Bug 54141

Summary: nVMX: Support TPR shadow
Product: Virtualization Reporter: Nadav Har'El (nyh)
Component: kvmAssignee: virtualization_kvm
Status: RESOLVED CODE_FIX    
Severity: enhancement CC: bonzini
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 3.19 Subsystem:
Regression: No Bisected commit-id:
Bug Depends on:    
Bug Blocks: 94971, 53601    

Description Nadav Har'El 2013-02-20 14:33:40 UTC 
Add support for TPR shadow, which may be important for performance of
Windows L2 guests (which currently don't work anyway - see bug 53641).
Note, however, that TPR shadow is an optional feature, and KVM (as L1) won't use it if not available to it.

Some of the things we'll need to do (I think):

1. Advertise CPU_BASED_TPR_SHADOW in MSR_IA32_VMX_PROCBASED_CTLS

2. In nested_vmx_exit_handled_cr, in "mov to cr8", consider if we need an "else
if CPU_BASED_TPR_SHADOW" which sets the shadow and only exits if below the
tpr_threshold. This may be unnecessary, because the processor will already do
this if we put vmcs12 desires in vmcs02, and don't merge it with vmcs01. Also,
do we need to change anything in "mov from cr8" in the same function? I don't
think it will ever get called.

3. In prepare_vmcs02, set the TPR-shadow definitions from vmcs12, ignoring L0's
wishes (if I understand correctly, this is the right thing to do):

4. In prepare_vmcs02, if nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW), we need
to set VIRTUAL_APIC_PAGE_ADDR. The code will look something like
        struct page *page =
            nested_get_page(vcpu, vmcs12->virtual_apic_page_addr);
        if (!page)
            return 1;
        vmcs_write64(VIRTUAL_APIC_PAGE_ADDR, page_to_phys(page));
but we need to save this "page" in vmx->nested and nested_release_page() it on
nested_vmx_vmexit() or free_nested().

4. In prepare_vmcs02, set TPR_THRESHOLD as requested by L1. We used to have
this code:
    if (vm_need_tpr_shadow(vcpu->kvm) &&
        nested_cpu_has(vmcs12, CPU_BASED_TPR_SHADOW))
        vmcs_write32(TPR_THRESHOLD, vmcs12->tpr_threshold);
But I need to consider if "vm_need_tpr_shadow" is the right thing to check.

5. In prepare_vmcs02, in setting up CPU_BASED_VM_EXEC_CONTROL, probably *leave*
the code which removes the CPU_BASED_TPR_SHADOW from L0's exec_control (we'll
get this bit from vmcs12's exec_control).

6. We used to have the following code in prepare_vmcs02, after exec_control |=
vmcs12->cpu_based_vm_exec_control, to remove the TPR_SHADOW feature even if L1
asked for it in certain cases. I don't see why this was needed:
    if (!vm_need_tpr_shadow(vcpu->kvm) ||
        vmcs12->virtual_apic_page_addr == 0) {
        exec_control &= ~CPU_BASED_TPR_SHADOW;
#ifdef CONFIG_X86_64
        exec_control |= CPU_BASED_CR8_STORE_EXITING |
            CPU_BASED_CR8_LOAD_EXITING;
#endif
    } else if (exec_control & CPU_BASED_TPR_SHADOW) {
#ifdef CONFIG_X86_64
        exec_control &= ~CPU_BASED_CR8_STORE_EXITING;
        exec_control &= ~CPU_BASED_CR8_LOAD_EXITING;
#endif
    }
Comment 1 Paolo Bonzini 2015-04-08 08:57:52 UTC 
Fixed by commit a7c0b07d5708 (KVM: nVMX: nested TPR shadow/threshold emulation, 2014-08-21).