KVM: VMX: Introduce KVM_SET_IDENTITY_MAP_ADDR ioctl

Now KVM allow guest to modify guest's physical address of EPT's identity mapping page.

(change from v1, discard unnecessary check, change ioctl to accept parameter
address rather than value)

Signed-off-by: Sheng Yang <sheng@linux.intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
This commit is contained in:
Sheng Yang 2009-07-21 10:42:48 +08:00 committed by Avi Kivity
parent b792c344df
commit b927a3cec0
4 changed files with 32 additions and 5 deletions

View File

@ -411,6 +411,7 @@ struct kvm_arch{
struct page *ept_identity_pagetable; struct page *ept_identity_pagetable;
bool ept_identity_pagetable_done; bool ept_identity_pagetable_done;
gpa_t ept_identity_map_addr;
unsigned long irq_sources_bitmap; unsigned long irq_sources_bitmap;
unsigned long irq_states[KVM_IOAPIC_NUM_PINS]; unsigned long irq_states[KVM_IOAPIC_NUM_PINS];

View File

@ -1719,7 +1719,7 @@ static void vmx_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
eptp = construct_eptp(cr3); eptp = construct_eptp(cr3);
vmcs_write64(EPT_POINTER, eptp); vmcs_write64(EPT_POINTER, eptp);
guest_cr3 = is_paging(vcpu) ? vcpu->arch.cr3 : guest_cr3 = is_paging(vcpu) ? vcpu->arch.cr3 :
VMX_EPT_IDENTITY_PAGETABLE_ADDR; vcpu->kvm->arch.ept_identity_map_addr;
} }
vmx_flush_tlb(vcpu); vmx_flush_tlb(vcpu);
@ -2122,7 +2122,7 @@ static int init_rmode_identity_map(struct kvm *kvm)
if (likely(kvm->arch.ept_identity_pagetable_done)) if (likely(kvm->arch.ept_identity_pagetable_done))
return 1; return 1;
ret = 0; ret = 0;
identity_map_pfn = VMX_EPT_IDENTITY_PAGETABLE_ADDR >> PAGE_SHIFT; identity_map_pfn = kvm->arch.ept_identity_map_addr >> PAGE_SHIFT;
r = kvm_clear_guest_page(kvm, identity_map_pfn, 0, PAGE_SIZE); r = kvm_clear_guest_page(kvm, identity_map_pfn, 0, PAGE_SIZE);
if (r < 0) if (r < 0)
goto out; goto out;
@ -2191,14 +2191,15 @@ static int alloc_identity_pagetable(struct kvm *kvm)
goto out; goto out;
kvm_userspace_mem.slot = IDENTITY_PAGETABLE_PRIVATE_MEMSLOT; kvm_userspace_mem.slot = IDENTITY_PAGETABLE_PRIVATE_MEMSLOT;
kvm_userspace_mem.flags = 0; kvm_userspace_mem.flags = 0;
kvm_userspace_mem.guest_phys_addr = VMX_EPT_IDENTITY_PAGETABLE_ADDR; kvm_userspace_mem.guest_phys_addr =
kvm->arch.ept_identity_map_addr;
kvm_userspace_mem.memory_size = PAGE_SIZE; kvm_userspace_mem.memory_size = PAGE_SIZE;
r = __kvm_set_memory_region(kvm, &kvm_userspace_mem, 0); r = __kvm_set_memory_region(kvm, &kvm_userspace_mem, 0);
if (r) if (r)
goto out; goto out;
kvm->arch.ept_identity_pagetable = gfn_to_page(kvm, kvm->arch.ept_identity_pagetable = gfn_to_page(kvm,
VMX_EPT_IDENTITY_PAGETABLE_ADDR >> PAGE_SHIFT); kvm->arch.ept_identity_map_addr >> PAGE_SHIFT);
out: out:
up_write(&kvm->slots_lock); up_write(&kvm->slots_lock);
return r; return r;
@ -3814,9 +3815,13 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
if (alloc_apic_access_page(kvm) != 0) if (alloc_apic_access_page(kvm) != 0)
goto free_vmcs; goto free_vmcs;
if (enable_ept) if (enable_ept) {
if (!kvm->arch.ept_identity_map_addr)
kvm->arch.ept_identity_map_addr =
VMX_EPT_IDENTITY_PAGETABLE_ADDR;
if (alloc_identity_pagetable(kvm) != 0) if (alloc_identity_pagetable(kvm) != 0)
goto free_vmcs; goto free_vmcs;
}
return &vmx->vcpu; return &vmx->vcpu;

View File

@ -1206,6 +1206,7 @@ int kvm_dev_ioctl_check_extension(long ext)
case KVM_CAP_IOEVENTFD: case KVM_CAP_IOEVENTFD:
case KVM_CAP_PIT2: case KVM_CAP_PIT2:
case KVM_CAP_PIT_STATE2: case KVM_CAP_PIT_STATE2:
case KVM_CAP_SET_IDENTITY_MAP_ADDR:
r = 1; r = 1;
break; break;
case KVM_CAP_COALESCED_MMIO: case KVM_CAP_COALESCED_MMIO:
@ -1906,6 +1907,13 @@ static int kvm_vm_ioctl_set_tss_addr(struct kvm *kvm, unsigned long addr)
return ret; return ret;
} }
static int kvm_vm_ioctl_set_identity_map_addr(struct kvm *kvm,
u64 ident_addr)
{
kvm->arch.ept_identity_map_addr = ident_addr;
return 0;
}
static int kvm_vm_ioctl_set_nr_mmu_pages(struct kvm *kvm, static int kvm_vm_ioctl_set_nr_mmu_pages(struct kvm *kvm,
u32 kvm_nr_mmu_pages) u32 kvm_nr_mmu_pages)
{ {
@ -2173,6 +2181,17 @@ long kvm_arch_vm_ioctl(struct file *filp,
if (r < 0) if (r < 0)
goto out; goto out;
break; break;
case KVM_SET_IDENTITY_MAP_ADDR: {
u64 ident_addr;
r = -EFAULT;
if (copy_from_user(&ident_addr, argp, sizeof ident_addr))
goto out;
r = kvm_vm_ioctl_set_identity_map_addr(kvm, ident_addr);
if (r < 0)
goto out;
break;
}
case KVM_SET_MEMORY_REGION: { case KVM_SET_MEMORY_REGION: {
struct kvm_memory_region kvm_mem; struct kvm_memory_region kvm_mem;
struct kvm_userspace_memory_region kvm_userspace_mem; struct kvm_userspace_memory_region kvm_userspace_mem;

View File

@ -435,6 +435,7 @@ struct kvm_ioeventfd {
#define KVM_CAP_PIT_STATE2 35 #define KVM_CAP_PIT_STATE2 35
#endif #endif
#define KVM_CAP_IOEVENTFD 36 #define KVM_CAP_IOEVENTFD 36
#define KVM_CAP_SET_IDENTITY_MAP_ADDR 37
#ifdef KVM_CAP_IRQ_ROUTING #ifdef KVM_CAP_IRQ_ROUTING
@ -512,6 +513,7 @@ struct kvm_irqfd {
#define KVM_SET_USER_MEMORY_REGION _IOW(KVMIO, 0x46,\ #define KVM_SET_USER_MEMORY_REGION _IOW(KVMIO, 0x46,\
struct kvm_userspace_memory_region) struct kvm_userspace_memory_region)
#define KVM_SET_TSS_ADDR _IO(KVMIO, 0x47) #define KVM_SET_TSS_ADDR _IO(KVMIO, 0x47)
#define KVM_SET_IDENTITY_MAP_ADDR _IOW(KVMIO, 0x48, __u64)
/* Device model IOC */ /* Device model IOC */
#define KVM_CREATE_IRQCHIP _IO(KVMIO, 0x60) #define KVM_CREATE_IRQCHIP _IO(KVMIO, 0x60)
#define KVM_IRQ_LINE _IOW(KVMIO, 0x61, struct kvm_irq_level) #define KVM_IRQ_LINE _IOW(KVMIO, 0x61, struct kvm_irq_level)