1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef __KVM_X86_VMX_CAPS_H
3 #define __KVM_X86_VMX_CAPS_H
4 
5 #include <asm/vmx.h>
6 
7 #include "lapic.h"
8 
9 extern bool __read_mostly enable_vpid;
10 extern bool __read_mostly flexpriority_enabled;
11 extern bool __read_mostly enable_ept;
12 extern bool __read_mostly enable_unrestricted_guest;
13 extern bool __read_mostly enable_ept_ad_bits;
14 extern bool __read_mostly enable_pml;
15 extern bool __read_mostly enable_apicv;
16 extern int __read_mostly pt_mode;
17 
18 #define PT_MODE_SYSTEM		0
19 #define PT_MODE_HOST_GUEST	1
20 
21 #define PMU_CAP_FW_WRITES	(1ULL << 13)
22 
23 struct nested_vmx_msrs {
24 	/*
25 	 * We only store the "true" versions of the VMX capability MSRs. We
26 	 * generate the "non-true" versions by setting the must-be-1 bits
27 	 * according to the SDM.
28 	 */
29 	u32 procbased_ctls_low;
30 	u32 procbased_ctls_high;
31 	u32 secondary_ctls_low;
32 	u32 secondary_ctls_high;
33 	u32 pinbased_ctls_low;
34 	u32 pinbased_ctls_high;
35 	u32 exit_ctls_low;
36 	u32 exit_ctls_high;
37 	u32 entry_ctls_low;
38 	u32 entry_ctls_high;
39 	u32 misc_low;
40 	u32 misc_high;
41 	u32 ept_caps;
42 	u32 vpid_caps;
43 	u64 basic;
44 	u64 cr0_fixed0;
45 	u64 cr0_fixed1;
46 	u64 cr4_fixed0;
47 	u64 cr4_fixed1;
48 	u64 vmcs_enum;
49 	u64 vmfunc_controls;
50 };
51 
52 struct vmcs_config {
53 	int size;
54 	int order;
55 	u32 basic_cap;
56 	u32 revision_id;
57 	u32 pin_based_exec_ctrl;
58 	u32 cpu_based_exec_ctrl;
59 	u32 cpu_based_2nd_exec_ctrl;
60 	u32 vmexit_ctrl;
61 	u32 vmentry_ctrl;
62 	struct nested_vmx_msrs nested;
63 };
64 extern struct vmcs_config vmcs_config;
65 
66 struct vmx_capability {
67 	u32 ept;
68 	u32 vpid;
69 };
70 extern struct vmx_capability vmx_capability;
71 
cpu_has_vmx_basic_inout(void)72 static inline bool cpu_has_vmx_basic_inout(void)
73 {
74 	return	(((u64)vmcs_config.basic_cap << 32) & VMX_BASIC_INOUT);
75 }
76 
cpu_has_virtual_nmis(void)77 static inline bool cpu_has_virtual_nmis(void)
78 {
79 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_VIRTUAL_NMIS;
80 }
81 
cpu_has_vmx_preemption_timer(void)82 static inline bool cpu_has_vmx_preemption_timer(void)
83 {
84 	return vmcs_config.pin_based_exec_ctrl &
85 		PIN_BASED_VMX_PREEMPTION_TIMER;
86 }
87 
cpu_has_vmx_posted_intr(void)88 static inline bool cpu_has_vmx_posted_intr(void)
89 {
90 	return IS_ENABLED(CONFIG_X86_LOCAL_APIC) &&
91 		vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR;
92 }
93 
cpu_has_load_ia32_efer(void)94 static inline bool cpu_has_load_ia32_efer(void)
95 {
96 	return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_EFER) &&
97 	       (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_EFER);
98 }
99 
cpu_has_load_perf_global_ctrl(void)100 static inline bool cpu_has_load_perf_global_ctrl(void)
101 {
102 	return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL) &&
103 	       (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL);
104 }
105 
cpu_has_vmx_mpx(void)106 static inline bool cpu_has_vmx_mpx(void)
107 {
108 	return (vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_BNDCFGS) &&
109 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_BNDCFGS);
110 }
111 
cpu_has_vmx_tpr_shadow(void)112 static inline bool cpu_has_vmx_tpr_shadow(void)
113 {
114 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_TPR_SHADOW;
115 }
116 
cpu_need_tpr_shadow(struct kvm_vcpu * vcpu)117 static inline bool cpu_need_tpr_shadow(struct kvm_vcpu *vcpu)
118 {
119 	return cpu_has_vmx_tpr_shadow() && lapic_in_kernel(vcpu);
120 }
121 
cpu_has_vmx_msr_bitmap(void)122 static inline bool cpu_has_vmx_msr_bitmap(void)
123 {
124 	return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS;
125 }
126 
cpu_has_secondary_exec_ctrls(void)127 static inline bool cpu_has_secondary_exec_ctrls(void)
128 {
129 	return vmcs_config.cpu_based_exec_ctrl &
130 		CPU_BASED_ACTIVATE_SECONDARY_CONTROLS;
131 }
132 
cpu_has_vmx_virtualize_apic_accesses(void)133 static inline bool cpu_has_vmx_virtualize_apic_accesses(void)
134 {
135 	return vmcs_config.cpu_based_2nd_exec_ctrl &
136 		SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES;
137 }
138 
cpu_has_vmx_ept(void)139 static inline bool cpu_has_vmx_ept(void)
140 {
141 	return vmcs_config.cpu_based_2nd_exec_ctrl &
142 		SECONDARY_EXEC_ENABLE_EPT;
143 }
144 
vmx_umip_emulated(void)145 static inline bool vmx_umip_emulated(void)
146 {
147 	return vmcs_config.cpu_based_2nd_exec_ctrl &
148 		SECONDARY_EXEC_DESC;
149 }
150 
cpu_has_vmx_rdtscp(void)151 static inline bool cpu_has_vmx_rdtscp(void)
152 {
153 	return vmcs_config.cpu_based_2nd_exec_ctrl &
154 		SECONDARY_EXEC_ENABLE_RDTSCP;
155 }
156 
cpu_has_vmx_virtualize_x2apic_mode(void)157 static inline bool cpu_has_vmx_virtualize_x2apic_mode(void)
158 {
159 	return vmcs_config.cpu_based_2nd_exec_ctrl &
160 		SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE;
161 }
162 
cpu_has_vmx_vpid(void)163 static inline bool cpu_has_vmx_vpid(void)
164 {
165 	return vmcs_config.cpu_based_2nd_exec_ctrl &
166 		SECONDARY_EXEC_ENABLE_VPID;
167 }
168 
cpu_has_vmx_wbinvd_exit(void)169 static inline bool cpu_has_vmx_wbinvd_exit(void)
170 {
171 	return vmcs_config.cpu_based_2nd_exec_ctrl &
172 		SECONDARY_EXEC_WBINVD_EXITING;
173 }
174 
cpu_has_vmx_unrestricted_guest(void)175 static inline bool cpu_has_vmx_unrestricted_guest(void)
176 {
177 	return vmcs_config.cpu_based_2nd_exec_ctrl &
178 		SECONDARY_EXEC_UNRESTRICTED_GUEST;
179 }
180 
cpu_has_vmx_apic_register_virt(void)181 static inline bool cpu_has_vmx_apic_register_virt(void)
182 {
183 	return vmcs_config.cpu_based_2nd_exec_ctrl &
184 		SECONDARY_EXEC_APIC_REGISTER_VIRT;
185 }
186 
cpu_has_vmx_virtual_intr_delivery(void)187 static inline bool cpu_has_vmx_virtual_intr_delivery(void)
188 {
189 	return vmcs_config.cpu_based_2nd_exec_ctrl &
190 		SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
191 }
192 
cpu_has_vmx_ple(void)193 static inline bool cpu_has_vmx_ple(void)
194 {
195 	return vmcs_config.cpu_based_2nd_exec_ctrl &
196 		SECONDARY_EXEC_PAUSE_LOOP_EXITING;
197 }
198 
cpu_has_vmx_rdrand(void)199 static inline bool cpu_has_vmx_rdrand(void)
200 {
201 	return vmcs_config.cpu_based_2nd_exec_ctrl &
202 		SECONDARY_EXEC_RDRAND_EXITING;
203 }
204 
cpu_has_vmx_invpcid(void)205 static inline bool cpu_has_vmx_invpcid(void)
206 {
207 	return vmcs_config.cpu_based_2nd_exec_ctrl &
208 		SECONDARY_EXEC_ENABLE_INVPCID;
209 }
210 
cpu_has_vmx_vmfunc(void)211 static inline bool cpu_has_vmx_vmfunc(void)
212 {
213 	return vmcs_config.cpu_based_2nd_exec_ctrl &
214 		SECONDARY_EXEC_ENABLE_VMFUNC;
215 }
216 
cpu_has_vmx_shadow_vmcs(void)217 static inline bool cpu_has_vmx_shadow_vmcs(void)
218 {
219 	u64 vmx_msr;
220 
221 	/* check if the cpu supports writing r/o exit information fields */
222 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
223 	if (!(vmx_msr & MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS))
224 		return false;
225 
226 	return vmcs_config.cpu_based_2nd_exec_ctrl &
227 		SECONDARY_EXEC_SHADOW_VMCS;
228 }
229 
cpu_has_vmx_encls_vmexit(void)230 static inline bool cpu_has_vmx_encls_vmexit(void)
231 {
232 	return vmcs_config.cpu_based_2nd_exec_ctrl &
233 		SECONDARY_EXEC_ENCLS_EXITING;
234 }
235 
cpu_has_vmx_rdseed(void)236 static inline bool cpu_has_vmx_rdseed(void)
237 {
238 	return vmcs_config.cpu_based_2nd_exec_ctrl &
239 		SECONDARY_EXEC_RDSEED_EXITING;
240 }
241 
cpu_has_vmx_pml(void)242 static inline bool cpu_has_vmx_pml(void)
243 {
244 	return vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_ENABLE_PML;
245 }
246 
cpu_has_vmx_xsaves(void)247 static inline bool cpu_has_vmx_xsaves(void)
248 {
249 	return vmcs_config.cpu_based_2nd_exec_ctrl &
250 		SECONDARY_EXEC_XSAVES;
251 }
252 
cpu_has_vmx_waitpkg(void)253 static inline bool cpu_has_vmx_waitpkg(void)
254 {
255 	return vmcs_config.cpu_based_2nd_exec_ctrl &
256 		SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE;
257 }
258 
cpu_has_vmx_tsc_scaling(void)259 static inline bool cpu_has_vmx_tsc_scaling(void)
260 {
261 	return vmcs_config.cpu_based_2nd_exec_ctrl &
262 		SECONDARY_EXEC_TSC_SCALING;
263 }
264 
cpu_has_vmx_apicv(void)265 static inline bool cpu_has_vmx_apicv(void)
266 {
267 	return cpu_has_vmx_apic_register_virt() &&
268 		cpu_has_vmx_virtual_intr_delivery() &&
269 		cpu_has_vmx_posted_intr();
270 }
271 
cpu_has_vmx_flexpriority(void)272 static inline bool cpu_has_vmx_flexpriority(void)
273 {
274 	return cpu_has_vmx_tpr_shadow() &&
275 		cpu_has_vmx_virtualize_apic_accesses();
276 }
277 
cpu_has_vmx_ept_execute_only(void)278 static inline bool cpu_has_vmx_ept_execute_only(void)
279 {
280 	return vmx_capability.ept & VMX_EPT_EXECUTE_ONLY_BIT;
281 }
282 
cpu_has_vmx_ept_4levels(void)283 static inline bool cpu_has_vmx_ept_4levels(void)
284 {
285 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT;
286 }
287 
cpu_has_vmx_ept_5levels(void)288 static inline bool cpu_has_vmx_ept_5levels(void)
289 {
290 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_5_BIT;
291 }
292 
cpu_has_vmx_ept_mt_wb(void)293 static inline bool cpu_has_vmx_ept_mt_wb(void)
294 {
295 	return vmx_capability.ept & VMX_EPTP_WB_BIT;
296 }
297 
cpu_has_vmx_ept_2m_page(void)298 static inline bool cpu_has_vmx_ept_2m_page(void)
299 {
300 	return vmx_capability.ept & VMX_EPT_2MB_PAGE_BIT;
301 }
302 
cpu_has_vmx_ept_1g_page(void)303 static inline bool cpu_has_vmx_ept_1g_page(void)
304 {
305 	return vmx_capability.ept & VMX_EPT_1GB_PAGE_BIT;
306 }
307 
cpu_has_vmx_ept_ad_bits(void)308 static inline bool cpu_has_vmx_ept_ad_bits(void)
309 {
310 	return vmx_capability.ept & VMX_EPT_AD_BIT;
311 }
312 
cpu_has_vmx_invept_context(void)313 static inline bool cpu_has_vmx_invept_context(void)
314 {
315 	return vmx_capability.ept & VMX_EPT_EXTENT_CONTEXT_BIT;
316 }
317 
cpu_has_vmx_invept_global(void)318 static inline bool cpu_has_vmx_invept_global(void)
319 {
320 	return vmx_capability.ept & VMX_EPT_EXTENT_GLOBAL_BIT;
321 }
322 
cpu_has_vmx_invvpid(void)323 static inline bool cpu_has_vmx_invvpid(void)
324 {
325 	return vmx_capability.vpid & VMX_VPID_INVVPID_BIT;
326 }
327 
cpu_has_vmx_invvpid_individual_addr(void)328 static inline bool cpu_has_vmx_invvpid_individual_addr(void)
329 {
330 	return vmx_capability.vpid & VMX_VPID_EXTENT_INDIVIDUAL_ADDR_BIT;
331 }
332 
cpu_has_vmx_invvpid_single(void)333 static inline bool cpu_has_vmx_invvpid_single(void)
334 {
335 	return vmx_capability.vpid & VMX_VPID_EXTENT_SINGLE_CONTEXT_BIT;
336 }
337 
cpu_has_vmx_invvpid_global(void)338 static inline bool cpu_has_vmx_invvpid_global(void)
339 {
340 	return vmx_capability.vpid & VMX_VPID_EXTENT_GLOBAL_CONTEXT_BIT;
341 }
342 
cpu_has_vmx_intel_pt(void)343 static inline bool cpu_has_vmx_intel_pt(void)
344 {
345 	u64 vmx_msr;
346 
347 	rdmsrl(MSR_IA32_VMX_MISC, vmx_msr);
348 	return (vmx_msr & MSR_IA32_VMX_MISC_INTEL_PT) &&
349 		(vmcs_config.cpu_based_2nd_exec_ctrl & SECONDARY_EXEC_PT_USE_GPA) &&
350 		(vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_IA32_RTIT_CTL) &&
351 		(vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_RTIT_CTL);
352 }
353 
354 /*
355  * Processor Trace can operate in one of three modes:
356  *  a. system-wide: trace both host/guest and output to host buffer
357  *  b. host-only:   only trace host and output to host buffer
358  *  c. host-guest:  trace host and guest simultaneously and output to their
359  *                  respective buffer
360  *
361  * KVM currently only supports (a) and (c).
362  */
vmx_pt_mode_is_system(void)363 static inline bool vmx_pt_mode_is_system(void)
364 {
365 	return pt_mode == PT_MODE_SYSTEM;
366 }
vmx_pt_mode_is_host_guest(void)367 static inline bool vmx_pt_mode_is_host_guest(void)
368 {
369 	return pt_mode == PT_MODE_HOST_GUEST;
370 }
371 
vmx_get_perf_capabilities(void)372 static inline u64 vmx_get_perf_capabilities(void)
373 {
374 	/*
375 	 * Since counters are virtualized, KVM would support full
376 	 * width counting unconditionally, even if the host lacks it.
377 	 */
378 	return PMU_CAP_FW_WRITES;
379 }
380 
381 #endif /* __KVM_X86_VMX_CAPS_H */
382