1 /*
2 * Copyright (C) 2021 Intel Corporation.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6 #ifndef NESTED_H
7 #define NESTED_H
8
9 #include <asm/vm_config.h>
10 #include <lib/errno.h>
11
12 /* helper data structure to make VMX capability MSR manipulation easier */
13 union value_64 {
14 uint64_t full;
15 struct {
16 uint32_t lo_32;
17 uint32_t hi_32;
18 } u;
19 };
20
21 /*
22 * Following MSRs are supported if nested virtualization is enabled
23 * - If CONFIG_NVMX_ENABLED is set, these MSRs are included in emulated_guest_msrs[]
24 * - otherwise, they are included in unsupported_msrs[]
25 */
26 #define NUM_VMX_MSRS 20U
27 #define LIST_OF_VMX_MSRS \
28 MSR_IA32_SMBASE, \
29 MSR_IA32_VMX_BASIC, \
30 MSR_IA32_VMX_PINBASED_CTLS, \
31 MSR_IA32_VMX_PROCBASED_CTLS, \
32 MSR_IA32_VMX_EXIT_CTLS, \
33 MSR_IA32_VMX_ENTRY_CTLS, \
34 MSR_IA32_VMX_MISC, \
35 MSR_IA32_VMX_CR0_FIXED0, \
36 MSR_IA32_VMX_CR0_FIXED1, \
37 MSR_IA32_VMX_CR4_FIXED0, \
38 MSR_IA32_VMX_CR4_FIXED1, \
39 MSR_IA32_VMX_VMCS_ENUM, \
40 MSR_IA32_VMX_PROCBASED_CTLS2, \
41 MSR_IA32_VMX_EPT_VPID_CAP, \
42 MSR_IA32_VMX_TRUE_PINBASED_CTLS, \
43 MSR_IA32_VMX_TRUE_PROCBASED_CTLS, \
44 MSR_IA32_VMX_TRUE_EXIT_CTLS, \
45 MSR_IA32_VMX_TRUE_ENTRY_CTLS, \
46 MSR_IA32_VMX_VMFUNC, \
47 MSR_IA32_VMX_PROCBASED_CTLS3
48
49 /* refer to ISDM APPENDIX B: FIELD ENCODING IN VMCS */
50 #define VMX_VMCS_FIELD_ACCESS_HIGH(v) (((v) >> 0U) & 0x1U)
51 #define VMX_VMCS_FIELD_INDEX(v) (((v) >> 1U) & 0x1ffU)
52 #define VMX_VMCS_FIELD_TYPE(v) (((v) >> 10U) & 0x3U)
53 #define VMX_VMCS_FIELD_TYPE_CTL (0U)
54 #define VMX_VMCS_FIELD_TYPE_VMEXIT (1U)
55 #define VMX_VMCS_FIELD_TYPE_GUEST (2U)
56 #define VMX_VMCS_FIELD_TYPE_HOST (3U)
57 #define VMX_VMCS_FIELD_WIDTH(v) (((v) >> 13U) & 0x3U)
58 #define VMX_VMCS_FIELD_WIDTH_16 (0U)
59 #define VMX_VMCS_FIELD_WIDTH_64 (1U)
60 #define VMX_VMCS_FIELD_WIDTH_32 (2U)
61 #define VMX_VMCS_FIELD_WIDTH_NATURAL (3U)
62
63 /*
64 * VM-Exit Instruction-Information Field
65 *
66 * ISDM Vol 3C Table 27-9: INVEPT, INVPCID, INVVPID
67 * ISDM Vol 3C Table 27-13: VMCLEAR, VMPTRLD, VMPTRST, VMXON, XRSTORS, and XSAVES.
68 * ISDM Vol 3C Table 27-14: VMREAD and VMWRITE
69 *
70 * Either Table 27-9 or Table 27-13 is a subset of Table 27-14, so we are able to
71 * define the following macros to be used for the above mentioned instructions.
72 */
73 #define VMX_II_SCALING(v) (((v) >> 0U) & 0x3U)
74 #define VMX_II_REG1(v) (((v) >> 3U) & 0xfU)
75 #define VMX_II_ADDR_SIZE(v) (((v) >> 7U) & 0x7U)
76 #define VMX_II_IS_REG(v) (((v) >> 10U) & 0x1U)
77 #define VMX_II_SEG_REG(v) (((v) >> 15U) & 0x7U)
78 #define VMX_II_IDX_REG(v) (((v) >> 18U) & 0xfU)
79 #define VMX_II_IDX_REG_VALID(v) ((((v) >> 22U) & 0x1U) == 0U)
80 #define VMX_II_BASE_REG(v) (((v) >> 23U) & 0xfU)
81 #define VMX_II_BASE_REG_VALID(v) ((((v) >> 27U) & 0x1U) == 0U)
82 #define VMX_II_REG2(v) (((v) >> 28U) & 0xfU)
83
84 #define VMCS_SHADOW_BIT_INDICATOR (1U << 31U)
85
86 /* refer to ISDM: Table 30-1. VM-Instruction Error Numbers */
87 #define VMXERR_VMCLEAR_VMXON_POINTER (3)
88 #define VMXERR_VMLAUNCH_NONCLEAR_VMCS (4)
89 #define VMXERR_VMRESUME_NONLAUNCHED_VMCS (5)
90 #define VMXERR_VMRESUME_AFTER_VMXOFF (6)
91 #define VMXERR_VMPTRLD_INVALID_ADDRESS (9)
92 #define VMXERR_VMPTRLD_INCORRECT_VMCS_REVISION_ID (10)
93 #define VMXERR_VMPTRLD_VMXON_POINTER (11)
94 #define VMXERR_UNSUPPORTED_COMPONENT (12)
95 #define VMXERR_VMWRITE_RO_COMPONENT (13)
96 #define VMXERR_VMXON_IN_VMX_ROOT_OPERATION (15)
97 #define VMXERR_INVEPT_INVVPID_INVALID_OPERAND (28)
98
99 /*
100 * This VMCS12 revision id is chosen arbitrarily.
101 * The emulated MSR_IA32_VMX_BASIC returns this ID in bits 30:0.
102 */
103 #define VMCS12_REVISION_ID 0x15407E12U
104
105 #define VMCS12_LAUNCH_STATE_CLEAR (0U)
106 #define VMCS12_LAUNCH_STATE_LAUNCHED (1U)
107
108 /*
109 * struct acrn_vmcs12 describes the emulated VMCS for the nested guest (L2).
110 */
111 struct acrn_vmcs12 {
112 uint8_t vmcs_hdr[4];
113 uint32_t abort;
114
115 /*
116 * Rest of the memory is used for "VMCS Data"
117 * Layout of VMCS Data is non-architectural and processor
118 * implemetation specific.
119 */
120 uint32_t launch_state;
121
122 /* 16-bit Control Fields */
123 uint16_t vpid;
124 uint16_t posted_intr_nv;
125 uint16_t eptp_index;
126
127 /* 16-bit Read-only Fields */
128 uint16_t padding;
129
130 /* 16-bit Guest-State Fields */
131 uint16_t guest_es;
132 uint16_t guest_cs;
133 uint16_t guest_ss;
134 uint16_t guest_ds;
135 uint16_t guest_fs;
136 uint16_t guest_gs;
137 uint16_t guest_ldtr;
138 uint16_t guest_tr;
139 uint16_t guest_intr_status;
140 uint16_t pml_index;
141
142 /* 16-bit Host-State Fields */
143 uint16_t host_es;
144 uint16_t host_cs;
145 uint16_t host_ss;
146 uint16_t host_ds;
147 uint16_t host_fs;
148 uint16_t host_gs;
149 uint16_t host_tr;
150
151 /* 64-bit Control Fields */
152 uint64_t io_bitmap_a;
153 uint64_t io_bitmap_b;
154 uint64_t msr_bitmap;
155 uint64_t vm_exit_msr_store_addr;
156 uint64_t vm_exit_msr_load_addr;
157 uint64_t vm_entry_load_addr;
158 uint64_t executive_vmcs_ptr;
159 uint64_t pml_addr;
160 uint64_t tsc_offset;
161 uint64_t virtual_apic_addr;
162 uint64_t apic_access_addr;
163 uint64_t posted_interrupt_desc_addr;
164 uint64_t vm_func_controls;
165 uint64_t ept_pointer;
166 uint64_t eoi_exit_bitmap0;
167 uint64_t eoi_exit_bitmap1;
168 uint64_t eoi_exit_bitmap2;
169 uint64_t eoi_exit_bitmap3;
170 uint64_t eptp_list_addr;
171 uint64_t vmread_bitmap_addr;
172 uint64_t vmwrite_bitmap_addr;
173 uint64_t virt_exception_info_addr;
174 uint64_t xss_exiting_bitmap;
175 uint64_t encls_exiting_bitmap;
176 uint64_t sub_page_permission_ptr;
177 uint64_t tsc_multiplier;
178
179 /* 64-bit Read-Only Data Fields */
180 uint64_t guest_phys_addr;
181
182 /* 64-bit Guest-State Fields */
183 uint64_t vmcs_link_ptr;
184 uint64_t guest_ia32_debugctl;
185 uint64_t guest_ia32_pat;
186 uint64_t guest_ia32_efer;
187 uint64_t ia32_perf_global_ctrl;
188 uint64_t guest_pdpte0;
189 uint64_t guest_pdpte1;
190 uint64_t guest_pdpte2;
191 uint64_t guest_pdpte3;
192 uint64_t guest_ia32_bndcfgs;
193 uint64_t guest_ia32_rtit_ctl;
194
195 /* 64-bit Host-State Fields */
196 uint64_t host_ia32_pat;
197 uint64_t host_ia32_efer;
198 uint64_t host_ia32_perf_global_ctrl;
199
200 /* 32-bit Control Fields */
201 uint32_t pin_based_exec_ctrl;
202 uint32_t proc_based_exec_ctrl;
203 uint32_t exception_bitmap;
204 uint32_t page_fault_error_code_mask;
205 uint32_t page_fault_error_code_match;
206 uint32_t cr3_target_count;
207 uint32_t vm_exit_controls;
208 uint32_t vm_exit_msr_store_count;
209 uint32_t vm_exit_msr_load_count;
210 uint32_t vm_entry_controls;
211 uint32_t vm_entry_msr_load_count;
212 uint32_t vm_entry_intr_info_field;
213 uint32_t vm_entry_exception_err_code;
214 uint32_t vm_entry_instr_len;
215 uint32_t tpr_threshold;
216 uint32_t proc_based_exec_ctrl2;
217 uint32_t ple_gap;
218 uint32_t ple_window;
219
220 /* 32-bit Read-Only Data Fields */
221 uint32_t vm_instr_error;
222 uint32_t exit_reason;
223 uint32_t vm_exit_intr_info;
224 uint32_t vm_exit_intr_error_code;
225 uint32_t idt_vectoring_info_field;
226 uint32_t idt_vectoring_error_code;
227 uint32_t vm_exit_instr_len;
228 uint32_t vm_exit_instr_info;
229
230 /* 32-bit Guest-State Fields */
231 uint32_t guest_es_limit;
232 uint32_t guest_cs_limit;
233 uint32_t guest_ss_limit;
234 uint32_t guest_ds_limit;
235 uint32_t guest_fs_limit;
236 uint32_t guest_gs_limit;
237 uint32_t guest_ldtr_limit;
238 uint32_t guest_tr_limit;
239 uint32_t guest_gdtr_limit;
240 uint32_t guest_idtr_limit;
241 uint32_t guest_es_ar;
242 uint32_t guest_cs_ar;
243 uint32_t guest_ss_ar;
244 uint32_t guest_ds_ar;
245 uint32_t guest_fs_ar;
246 uint32_t guest_gs_ar;
247 uint32_t guest_ldtr_ar;
248 uint32_t guest_tr_ar;
249 uint32_t guest_intr_state;
250 uint32_t guest_activity_state;
251 uint32_t guest_smbase;
252 uint32_t guest_ia32_sysenter_cs;
253 uint32_t vmx_preempt_timer_val;
254
255 /* 32-bit Host-State Fields */
256 uint32_t host_ia32_sysenter_cs;
257
258 /* Natural-width Control Fields */
259 uint64_t cr0_guest_host_mask;
260 uint64_t cr4_guest_host_mask;
261 uint64_t cr0_read_shadow;
262 uint64_t cr4_read_shadow;
263 uint64_t cr3_target_val0;
264 uint64_t cr3_target_val1;
265 uint64_t cr3_target_val2;
266 uint64_t cr3_target_val3;
267
268 /* Natural-width Read-Only Data Fields */
269 uint64_t exit_qual;
270 uint64_t io_rcx;
271 uint64_t io_rsi;
272 uint64_t io_rdi;
273 uint64_t io_rip;
274 uint64_t guest_linear_addr;
275
276 /* Natural-width Guest-State Fields */
277 uint64_t guest_cr0;
278 uint64_t guest_cr3;
279 uint64_t guest_cr4;
280 uint64_t guest_es_base;
281 uint64_t guest_cs_base;
282 uint64_t guest_ss_base;
283 uint64_t guest_ds_base;
284 uint64_t guest_fs_base;
285 uint64_t guest_gs_base;
286 uint64_t guest_ldtr_base;
287 uint64_t guest_tr_base;
288 uint64_t guest_gdtr_base;
289 uint64_t guest_idtr_base;
290 uint64_t guest_dr7;
291 uint64_t guest_rsp;
292 uint64_t guest_rip;
293 uint64_t guest_rflags;
294 uint64_t guest_pending_debug_excp;
295 uint64_t guest_ia32_sysenter_esp;
296 uint64_t guest_ia32_sysenter_eip;
297
298 /** Natural-width Host-State Fields */
299 uint64_t host_cr0;
300 uint64_t host_cr3;
301 uint64_t host_cr4;
302 uint64_t host_fs_base;
303 uint64_t host_gs_base;
304 uint64_t host_tr_base;
305 uint64_t host_gdtr_base;
306 uint64_t host_idtr_base;
307 uint64_t host_ia32_sysenter_esp;
308 uint64_t host_ia32_sysenter_eip;
309 uint64_t host_rsp;
310 uint64_t host_rip;
311 };
312
313 enum VMXResult {
314 VMsucceed,
315 VMfailValid,
316 VMfailInvalid,
317 };
318 void nested_vmx_result(enum VMXResult, int error_number);
319 int64_t get_invvpid_ept_operands(struct acrn_vcpu *vcpu, void *desc, size_t size);
320 bool check_vmx_permission(struct acrn_vcpu *vcpu);
321 int32_t vmxon_vmexit_handler(struct acrn_vcpu *vcpu);
322 int32_t vmxoff_vmexit_handler(struct acrn_vcpu *vcpu);
323 int32_t vmptrld_vmexit_handler(struct acrn_vcpu *vcpu);
324 int32_t vmclear_vmexit_handler(struct acrn_vcpu *vcpu);
325 int32_t vmread_vmexit_handler(struct acrn_vcpu *vcpu);
326 int32_t vmwrite_vmexit_handler(struct acrn_vcpu *vcpu);
327 int32_t vmresume_vmexit_handler(struct acrn_vcpu *vcpu);
328 int32_t vmlaunch_vmexit_handler(struct acrn_vcpu *vcpu);
329 int32_t invvpid_vmexit_handler(struct acrn_vcpu *vcpu);
330
331 #ifdef CONFIG_NVMX_ENABLED
332 struct acrn_vvmcs {
333 uint8_t vmcs02[PAGE_SIZE]; /* VMCS to run L2 and as Link Pointer in VMCS01 */
334 struct acrn_vmcs12 vmcs12; /* To cache L1's VMCS12*/
335 uint64_t vmcs12_gpa; /* The corresponding L1 GPA for this VMCS12 */
336 uint32_t ref_cnt; /* Count of being VMPTRLDed without VMCLEARed */
337 bool host_state_dirty; /* To indicate need to merge VMCS12 host-state fields to VMCS01 */
338 bool control_fields_dirty; /* For all other non-host-state fields that need to be merged */
339 } __aligned(PAGE_SIZE);
340
341 #define MAX_ACTIVE_VVMCS_NUM 4
342
343 struct acrn_nested {
344 struct acrn_vvmcs vvmcs[MAX_ACTIVE_VVMCS_NUM];
345 struct acrn_vvmcs *current_vvmcs; /* Refer to the current loaded VMCS12 */
346 uint64_t vmxon_ptr; /* GPA */
347 bool vmxon; /* To indicate if vCPU entered VMX operation */
348 bool in_l2_guest; /* To indicate if vCPU is currently in Guest mode (from L1's perspective) */
349 } __aligned(PAGE_SIZE);
350
351 void init_nested_vmx(__unused struct acrn_vm *vm);
352 bool is_vcpu_in_l2_guest(struct acrn_vcpu *vcpu);
353 bool is_vmx_msr(uint32_t msr);
354 void init_vmx_msrs(struct acrn_vcpu *vcpu);
355 int32_t read_vmx_msr(__unused struct acrn_vcpu *vcpu, uint32_t msr, uint64_t *val);
356 int32_t nested_vmexit_handler(struct acrn_vcpu *vcpu);
357 #else
358 struct acrn_nested {};
359
init_nested_vmx(__unused struct acrn_vm * vm)360 static inline void init_nested_vmx(__unused struct acrn_vm *vm) {}
is_vcpu_in_l2_guest(__unused struct acrn_vcpu * vcpu)361 static inline bool is_vcpu_in_l2_guest(__unused struct acrn_vcpu *vcpu) {
362 return false;
363 }
364
is_vmx_msr(__unused uint32_t msr)365 static inline bool is_vmx_msr(__unused uint32_t msr)
366 {
367 /*
368 * if nested virtualization is disabled, return false so that
369 * it can be treated as unsupported MSR.
370 */
371 return false;
372 }
373
init_vmx_msrs(__unused struct acrn_vcpu * vcpu)374 static inline void init_vmx_msrs(__unused struct acrn_vcpu *vcpu) {}
375
read_vmx_msr(__unused struct acrn_vcpu * vcpu,__unused uint32_t msr,__unused uint64_t * val)376 static inline int32_t read_vmx_msr(__unused struct acrn_vcpu *vcpu,
377 __unused uint32_t msr, __unused uint64_t *val)
378 {
379 return -EACCES;
380 }
381
nested_vmexit_handler(__unused struct acrn_vcpu * vcpu)382 static inline int32_t nested_vmexit_handler(__unused struct acrn_vcpu *vcpu)
383 {
384 return -EINVAL;
385 }
386 #endif /* CONFIG_NVMX_ENABLED */
387 #endif /* NESTED_H */
388