On 03/10/19 23:23, Rick Edgecombe wrote:
> Add a KVM capability for the KVM_MEM_EXECONLY memslot type. This memslot
> type is supported if the HW supports execute-only TDP.
>
> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
> ---
> arch/x86/include/asm/kvm_host.h | 1 +
> arch/x86/kvm/svm.c | 6 ++++++
> arch/x86/kvm/vmx/vmx.c | 1 +
> arch/x86/kvm/x86.c | 3 +++
> include/uapi/linux/kvm.h | 1 +
> 5 files changed, 12 insertions(+)
>
> diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
> index 6d06c794d720..be3ff71e6227 100644
> --- a/arch/x86/include/asm/kvm_host.h
> +++ b/arch/x86/include/asm/kvm_host.h
> @@ -1132,6 +1132,7 @@ struct kvm_x86_ops {
> bool (*xsaves_supported)(void);
> bool (*umip_emulated)(void);
> bool (*pt_supported)(void);
> + bool (*tdp_xo_supported)(void);
>
> int (*check_nested_events)(struct kvm_vcpu *vcpu, bool external_intr);
> void (*request_immediate_exit)(struct kvm_vcpu *vcpu);
> diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
> index e0368076a1ef..f9f25f32e946 100644
> --- a/arch/x86/kvm/svm.c
> +++ b/arch/x86/kvm/svm.c
> @@ -6005,6 +6005,11 @@ static bool svm_pt_supported(void)
> return false;
> }
>
> +static bool svm_xo_supported(void)
> +{
> + return false;
> +}
> +
> static bool svm_has_wbinvd_exit(void)
> {
> return true;
> @@ -7293,6 +7298,7 @@ static struct kvm_x86_ops svm_x86_ops __ro_after_init = {
> .xsaves_supported = svm_xsaves_supported,
> .umip_emulated = svm_umip_emulated,
> .pt_supported = svm_pt_supported,
> + .tdp_xo_supported = svm_xo_supported,
>
> .set_supported_cpuid = svm_set_supported_cpuid,
>
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index a30dbab8a2d4..7e7260c715f2 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -7767,6 +7767,7 @@ static struct kvm_x86_ops vmx_x86_ops __ro_after_init = {
> .xsaves_supported = vmx_xsaves_supported,
> .umip_emulated = vmx_umip_emulated,
> .pt_supported = vmx_pt_supported,
> + .tdp_xo_supported = cpu_has_vmx_ept_execute_only,
>
> .request_immediate_exit = vmx_request_immediate_exit,
>
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 2e321d788672..810cfdb1a315 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -3183,6 +3183,9 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
> r = kvm_x86_ops->get_nested_state ?
> kvm_x86_ops->get_nested_state(NULL, NULL, 0) : 0;
> break;
> + case KVM_CAP_EXECONLY_MEM:
> + r = kvm_x86_ops->tdp_xo_supported();
> + break;
> default:
> break;
> }
> diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
> index ede487b7b216..7778a1f03b78 100644
> --- a/include/uapi/linux/kvm.h
> +++ b/include/uapi/linux/kvm.h
> @@ -997,6 +997,7 @@ struct kvm_ppc_resize_hpt {
> #define KVM_CAP_ARM_PTRAUTH_ADDRESS 171
> #define KVM_CAP_ARM_PTRAUTH_GENERIC 172
> #define KVM_CAP_PMU_EVENT_FILTER 173
> +#define KVM_CAP_EXECONLY_MEM 174
>
> #ifdef KVM_CAP_IRQ_ROUTING
>
>
This is not needed, execution only can be a CPUID bit in the hypervisor
range (see Documentation/virt/kvm/cpuid.txt). Userspace can use
KVM_GET_SUPPORTED_CPUID to check whether the host supports it.
Paolo
