Christoph Egger
2010-Apr-15 12:22 UTC
[Xen-devel] [PATCH 01/18] Nested Virtualization: tools
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com> -- ---to satisfy European Law for business letters: Advanced Micro Devices GmbH Karl-Hammerschmidt-Str. 34, 85609 Dornach b. Muenchen Geschaeftsfuehrer: Andrew Bowd, Thomas M. McCoy, Giuliano Meroni Sitz: Dornach, Gemeinde Aschheim, Landkreis Muenchen Registergericht Muenchen, HRB Nr. 43632 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Tim Deegan
2010-Apr-16 10:36 UTC
Re: [Xen-devel] [PATCH 01/18] Nested Virtualization: tools
At 13:22 +0100 on 15 Apr (1271337756), Christoph Egger wrote:> diff -r 2d96bc60035c -r 0e6fd40c25bf xen/include/public/domctl.h > --- a/xen/include/public/domctl.h > +++ b/xen/include/public/domctl.h > @@ -60,10 +60,13 @@ struct xen_domctl_createdomain { > /* Should domain memory integrity be verifed by tboot during Sx? */ > #define _XEN_DOMCTL_CDF_s3_integrity 2 > #define XEN_DOMCTL_CDF_s3_integrity (1U<<_XEN_DOMCTL_CDF_s3_integrity) > - uint32_t flags; > /* Disable out-of-sync shadow page tables? */ > #define _XEN_DOMCTL_CDF_oos_off 3 > #define XEN_DOMCTL_CDF_oos_off (1U<<_XEN_DOMCTL_CDF_oos_off) > + /* Enable nested HVM (only valid with XEN_DOMCTL_CDF_hvm_guest) */ > +#define _XEN_DOMCTL_CDF_nestedhvm 4 > +#define XEN_DOMCTL_CDF_nestedhvm (1U<<_XEN_DOMCTL_CDF_nestedhvm) > + uint32_t flags; > }; > typedef struct xen_domctl_createdomain xen_domctl_createdomain_t; > DEFINE_XEN_GUEST_HANDLE(xen_domctl_createdomain_t);Does this need its own hyperacll flag? Couldn''t we just gate it on whether the cpuid policy allows SVM? Cheers, Tim. -- Tim Deegan <Tim.Deegan@citrix.com> Principal Software Engineer, XenServer Engineering Citrix Systems UK Ltd. (Company #02937203, SL9 0BG) _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Tim Deegan
2010-Apr-16 10:43 UTC
Re: [Xen-devel] [PATCH 01/18] Nested Virtualization: tools
At 11:36 +0100 on 16 Apr (1271417812), Tim Deegan wrote:> At 13:22 +0100 on 15 Apr (1271337756), Christoph Egger wrote: > > diff -r 2d96bc60035c -r 0e6fd40c25bf xen/include/public/domctl.h > > --- a/xen/include/public/domctl.h > > +++ b/xen/include/public/domctl.h > > @@ -60,10 +60,13 @@ struct xen_domctl_createdomain { > > /* Should domain memory integrity be verifed by tboot during Sx? */ > > #define _XEN_DOMCTL_CDF_s3_integrity 2 > > #define XEN_DOMCTL_CDF_s3_integrity (1U<<_XEN_DOMCTL_CDF_s3_integrity) > > - uint32_t flags; > > /* Disable out-of-sync shadow page tables? */ > > #define _XEN_DOMCTL_CDF_oos_off 3 > > #define XEN_DOMCTL_CDF_oos_off (1U<<_XEN_DOMCTL_CDF_oos_off) > > + /* Enable nested HVM (only valid with XEN_DOMCTL_CDF_hvm_guest) */ > > +#define _XEN_DOMCTL_CDF_nestedhvm 4 > > +#define XEN_DOMCTL_CDF_nestedhvm (1U<<_XEN_DOMCTL_CDF_nestedhvm) > > + uint32_t flags; > > }; > > typedef struct xen_domctl_createdomain xen_domctl_createdomain_t; > > DEFINE_XEN_GUEST_HANDLE(xen_domctl_createdomain_t); > > Does this need its own hyperacll flag? Couldn''t we just gate it on > whether the cpuid policy allows SVM?Actually, more generally: Keir, can you give us an opinion on which things like this belong in DOMCTL_CDF_ and which in HVM_PARAM_ (and which in their own hypercalls or not at all?) Tim. -- Tim Deegan <Tim.Deegan@citrix.com> Principal Software Engineer, XenServer Engineering Citrix Systems UK Ltd. (Company #02937203, SL9 0BG) _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2010-Apr-16 17:44 UTC
Re: [Xen-devel] [PATCH 01/18] Nested Virtualization: tools
On 16/04/2010 11:43, "Tim Deegan" <Tim.Deegan@citrix.com> wrote:>>> typedef struct xen_domctl_createdomain xen_domctl_createdomain_t; >>> DEFINE_XEN_GUEST_HANDLE(xen_domctl_createdomain_t); >> >> Does this need its own hyperacll flag? Couldn''t we just gate it on >> whether the cpuid policy allows SVM? > > Actually, more generally: Keir, can you give us an opinion on which > things like this belong in DOMCTL_CDF_ and which in HVM_PARAM_ (and > which in their own hypercalls or not at all?)Yes, this should be hooked off CPUID configuration, or an HVM_PARAM. We only allocate DOMCTL_CDF flags for things which need for whatever reason to be configured/enabled really early. Shadow stuff is a good example, as the shadow logic is hard enough without switching modes after a domain is created - hence there we have DOMCTL_CDF flags so it can just be set up right all in one go. I don''t think nestedhvm has such difficulties. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel