctrl &
137 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
138 }
139 
cpu_has_vmx_ept(void)140 static inline bool cpu_has_vmx_ept(void)
141 {
142 	return vmcs_config.cpu_based_2nd_exec_ctrl &
143 		SECONDARY_EXEC_ENABLE_EPT;
144 }
145 
vmx_umip_emulated(void)146 static inline bool vmx_umip_emulated(void)
147 {
148 	return vmcs_config.cpu_based_2nd_exec_ctrl &
149 		SECONDARY_EXEC_DESC;
150 }
151 
cpu_has_vmx_rdtscp(void)152 static inline bool cpu_has_vmx_rdtscp(void)
153 {
154 	return vmcs_config.cpu_based_2nd_exec_ctrl &
155 		SECONDARY_EXEC_ENABLE_RDTSCP;
156 }
157 
cpu_has_vmx_virtualize_x2apic_mode(void)158 static inline bool cpu_has_vmx_virtualize_x2apic_mode(void)
159 {
160 	return vmcs_config.cpu_based_2nd_exec_ctrl &
161 		SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE;
162 }
163 
cpu_has_vmx_vpid(void)164 static inline bool cpu_has_vmx_vpid(void)
165 {
166 	return vmcs_config.cpu_based_2nd_exec_ctrl &
167 		SECONDARY_EXEC_ENABLE_VPID;
168 }
169 
cpu_has_vmx_wbinvd_exit(void)170 static inline bool cpu_has_vmx_wbinvd_exit(void)
171 {
172 	return vmcs_config.cpu_based_2nd_exec_ctrl &
173 		SECONDARY_EXEC_WBINVD_EXITING;
174 }
175 
cpu_has_vmx_unrestricted_guest(void)176 static inline bool cpu_has_vmx_unrestricted_guest(void)
177 {
178 	return vmcs_config.cpu_based_2nd_exec_ctrl &
179 		SECONDARY_EXEC_UNRESTRICTED_GUEST;
180 }
181 
cpu_has_vmx_apic_register_virt(void)182 static inline bool cpu_has_vmx_apic_register_virt(void)
183 {
184 	return vmcs_config.cpu_based_2nd_exec_ctrl &
185 		SECONDARY_EXEC_APIC_REGISTER_VIRT;
186 }
187 
cpu_has_vmx_virtual_intr_delivery(void)188 static inline bool cpu_has_vmx_virtual_intr_delivery(void)
189 {
190 	return vmcs_config.cpu_based_2nd_exec_ctrl &
191 		SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
192 }
193 
cpu_has_vmx_ple(void)194 static inline bool cpu_has_vmx_ple(void)
195 {
196 	return vmcs_config.cpu_based_2nd_exec_ctrl &
197 		SECONDARY_EXEC_PAUSE_LOOP_EXITING;
198 }
199 
cpu_has_vmx_rdrand(void)200 static inline bool cpu_has_vmx_rdrand(void)
201 {
202 	return vmcs_config.cpu_based_2nd_exec_ctrl &
203 		SECONDARY_EXEC_RDRAND_EXITING;
204 }
205 
cpu_has_vmx_invpcid(void)206 static inline bool cpu_has_vmx_invpcid(void)
207 {
208 	return vmcs_config.cpu_based_2nd_exec_ctrl &
209 		SECONDARY_EXEC_ENABLE_INVPCID;
210 }
211 
cpu_has_vmx_vmfunc(void)212 static inline bool cpu_has_vmx_vmfunc(void)
213 {
214 	return vmcs_config.cpu_based_2nd_exec_ctrl &
215 		SECONDARY_EXEC_ENABLE_VMFUNC;
216 }
217 
cpu_has_vmx_shadow_vmcs(void)218 static inline bool cpu_has_vmx_shadow_vmcs(void)
219 {
220 	u64 vmx_msr;
221 
222 	/* check if the cpu supports writing r/o exit information fields */
223 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
224 	if (!(vmx_msr & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS))
225 		return false;
226 
227 	return vmcs_config.cpu_based_2nd_exec_ctrl &
228 		SECONDARY_EXEC_SHADOW_VMCS;
229 }
230 
cpu_has_vmx_encls_vmexit(void)231 static inline bool cpu_has_vmx_encls_vmexit(void)
232 {
233 	return vmcs_config.cpu_based_2nd_exec_ctrl &
234 		SECONDARY_EXEC_ENCLS_EXITING;
235 }
236 
cpu_has_vmx_rdseed(void)237 static inline bool cpu_has_vmx_rdseed(void)
238 {
239 	return vmcs_config.cpu_based_2nd_exec_ctrl &
240 		SECONDARY_EXEC_RDSEED_EXITING;
241 }
242 
cpu_has_vmx_pml(void)243 static inline bool cpu_has_vmx_pml(void)
244 {
245 	return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML;
246 }
247 
cpu_has_vmx_xsaves(void)248 static inline bool cpu_has_vmx_xsaves(void)
249 {
250 	return vmcs_config.cpu_based_2nd_exec_ctrl &
251 		SECONDARY_EXEC_XSAVES;
252 }
253 
cpu_has_vmx_waitpkg(void)254 static inline bool cpu_has_vmx_waitpkg(void)
255 {
256 	return vmcs_config.cpu_based_2nd_exec_ctrl &
257 		SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE;
258 }
259 
cpu_has_vmx_tsc_scaling(void)260 static inline bool cpu_has_vmx_tsc_scaling(void)
261 {
262 	return vmcs_config.cpu_based_2nd_exec_ctrl &
263 		SECONDARY_EXEC_TSC_SCALING;
264 }
265 
cpu_has_vmx_bus_lock_detection(void)266 static inline bool cpu_has_vmx_bus_lock_detection(void)
267 {
268 	return vmcs_config.cpu_based_2nd_exec_ctrl &
269 	    SECONDARY_EXEC_BUS_LOCK_DETECTION;
270 }
271 
cpu_has_vmx_apicv(void)272 static inline bool cpu_has_vmx_apicv(void)
273 {
274 	return cpu_has_vmx_apic_register_virt() &&
275 		cpu_has_vmx_virtual_intr_delivery() &&
276 		cpu_has_vmx_posted_intr();
277 }
278 
cpu_has_vmx_flexpriority(void)279 static inline bool cpu_has_vmx_flexpriority(void)
280 {
281 	return cpu_has_vmx_tpr_shadow() &&
282 		cpu_has_vmx_virtualize_apic_accesses();
283 }
284 
cpu_has_vmx_ept_execute_only(void)285 static inline bool cpu_has_vmx_ept_execute_only(void)
286 {
287 	return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT;
288 }
289 
cpu_has_vmx_ept_4levels(void)290 static inline bool cpu_has_vmx_ept_4levels(void)
291 {
292 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT;
293 }
294 
cpu_has_vmx_ept_5levels(void)295 static inline bool cpu_has_vmx_ept_5levels(void)
296 {
297 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_5_BIT;
298 }
299 
cpu_has_vmx_ept_mt_wb(void)300 static inline bool cpu_has_vmx_ept_mt_wb(void)
301 {
302 	return vmx_capability.ept & VMX_EPTP_WB_BIT;
303 }
304 
cpu_has_vmx_ept_2m_page(void)305 static inline bool cpu_has_vmx_ept_2m_page(void)
306 {
307 	return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT;
308 }
309 
cpu_has_vmx_ept_1g_page(void)310 static inline bool cpu_has_vmx_ept_1g_page(void)
311 {
312 	return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT;
313 }
314 
ept_caps_to_lpage_level(u32 ept_caps)315 static inline int ept_caps_to_lpage_level(u32 ept_caps)
316 {
317 	if (ept_caps & VMX_EPT_1GB_PAGE_BIT)
318 		return PG_LEVEL_1G;
319 	if (ept_caps & VMX_EPT_2MB_PAGE_BIT)
320 		return PG_LEVEL_2M;
321 	return PG_LEVEL_4K;
322 }
323 
cpu_has_vmx_ept_ad_bits(void)324 static inline bool cpu_has_vmx_ept_ad_bits(void)
325 {
326 	return vmx_capability.ept & VMX_EPT_AD_BIT;
327 }
328 
cpu_has_vmx_invept_context(void)329 static inline bool cpu_has_vmx_invept_context(void)
330 {
331 	return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT;
332 }
333 
cpu_has_vmx_invept_global(void)334 static inline bool cpu_has_vmx_invept_global(void)
335 {
336 	return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT;
337 }
338 
cpu_has_vmx_invvpid(void)339 static inline bool cpu_has_vmx_invvpid(void)
340 {
341 	return vmx_capability.vpid & VMX_VPID_INVVPID_BIT;
342 }
343 
cpu_has_vmx_invvpid_individual_addr(void)344 static inline bool cpu_has_vmx_invvpid_individual_addr(void)
345 {
346 	return vmx_capability.vpid & VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT;
347 }
348 
cpu_has_vmx_invvpid_single(void)349 static inline bool cpu_has_vmx_invvpid_single(void)
350 {
351 	return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT;
352 }
353 
cpu_has_vmx_invvpid_global(void)354 static inline bool cpu_has_vmx_invvpid_global(void)
355 {
356 	return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT;
357 }
358 
cpu_has_vmx_intel_pt(void)359 static inline bool cpu_has_vmx_intel_pt(void)
360 {
361 	u64 vmx_msr;
362 
363 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
364 	return (vmx_msr & MSR_IA32_VMX_MISC_INTEL_PT) &&
365 		(vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) &&
366 		(vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_IA32_RTIT_CTL) &&
367 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL);
368 }
369 
370 /*
371  * Processor Trace can operate in one of three modes:
372  *  a. system-wide: trace both host/guest and output to host buffer
373  *  b. host-only:   only trace host and output to host buffer
374  *  c. host-guest:  trace host and guest simultaneously and output to their
375  *                  respective buffer
376  *
377  * KVM currently only supports (a) and (c).
378  */
vmx_pt_mode_is_system(void)379 static inline bool vmx_pt_mode_is_system(void)
380 {
381 	return pt_mode == PT_MODE_SYSTEM;
382 }
vmx_pt_mode_is_host_guest(void)383 static inline bool vmx_pt_mode_is_host_guest(void)
384 {
385 	return pt_mode == PT_MODE_HOST_GUEST;
386 }
387 
vmx_get_perf_capabilities(void)388 static inline u64 vmx_get_perf_capabilities(void)
389 {
390 	u64 perf_cap = 0;
391 
392 	if (!enable_pmu)
393 		return perf_cap;
394 
395 	if (boot_cpu_has(X86_FEATURE_PDCM))
396 		rdmsrl(MSR_IA32_PERF_CAPABILITIES, perf_cap);
397 
398 	perf_cap &= PMU_CAP_LBR_FMT;
399 
400 	/*
401 	 * Since counters are virtualized, KVM would support full
402 	 * width counting unconditionally, even if the host lacks it.
403 	 */
404 	return PMU_CAP_FW_WRITES | perf_cap;
405 }
406 
vmx_supported_debugctl(void)407 static inline u64 vmx_supported_debugctl(void)
408 {
409 	u64 debugctl = 0;
410 
411 	if (boot_cpu_has(X86_FEATURE_BUS_LOCK_DETECT))
412 		debugctl |= DEBUGCTLMSR_BUS_LOCK_DETECT;
413 
414 	if (vmx_get_perf_capabilities() & PMU_CAP_LBR_FMT)
415 		debugctl |= DEBUGCTLMSR_LBR_MASK;
416 
417 	return debugctl;
418 }
419 
420 #endif /* __KVM_X86_VMX_CAPS_H */
421