Xen project Mailing List

Re: [PATCH] x86/vmx: Remove IO bitmap from minimal VMX requirements

To: Hubert Jasudowicz <hubert.jasudowicz@xxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Fri, 15 Jan 2021 14:44:56 +0000

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=b+VNrWUUJrfI88YjQ6QPzYKtCui8xfuEz+DxE+Q95Dc=; b=Qizs5/qJzdzGdsSWn251I4i3Zqp789VGDomd2zlgXDMzvNB7yUAY0WePs5Zyj8EdK3JqoE6ek1Xmj8CUYGaws9zE4cAn/iFH9/PUloRWkPUSNmh5/b3ff2xG0XLycJrAWLv5N5kWwjpV6OYtZ5xjvOVMTsB/bubyIV6QT9cAj1pcvK30vi+H7yNj85Ost7GMxn5Jcru8NFyg46JVn1e48ed12r+QLcmnQZQxkJw3de7IhuUV2lFAxvCxI52jnrAvkQxZpweOkQl0wrZ43t1FbOuDA4sgEQqYDtkYR3qV4ConT+h/ZxlZA+PSjQWgGOOHtOxJWpw5WpjkKudr8NcYaQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kxrqvfFmd29mRT3MRaFCF3xkXj7Sm5Y8haV1fz59582MfAVDo6Uge2XekrHW8FKmsGeQxX7WAE+Yy8gsbBLpTiCzf9Z5gpWP1rlk35z3bOoRvPfqC7Oboy+2Z5SZ2CbQFyE4IaV9ju/oPajgWKMz1NPMC0EpyIeFXtkmzuNw0ngVJOocwqVhyRiUF/fam3nAs6T4ph56Cl9GixHlq8zCfezIIoQ3gs1pFp31JJkEuO1SvsRF9zt37oeYGAWMYS6TodRDDedhXA3USDUs2waJsAU6o+Zo8cHoIpAzEhJ2p4oVsY3Vep3WIoIVdmtMMculy2Y9PsEjF23ZqDHu1Psuaw==

Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Jun Nakajima <jun.nakajima@xxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Michał Leszczyński <michal.leszczynski@xxxxxxx>

Delivery-date: Fri, 15 Jan 2021 14:45:13 +0000

Ironport-sdr: aLbfK7uBhS3tmIgDdelH0TMK/WkE5N7JDkpgFAbKS8XlCw63mDvJ6LkdTKwIUEHmzS1m5ZTsrW LC6TfYmRqVZptU2vUgCluofCO9NcT5XLm+QfZ7d67DMqbkHwm0pBRrleLhFV+PlRtm//n+IuHy Tn5IjqDgv6oDdvE4zjoPyCWaquVfml3SsHcy3Q+eDa3RbOuDf9G6C1VIpKWUBBbgDB76Z/j189 /QDxHV43nOxaeSZ0B72i/0DOv1mpsBh4ks9d3SUOqdHblu8/eqw7xjoYvczi5LGJDYoqhfLRoN kmA=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 15/01/2021 14:30, Hubert Jasudowicz wrote: > This patch is a result of a downstream bug report[1]. Xen fails to > create a HVM domain while running under VMware Fusion 12.1.0 on > a modern Intel Core i9 CPU: > > (XEN) VMX: CPU0 has insufficient CPU-Based Exec Control (b5b9fffe; requires > 2299968c) > (XEN) VMX: failed to initialise. > > It seems that Apple hypervisor API doesn't support this feature[2]. > > Move this bit from minimal required features to optional. > > [1] https://github.com/CERT-Polska/drakvuf-sandbox/issues/418 > [2] https://developer.apple.com/documentation/hypervisor/cpu_based_io_bitmaps > > Signed-off-by: Hubert Jasudowicz <hubert.jasudowicz@xxxxxxx> For others reviewing, this was my suggestion to fix it. The IO port bitmap is only used as a performance optimisation for legacy BIOS code using port 0x80/0xed for IO delays, which isn't a good enough reason for the feature to be mandatory. Nested virt like this is primarily used for ease of development. The VMExit IO path should DTRT, even for a PVH dom0. > diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c > index 164535f8f0..bad4d6e206 100644 > --- a/xen/arch/x86/hvm/vmx/vmcs.c > +++ b/xen/arch/x86/hvm/vmx/vmcs.c > @@ -1168,8 +1168,10 @@ static int construct_vmcs(struct vcpu *v) > } > > /* I/O access bitmap. */ > - __vmwrite(IO_BITMAP_A, __pa(d->arch.hvm.io_bitmap)); > - __vmwrite(IO_BITMAP_B, __pa(d->arch.hvm.io_bitmap) + PAGE_SIZE); > + if ( cpu_has_vmx_io_bitmap ) { Brace on newline. Can be fixed on commit - no need to resend just for this. Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> ~Andrew > + __vmwrite(IO_BITMAP_A, __pa(d->arch.hvm.io_bitmap)); > + __vmwrite(IO_BITMAP_B, __pa(d->arch.hvm.io_bitmap) + PAGE_SIZE); > + } > > if ( cpu_has_vmx_virtual_intr_delivery ) > { >

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.