lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <67503c138899e2f5ebb84d9c4a19c2fd632fb1e7.1770116050.git.isaku.yamahata@intel.com>
Date: Tue,  3 Feb 2026 10:16:49 -0800
From: isaku.yamahata@...el.com
To: kvm@...r.kernel.org
Cc: isaku.yamahata@...el.com,
	isaku.yamahata@...il.com,
	Paolo Bonzini <pbonzini@...hat.com>,
	Sean Christopherson <seanjc@...gle.com>,
	linux-kernel@...r.kernel.org,
	Yang Zhong <yang.zhong@...ux.intel.com>
Subject: [PATCH 06/32] KVM: VMX: Implement the hooks for VMX guest virtual deadline timer

From: Yang Zhong <yang.zhong@...ux.intel.com>

Implement the hooks for the VMX backend for APIC timer virtualization to
access the related VMCS fields.

Co-developed-by: Yang Zhong <yang.zhong@...ux.intel.com>
Signed-off-by: Yang Zhong <yang.zhong@...ux.intel.com>
Co-developed-by: Isaku Yamahata <isaku.yamahata@...el.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@...el.com>
---
 arch/x86/kvm/lapic.h            |  5 ++
 arch/x86/kvm/vmx/capabilities.h |  6 +++
 arch/x86/kvm/vmx/main.c         |  5 ++
 arch/x86/kvm/vmx/vmx.c          | 83 ++++++++++++++++++++++++++++++++-
 arch/x86/kvm/vmx/x86_ops.h      |  5 ++
 5 files changed, 103 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h
index 67172fef1b5b..d3fad67a4e78 100644
--- a/arch/x86/kvm/lapic.h
+++ b/arch/x86/kvm/lapic.h
@@ -230,6 +230,11 @@ static inline int kvm_lapic_latched_init(struct kvm_vcpu *vcpu)
 	return lapic_in_kernel(vcpu) && test_bit(KVM_APIC_INIT, &vcpu->arch.apic->pending_events);
 }
 
+static inline int kvm_lapic_lvtt_timer_mode(struct kvm_vcpu *vcpu)
+{
+	return vcpu->arch.apic->lapic_timer.timer_mode;
+}
+
 bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector);
 
 void kvm_wait_lapic_expire(struct kvm_vcpu *vcpu);
diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilities.h
index 02aadb9d730e..ffc51fe9a455 100644
--- a/arch/x86/kvm/vmx/capabilities.h
+++ b/arch/x86/kvm/vmx/capabilities.h
@@ -90,6 +90,12 @@ static inline bool cpu_has_vmx_preemption_timer(void)
 		PIN_BASED_VMX_PREEMPTION_TIMER;
 }
 
+static inline bool cpu_has_vmx_apic_timer_virt(void)
+{
+	return vmcs_config.cpu_based_3rd_exec_ctrl &
+		TERTIARY_EXEC_GUEST_APIC_TIMER;
+}
+
 static inline bool cpu_has_vmx_posted_intr(void)
 {
 	return vmcs_config.pin_based_exec_ctrl & PIN_BASED_POSTED_INTR;
diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c
index a46ccd670785..56387c3412e1 100644
--- a/arch/x86/kvm/vmx/main.c
+++ b/arch/x86/kvm/vmx/main.c
@@ -989,6 +989,11 @@ struct kvm_x86_ops vt_x86_ops __initdata = {
 #ifdef CONFIG_X86_64
 	.set_hv_timer = vt_op(set_hv_timer),
 	.cancel_hv_timer = vt_op(cancel_hv_timer),
+	.can_use_apic_virt_timer = vmx_can_use_apic_virt_timer,
+	.set_apic_virt_timer = vmx_set_apic_virt_timer,
+	.cancel_apic_virt_timer = vmx_cancel_apic_virt_timer,
+	.set_guest_tsc_deadline_virt = vmx_set_guest_tsc_deadline_virt,
+	.get_guest_tsc_deadline_virt = vmx_get_guest_tsc_deadline_virt,
 #endif
 
 	.setup_mce = vt_op(setup_mce),
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 6d0d2d8ebcff..dcb04fc0b8a7 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -2789,7 +2789,8 @@ static int setup_vmcs_config(struct vmcs_config *vmcs_conf,
 			adjust_vmx_controls64(KVM_OPTIONAL_VMX_TERTIARY_VM_EXEC_CONTROL,
 					      MSR_IA32_VMX_PROCBASED_CTLS3);
 
-	if (!(_cpu_based_2nd_exec_control & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY))
+	if (!IS_ENABLED(CONFIG_X86_64) ||
+	    !(_cpu_based_2nd_exec_control & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY))
 		_cpu_based_3rd_exec_control &= ~TERTIARY_EXEC_GUEST_APIC_TIMER;
 
 	if (adjust_vmx_controls(KVM_REQUIRED_VMX_VM_EXIT_CONTROLS,
@@ -8268,6 +8269,86 @@ void vmx_cancel_hv_timer(struct kvm_vcpu *vcpu)
 {
 	to_vmx(vcpu)->hv_deadline_tsc = -1;
 }
+
+bool vmx_can_use_apic_virt_timer(struct kvm_vcpu *vcpu)
+{
+	if (vcpu->kvm->arch.vm_type != KVM_X86_DEFAULT_VM)
+		return false;
+
+	return cpu_has_vmx_apic_timer_virt() &&
+		/* VMX guest virtual timer supports only TSC deadline mode. */
+		kvm_lapic_lvtt_timer_mode(vcpu) == APIC_LVT_TIMER_TSCDEADLINE &&
+		/* Require SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY  */
+		kvm_vcpu_apicv_active(vcpu) &&
+		/* KVM doesn't use RDTSC existing. Safeguard. */
+		!(exec_controls_get(to_vmx(vcpu)) & CPU_BASED_RDTSC_EXITING);
+}
+
+void vmx_set_apic_virt_timer(struct kvm_vcpu *vcpu, u16 vector)
+{
+	vmcs_write16(GUEST_APIC_TIMER_VECTOR, vector);
+	vmx_disable_intercept_for_msr(vcpu, MSR_IA32_TSC_DEADLINE, MSR_TYPE_RW);
+	tertiary_exec_controls_setbit(to_vmx(vcpu), TERTIARY_EXEC_GUEST_APIC_TIMER);
+}
+
+void vmx_cancel_apic_virt_timer(struct kvm_vcpu *vcpu)
+{
+	vmx_enable_intercept_for_msr(vcpu, MSR_IA32_TSC_DEADLINE, MSR_TYPE_RW);
+	tertiary_exec_controls_clearbit(to_vmx(vcpu), TERTIARY_EXEC_GUEST_APIC_TIMER);
+}
+
+static u64 vmx_calc_deadline_l1_to_host(struct kvm_vcpu *vcpu, u64 l1_tsc)
+{
+	u64 host_tsc_now = rdtsc();
+	u64 l1_tsc_now = kvm_read_l1_tsc(vcpu, host_tsc_now);
+	u64 host_tsc;
+
+	/* 0 means that timer is disarmed. */
+	if (!l1_tsc)
+		return 0;
+
+	host_tsc = l1_tsc - vcpu->arch.l1_tsc_offset;
+	if (vcpu->arch.l1_tsc_scaling_ratio != kvm_caps.default_tsc_scaling_ratio)
+		if (u64_shl_div_u64(l1_tsc,
+				    kvm_caps.tsc_scaling_ratio_frac_bits,
+				    vcpu->arch.l1_tsc_scaling_ratio,
+				    &host_tsc))
+			host_tsc = ~0ull;
+
+	/*
+	 * Clamp the result on overflow.
+	 * TSC deadline isn't supposed to overflow in practice.
+	 * ~0ull is considered that the timer is armed, but won't fire in
+	 * practical timer frame.
+	 */
+	if (l1_tsc > l1_tsc_now && host_tsc <= host_tsc_now)
+		host_tsc = ~0ull;
+	/*
+	 * Clamp the result on underflow.
+	 * The past value means fire the timer immediately.
+	 * Pick the obvious past value.
+	 */
+	if (l1_tsc <= l1_tsc_now && host_tsc > host_tsc_now)
+		host_tsc = 1ull;
+
+	if (!host_tsc)
+		host_tsc = 1ull;
+
+	return host_tsc;
+}
+
+void vmx_set_guest_tsc_deadline_virt(struct kvm_vcpu *vcpu,
+				     u64 guest_deadline_virt)
+{
+	vmcs_write64(GUEST_DEADLINE_VIR, guest_deadline_virt);
+	vmcs_write64(GUEST_DEADLINE_PHY,
+		     vmx_calc_deadline_l1_to_host(vcpu, guest_deadline_virt));
+}
+
+u64 vmx_get_guest_tsc_deadline_virt(struct kvm_vcpu *vcpu)
+{
+	return vmcs_read64(GUEST_DEADLINE_VIR);
+}
 #endif
 
 void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcpu)
diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h
index d09abeac2b56..364050e0427c 100644
--- a/arch/x86/kvm/vmx/x86_ops.h
+++ b/arch/x86/kvm/vmx/x86_ops.h
@@ -117,6 +117,11 @@ void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcpu);
 int vmx_set_hv_timer(struct kvm_vcpu *vcpu, u64 guest_deadline_tsc,
 		     bool *expired);
 void vmx_cancel_hv_timer(struct kvm_vcpu *vcpu);
+bool vmx_can_use_apic_virt_timer(struct kvm_vcpu *vcpu);
+void vmx_set_apic_virt_timer(struct kvm_vcpu *vcpu, u16 vector);
+void vmx_cancel_apic_virt_timer(struct kvm_vcpu *vcpu);
+void vmx_set_guest_tsc_deadline_virt(struct kvm_vcpu *vcpu, u64 guest_deadline_tsc);
+u64 vmx_get_guest_tsc_deadline_virt(struct kvm_vcpu *vcpu);
 #endif
 void vmx_setup_mce(struct kvm_vcpu *vcpu);
 
-- 
2.45.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ