[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v2 0/2] Virtual NMI

Currently, the Xen hypervisor delivers NMIs to the guests using the Event
Injection mechanism. The Event Injection mechanism does not block the delivery
of subsequent NMIs. So the Xen Hypervisor tracks the NMI delivery and its
completion (by intercepting the IRET instruction) before sending a new NMI.

With the 4th generation AMD EPYC, a hardware NMI virtualization support,
Virtual NMI (VNMI), is introduced.  The vNMI allows the hypervisor to inject
the NMI into the guest w/o using Event Injection mechanism. No need to track
the guest NMI and intercepting the IRET instruction.

NMI Virtualization support is indicated by CPUID Fn8000_000A_EDX[VNMI] = 1.[1]

NMI Virtualization is enabled by setting V_NMI_ENABLE (bit 26 in offset 60h
of the VMCB). Enabling NMI Virtualization requires the NMI intercept bit to
be set. An attempt to run a guest with V_NMI_ENABLE without the NMI intercept
bit set results in #VMEXIT(INVALID) [1]

Three new bits are added to the VMCB field at offset 60h to provide NMI
virtualization hardware support:

V_NMI(11): Indicates whether a virtual NMI is pending in the guest. The
processor will clear V_NMI once it takes the virtual NMI.
V_NMI_MASK(12): Indicates whether virtual NMIs are masked. The processor will
set V_NMI_MASK once it takes the virtual NMI. V_NMI_MASK is cleared when the
guest successfully completes an IRET instruction or #VMEXIT occurs while
delivering the virtual NMI.
V_NMI_ENABLE(26): Enables NMI virtualization. [1]

[1] https://docs.amd.com/v/u/en-US/24593_3.43

---
Changes in v2:
 - Merge the patches for
   "svm/vnmi: introduce the vnmi bit support in the cpuid feature set"
   and
   "svm/vnmi: add the definitions for the svm vnmi management bits in the VMCB"
   into the one patch
   "x86/svm: Add Enumerations for the SVM virtual NMI".
 - Change the patch subject "svm/vnmi: Add support for the SVM Virtual NMI" to
   "x86/svm: Use virtual NMI when available"
 - Move the print out of the VNMI capability to the patch
   "x86/svm: Use virtual NMI when available" when it is being used.
 - Remove the hvm_intblk_vnmi enumeration that was introduced for the separate
   masked vNMI handling.
 - Introduce the hvm_function_table's is_vnmi_enabled callback to allow for the
   SVM implementation to verify that the VNMI is enabled by checking the VMCB
   bits in addition to the CPUID reported support.
 - Change the the name of the hvm_function_table's callback is_vnmi_pending to
   is_vnmi_masked.
 - The svm_inject_nmi function gains a check for the distinct NMI injection
   handling when the VNMI is enabled.
 - Simplify the check of AMD SVM Hardware support for the VNMI. The check
   cpu_has_svm_vnmi is performed unconditionally.
 - Simplify the introduced changes diff for the vintr_t union for the VNMI bits
   support.
 - Adopt the Xen formatting guidelines for the control structures.
 - CI tests:
https://gitlab.com/xen-project/people/aabdelsa/xen/-/pipelines/2325298577
---

Abdelkareem Abdelsaamad (2):
  x86/svm: Add Enumerations for the SVM virtual NMI
  x86/svm: Use the virtual NMI when available

 xen/arch/x86/hvm/svm/intr.c        | 13 ++++++++++--
 xen/arch/x86/hvm/svm/svm.c         | 34 ++++++++++++++++++++++++++++--
 xen/arch/x86/hvm/svm/vmcb.c        |  2 ++
 xen/arch/x86/hvm/svm/vmcb.h        |  8 +++++--
 xen/arch/x86/include/asm/hvm/hvm.h | 13 +++++++++++-
 xen/arch/x86/include/asm/hvm/svm.h |  2 ++
 6 files changed, 65 insertions(+), 7 deletions(-)

-- 
2.52.0

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.