Sean Christopherson <seanjc@xxxxxxxxxx> writes:
> On Wed, Oct 13, 2021, Vitaly Kuznetsov wrote:
>> 3-level nesting is also not a very common setup nowadays.
>
> Says who? :-D
>
The one who wants to sleep well at night ;-)
>> Don't enable 'Enlightened MSR Bitmap' feature for KVM's L2s (real L3s) for
>> now.
>>
>> Signed-off-by: Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>
>> Reviewed-by: Maxim Levitsky <mlevitsk@xxxxxxxxxx>
>> ---
>> arch/x86/kvm/vmx/vmx.c | 21 ++++++++++++---------
>> 1 file changed, 12 insertions(+), 9 deletions(-)
>>
>> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
>> index 1c8b2b6e7ed9..e82cdde58119 100644
>> --- a/arch/x86/kvm/vmx/vmx.c
>> +++ b/arch/x86/kvm/vmx/vmx.c
>> @@ -2655,15 +2655,6 @@ int alloc_loaded_vmcs(struct loaded_vmcs *loaded_vmcs)
>> if (!loaded_vmcs->msr_bitmap)
>> goto out_vmcs;
>> memset(loaded_vmcs->msr_bitmap, 0xff, PAGE_SIZE);
>> -
>> - if (IS_ENABLED(CONFIG_HYPERV) &&
>> - static_branch_unlikely(&enable_evmcs) &&
>> - (ms_hyperv.nested_features & HV_X64_NESTED_MSR_BITMAP)) {
>> - struct hv_enlightened_vmcs *evmcs =
>> - (struct hv_enlightened_vmcs *)loaded_vmcs->vmcs;
>> -
>> - evmcs->hv_enlightenments_control.msr_bitmap = 1;
>> - }
>> }
>>
>> memset(&loaded_vmcs->host_state, 0, sizeof(struct vmcs_host_state));
>> @@ -6903,6 +6894,18 @@ static int vmx_create_vcpu(struct kvm_vcpu *vcpu)
>>
>> vmx->loaded_vmcs = &vmx->vmcs01;
>>
>> + /*
>> + * Use Hyper-V 'Enlightened MSR Bitmap' feature when KVM runs as a
>> + * nested (L1) hypervisor and Hyper-V in L0 supports it.
>
> And maybe call out specifically that KVM intentionally uses this only for vmcs02?
>
>> + */
>> + if (IS_ENABLED(CONFIG_HYPERV) && static_branch_unlikely(&enable_evmcs)
>> + && (ms_hyperv.nested_features & HV_X64_NESTED_MSR_BITMAP)) {
>
> && on the previous line, I think we'll survive the 82 char line :-)
>
>> + struct hv_enlightened_vmcs *evmcs =
>> + (struct hv_enlightened_vmcs *)vmx->loaded_vmcs->vmcs;
>
> Hmm, what about landing this right after vmcs01's VMCS is allocated? It's kinda
> weird, but it makes it more obvious that ->vmcs is not NULL. And if the cast is
> simply via a "void *" it all fits on one line.
>
> err = alloc_loaded_vmcs(&vmx->vmcs01);
> if (err < 0)
> goto free_pml;
>
> /*
> * Use Hyper-V 'Enlightened MSR Bitmap' feature when KVM runs as a
> * nested (L1) hypervisor and Hyper-V in L0 supports it. Enable an
> * enlightened bitmap only for vmcs01, KVM currently isn't equipped to
> * realize any performance benefits from enabling it for vmcs02.
> */
> if (IS_ENABLED(CONFIG_HYPERV) && static_branch_unlikely(&enable_evmcs) &&
> (ms_hyperv.nested_features & HV_X64_NESTED_MSR_BITMAP)) {
> struct hv_enlightened_vmcs *evmcs = (void *)vmx->vmcs01.vmcs;
(void *) usually smells a bit fishy to me but it seems to fit here.
>
> evmcs->hv_enlightenments_control.msr_bitmap = 1;
> }
>
>> +
>> + evmcs->hv_enlightenments_control.msr_bitmap = 1;
>> + }
>> +
>> if (cpu_need_virtualize_apic_accesses(vcpu)) {
>> err = alloc_apic_access_page(vcpu->kvm);
>> if (err)
>> --
>> 2.31.1
>>
>
--
Vitaly
