[PATCH 11/15] kvm/vmx: Implement vmx_compute_tertiary_exec_control()

Robert Hoo <robert.hu@xxxxxxxxxxxxxxx> · Tue, 1 Jun 2021 16:47:50 +0800

Like vmx_compute_secondary_exec_control(), before L1 set VMCS, compute its
tertiary control capability MSR's value according to guest CPUID setting.

Signed-off-by: Robert Hoo <robert.hu@xxxxxxxxxxxxxxx>
---
 arch/x86/kvm/vmx/vmx.c | 22 ++++++++++++++++++++--
 arch/x86/kvm/vmx/vmx.h |  1 +
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 44c9f16..5b46d7b 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -4523,6 +4523,22 @@ u32 vmx_exec_control(struct vcpu_vmx *vmx)
 #define vmx_adjust_sec_exec_exiting(vmx, exec_control, lname, uname) \
 	vmx_adjust_sec_exec_control(vmx, exec_control, lname, uname, uname##_EXITING, true)
 
+static void vmx_compute_tertiary_exec_control(struct vcpu_vmx *vmx)
+{
+	struct kvm_vcpu *vcpu = &vmx->vcpu;
+	u32 exec_control = vmcs_config.cpu_based_3rd_exec_ctrl;
+
+	if (nested) {
+		if (guest_cpuid_has(vcpu, X86_FEATURE_KEYLOCKER))
+			vmx->nested.msrs.tertiary_ctls |=
+				TERTIARY_EXEC_LOADIWKEY_EXITING;
+		else
+			vmx->nested.msrs.tertiary_ctls &=
+				~TERTIARY_EXEC_LOADIWKEY_EXITING;
+	}
+	vmx->tertiary_exec_control = exec_control;
+}
+
 static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx)
 {
 	struct kvm_vcpu *vcpu = &vmx->vcpu;
@@ -4622,8 +4638,10 @@ static void init_vmcs(struct vcpu_vmx *vmx)
 		secondary_exec_controls_set(vmx, vmx->secondary_exec_control);
 	}
 
-	if (cpu_has_tertiary_exec_ctrls())
-		tertiary_exec_controls_set(vmx, vmcs_config.cpu_based_3rd_exec_ctrl);
+	if (cpu_has_tertiary_exec_ctrls()) {
+		vmx_compute_tertiary_exec_control(vmx);
+		tertiary_exec_controls_set(vmx, vmx->tertiary_exec_control);
+	}
 
 	if (kvm_vcpu_apicv_active(&vmx->vcpu)) {
 		vmcs_write64(EOI_EXIT_BITMAP0, 0);
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index e0ade10..d2eecb8 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -258,6 +258,7 @@ struct vcpu_vmx {
 	u32		      msr_ia32_umwait_control;
 
 	u32 secondary_exec_control;
+	u64 tertiary_exec_control;
 
 	/*
 	 * loaded_vmcs points to the VMCS currently used in this vcpu. For a
-- 
1.8.3.1







