xen/5215d135-Nested-VMX-Clear-APIC-v-control-bit-in-vmcs02.patch

# Commit 375a1035002fb257087756a86e6caeda649fc0f1
# Date 2013-08-22 10:52:05 +0200
# Author Yang Zhang <yang.z.zhang@Intel.com>
# Committer Jan Beulich <jbeulich@suse.com>
Nested VMX: Clear APIC-v control bit in vmcs02

There is no vAPIC-v support, so mask APIC-v control bit when
constructing vmcs02.

Signed-off-by: Yang Zhang <yang.z.zhang@Intel.com>
Acked-by: "Dong, Eddie" <eddie.dong@intel.com>

--- a/xen/arch/x86/hvm/vmx/vvmx.c
+++ b/xen/arch/x86/hvm/vmx/vvmx.c
@@ -613,8 +613,15 @@ void nvmx_update_secondary_exec_control(
     u32 shadow_cntrl;
     struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
     struct nestedvmx *nvmx = &vcpu_2_nvmx(v);
+    u32 apicv_bit = SECONDARY_EXEC_APIC_REGISTER_VIRT |
+                    SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;
 
+    host_cntrl &= ~apicv_bit;
     shadow_cntrl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL);
+
+    /* No vAPIC-v support, so it shouldn't be set in vmcs12. */
+    ASSERT(!(shadow_cntrl & apicv_bit));
+
     nvmx->ept.enabled = !!(shadow_cntrl & SECONDARY_EXEC_ENABLE_EPT);
     shadow_cntrl |= host_cntrl;
     __vmwrite(SECONDARY_VM_EXEC_CONTROL, shadow_cntrl);
@@ -625,7 +632,12 @@ static void nvmx_update_pin_control(stru
     u32 shadow_cntrl;
     struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);
 
+    host_cntrl &= ~PIN_BASED_POSTED_INTERRUPT;
     shadow_cntrl = __get_vvmcs(nvcpu->nv_vvmcx, PIN_BASED_VM_EXEC_CONTROL);
+
+    /* No vAPIC-v support, so it shouldn't be set in vmcs12. */
+    ASSERT(!(shadow_cntrl & PIN_BASED_POSTED_INTERRUPT));
+
     shadow_cntrl |= host_cntrl;
     __vmwrite(PIN_BASED_VM_EXEC_CONTROL, shadow_cntrl);
 }
- Upstream patches from Jan 51e517e6-AMD-IOMMU-allocate-IRTEs.patch 51e5183f-AMD-IOMMU-untie-remap-and-vector-maps.patch 51e63df6-VMX-fix-interaction-of-APIC-V-and-Viridian-emulation.patch 52146070-ACPI-fix-acpi_os_map_memory.patch 5214d26a-VT-d-warn-about-CFI-being-enabled-by-firmware.patch 5215d094-Nested-VMX-Check-whether-interrupt-is-blocked-by-TPR.patch 5215d0c5-Nested-VMX-Force-check-ISR-when-L2-is-running.patch 5215d135-Nested-VMX-Clear-APIC-v-control-bit-in-vmcs02.patch 5215d2d5-Nested-VMX-Update-APIC-v-RVI-SVI-when-vmexit-to-L1.patch 5215d8b0-Correct-X2-APIC-HVM-emulation.patch - Dropped 520d417d-xen-Add-stdbool.h-workaround-for-BSD.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=267 2013-08-30 16:59:38 +02:00			`# Commit 375a1035002fb257087756a86e6caeda649fc0f1`
			`# Date 2013-08-22 10:52:05 +0200`
			`# Author Yang Zhang <yang.z.zhang@Intel.com>`
			`# Committer Jan Beulich <jbeulich@suse.com>`
			`Nested VMX: Clear APIC-v control bit in vmcs02`

			`There is no vAPIC-v support, so mask APIC-v control bit when`
			`constructing vmcs02.`

			`Signed-off-by: Yang Zhang <yang.z.zhang@Intel.com>`
			`Acked-by: "Dong, Eddie" <eddie.dong@intel.com>`

			`--- a/xen/arch/x86/hvm/vmx/vvmx.c`
			`+++ b/xen/arch/x86/hvm/vmx/vvmx.c`
			`@@ -613,8 +613,15 @@ void nvmx_update_secondary_exec_control(`
			`u32 shadow_cntrl;`
			`struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);`
			`struct nestedvmx *nvmx = &vcpu_2_nvmx(v);`
			`+ u32 apicv_bit = SECONDARY_EXEC_APIC_REGISTER_VIRT \|`
			`+ SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY;`

			`+ host_cntrl &= ~apicv_bit;`
			`shadow_cntrl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL);`
			`+`
			`+ /* No vAPIC-v support, so it shouldn't be set in vmcs12. */`
			`+ ASSERT(!(shadow_cntrl & apicv_bit));`
			`+`
			`nvmx->ept.enabled = !!(shadow_cntrl & SECONDARY_EXEC_ENABLE_EPT);`
			`shadow_cntrl \|= host_cntrl;`
			`__vmwrite(SECONDARY_VM_EXEC_CONTROL, shadow_cntrl);`
			`@@ -625,7 +632,12 @@ static void nvmx_update_pin_control(stru`
			`u32 shadow_cntrl;`
			`struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v);`

			`+ host_cntrl &= ~PIN_BASED_POSTED_INTERRUPT;`
			`shadow_cntrl = __get_vvmcs(nvcpu->nv_vvmcx, PIN_BASED_VM_EXEC_CONTROL);`
			`+`
			`+ /* No vAPIC-v support, so it shouldn't be set in vmcs12. */`
			`+ ASSERT(!(shadow_cntrl & PIN_BASED_POSTED_INTERRUPT));`
			`+`
			`shadow_cntrl \|= host_cntrl;`
			`__vmwrite(PIN_BASED_VM_EXEC_CONTROL, shadow_cntrl);`
			`}`