On Thu, Aug 25, 2022, Vitaly Kuznetsov wrote:
> Sean Christopherson <seanjc@xxxxxxxxxx> writes:
> > diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
> > index 24d58c2ffaa3..35c7e6aef301 100644
> > --- a/arch/x86/kvm/vmx/vmx.h
> > +++ b/arch/x86/kvm/vmx/vmx.h
> > @@ -626,4 +626,14 @@ static inline bool vmx_can_use_ipiv(struct kvm_vcpu *vcpu)
> > return lapic_in_kernel(vcpu) && enable_ipiv;
> > }
> >
> > +static inline bool guest_cpuid_has_evmcs(struct kvm_vcpu *vcpu)
> > +{
> > + /*
> > + * eVMCS is exposed to the guest if Hyper-V is enabled in CPUID and
> > + * eVMCS has been explicitly enabled by userspace.
> > + */
> > + return vcpu->arch.hyperv_enabled &&
> > + to_vmx(vcpu)->nested.enlightened_vmcs_enabled;
>
> I don't quite like 'guest_cpuid_has_evmcs' name as it makes me think
> we're checking if eVMCS was exposed in guest CPUID but in fact we don't
> do that.
This does (indirectly) check guest CPUID. hyperv_enabled is a direct reflection
of whether or not CPUID.HYPERV_CPUID_INTERFACE.EAX == HYPERV_CPUID_SIGNATURE_EAX.
> eVMCS can be enabled on a vCPU even if it is not exposed in
> CPUID (and we should probably keep that to not mandate setting CPUID
> before enabling eVMCS).
My intent with this helper is that it should be used only when the guest is
attempting to utilize eVMCS. All host-initiated usage, e.g. KVM_SET_NESTED_STATE,
check enlightened_vmcs_enabled directly.
> What about e.g. vcpu_has_evmcs_enabled() instead?
I went with the guest_cpuid_has...() to align with the generic guest_cpuid_has()
so that it would somewhat clear that the helper should only be used when enforcing
guest behavior.
> On a related not, any reason to put this to vmx/vmx.h and not
> vmx/evmcs.h?
Can't dereference vcpu_vmx :-(
vmx.h includes evmcs.h by way of vmx_ops.h, and that ordering can't change because
the VMREAD/VMWRITE helpers need to get at the eVMCS stuff.
