virt_mshv: configure partition properties explicitly (#3270)

jstarks · web-flow · commit ef9ac03e47d7 · 2026-04-13T18:59:45.000-07:00
The MSHV backend was calling mshv.create_vm(), which delegates to the
mshv-ioctls crate's internal make_partition_create_arg helper. That
helper hardcodes a limited set of processor features and always enables
both LAPIC and X2APIC, ignoring the partition configuration entirely.

Replace this with create_vm_with_args using an explicitly constructed
mshv_create_partition_v2. The partition flags now respect the topology's
APIC mode, and the processor feature and XSAVE feature masks match what
WHP enables by default--querying the host at runtime is unnecessary
since the hypervisor intersects whatever we request with host
capabilities anyway. Synthetic processor features are now gated on
hv_config being present, so they are only set when the guest is
configured with a Hyper-V interface.

To avoid using the awkward bindgen union types from mshv-bindings for
feature masks, this change introduces proper bitfield types in hvdef:
HvX64PartitionProcessorFeatures, HvX64PartitionProcessorFeatures1,
HvX64PartitionProcessorXsaveFeatures, and the arch-neutral
HvPartitionSyntheticProcessorFeatures. The x64 types are named with an
X64 prefix since ARM64 has an entirely different set of processor
features; the synthetic features type is arch-neutral. All definitions
were verified against the hypervisor source.
diff --git a/Cargo.lock b/Cargo.lock
@@ -4436,9 +4436,9 @@ dependencies = [
 
 [[package]]
 name = "mshv-bindings"
-version = "0.6.0"
+version = "0.6.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "805cf329582f770f62cc612716a04c14815276ae266b6298375a672d3c5a5184"
+checksum = "a94fc3871dd23738188e5bc76a1d1a5930ebcaf9308c560a7274aa62b1770594"
 dependencies = [
  "libc",
  "num_enum",
@@ -4450,9 +4450,9 @@ dependencies = [
 
 [[package]]
 name = "mshv-ioctls"
-version = "0.6.0"
+version = "0.6.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "aefaab4c067cf5226a917227640d835327b25b71a8d465f815f74f490344e10a"
+checksum = "1339723fe3a26baf4041459de20ad923e89d312c3bb25dbf9f60738c22a47f5e"
 dependencies = [
  "libc",
  "mshv-bindings",
@@ -8944,6 +8944,7 @@ dependencies = [
  "tracing",
  "virt",
  "virt_support_x86emu",
+ "vm_topology",
  "vmcore",
  "x86defs",
  "x86emu",
diff --git a/Cargo.toml b/Cargo.toml
@@ -514,8 +514,8 @@ log = "0.4"
 loom = "0.7.2"
 mimalloc = { version = "0.1.39", default-features = false }
 ms-tpm-20-ref = { version = "0.1", git = "https://github.com/microsoft/ms-tpm-20-ref-rs.git", branch = "main" }
-mshv-bindings = "0.6.0"
-mshv-ioctls = "0.6.0"
+mshv-bindings = "0.6.8"
+mshv-ioctls = "0.6.8"
 nix = { version = "0.30.1", default-features = false }
 ntapi = "0.4"
 object = { version = "0.37.3", default-features = false }
diff --git a/vm/hv1/hvdef/src/lib.rs b/vm/hv1/hvdef/src/lib.rs
@@ -106,6 +106,245 @@ pub struct HvPartitionPrivilege {
     _reserved3: u64,
 }
 
+/// Partition processor features (bank 0).
+///
+/// Each bit indicates whether the corresponding processor feature is enabled
+/// for a partition. When used in `mshv_create_partition_v2.pt_cpu_fbanks`,
+/// the sense is *inverted*: a set bit means the feature is **disabled**.
+#[bitfield(u64)]
+pub struct HvX64PartitionProcessorFeatures {
+    pub sse3_support: bool,
+    pub lahf_sahf_support: bool,
+    pub ssse3_support: bool,
+    pub sse4_1_support: bool,
+    pub sse4_2_support: bool,
+    pub sse4a_support: bool,
+    pub xop_support: bool,
+    pub pop_cnt_support: bool,
+    pub cmpxchg16b_support: bool,
+    pub altmovcr8_support: bool,
+    pub lzcnt_support: bool,
+    pub mis_align_sse_support: bool,
+    pub mmx_ext_support: bool,
+    pub amd3d_now_support: bool,
+    pub extended_amd3d_now_support: bool,
+    pub page_1gb_support: bool,
+    pub aes_support: bool,
+    pub pclmulqdq_support: bool,
+    pub pcid_support: bool,
+    pub fma4_support: bool,
+    pub f16c_support: bool,
+    pub rd_rand_support: bool,
+    pub rd_wr_fs_gs_support: bool,
+    pub smep_support: bool,
+    pub enhanced_fast_string_support: bool,
+    pub bmi1_support: bool,
+    pub bmi2_support: bool,
+    pub hle_support_deprecated: bool,
+    pub rtm_support_deprecated: bool,
+    pub movbe_support: bool,
+    pub npiep1_support: bool,
+    pub dep_x87_fpu_save_support: bool,
+    pub rd_seed_support: bool,
+    pub adx_support: bool,
+    pub intel_prefetch_support: bool,
+    pub smap_support: bool,
+    pub hle_support: bool,
+    pub rtm_support: bool,
+    pub rdtscp_support: bool,
+    pub clflushopt_support: bool,
+    pub clwb_support: bool,
+    pub sha_support: bool,
+    pub x87_pointers_saved_support: bool,
+    pub invpcid_support: bool,
+    pub ibrs_support: bool,
+    pub stibp_support: bool,
+    pub ibpb_support: bool,
+    pub unrestricted_guest_support: bool,
+    pub mdd_support: bool,
+    pub fast_short_rep_mov_support: bool,
+    pub l1d_cache_flush_support: bool,
+    pub rdcl_no_support: bool,
+    pub ibrs_all_support: bool,
+    pub skip_l1df_support: bool,
+    pub ssb_no_support: bool,
+    pub rsb_a_no_support: bool,
+    pub virt_spec_ctrl_support: bool,
+    pub rd_pid_support: bool,
+    pub umip_support: bool,
+    pub mbs_no_support: bool,
+    pub mb_clear_support: bool,
+    pub taa_no_support: bool,
+    pub tsx_ctrl_support: bool,
+    _reserved_bank0: bool,
+}
+
+/// Partition processor features (bank 1).
+#[bitfield(u64)]
+pub struct HvX64PartitionProcessorFeatures1 {
+    pub a_count_m_count_support: bool,
+    pub tsc_invariant_support: bool,
+    pub cl_zero_support: bool,
+    pub rdpru_support: bool,
+    pub la57_support: bool,
+    pub mbec_support: bool,
+    pub nested_virt_support: bool,
+    pub psfd_support: bool,
+    pub cet_ss_support: bool,
+    pub cet_ibt_support: bool,
+    pub vmx_exception_inject_support: bool,
+    pub enqcmd_support: bool,
+    pub umwait_tpause_support: bool,
+    pub movdiri_support: bool,
+    pub movdir64b_support: bool,
+    pub cldemote_support: bool,
+    pub serialize_support: bool,
+    pub tsc_deadline_tmr_support: bool,
+    pub tsc_adjust_support: bool,
+    pub fz_l_rep_movsb: bool,
+    pub fs_rep_stosb: bool,
+    pub fs_rep_cmpsb: bool,
+    pub tsx_ld_trk_support: bool,
+    pub vmx_ins_outs_exit_info_support: bool,
+    pub hlat_support: bool,
+    pub sbdr_ssdp_no_support: bool,
+    pub fbsdp_no_support: bool,
+    pub psdp_no_support: bool,
+    pub fb_clear_support: bool,
+    pub btc_no_support: bool,
+    pub ibpb_rsb_flush_support: bool,
+    pub stibp_always_on_support: bool,
+    pub perf_global_ctrl_support: bool,
+    pub npt_execute_only_support: bool,
+    pub npt_ad_flags_support: bool,
+    pub npt_1gb_page_support: bool,
+    pub amd_processor_topology_node_id_support: bool,
+    pub local_machine_check_support: bool,
+    pub extended_topology_leaf_fp256_amd_support: bool,
+    pub gds_no_support: bool,
+    pub cmpccxadd_support: bool,
+    pub tsc_aux_virtualization_support: bool,
+    pub rmp_query_support: bool,
+    pub bhi_no_support: bool,
+    pub bhi_dis_support: bool,
+    pub prefetch_i_support: bool,
+    pub sha512_support: bool,
+    pub mitigation_ctrl_support: bool,
+    pub rfds_no_support: bool,
+    pub rfds_clear_support: bool,
+    pub sm3_support: bool,
+    pub sm4_support: bool,
+    pub secure_avic_support: bool,
+    pub guest_intercept_ctrl_support: bool,
+    pub sbpb_support: bool,
+    pub ibpb_br_type_support: bool,
+    pub srso_no_support: bool,
+    pub srso_user_kernel_no_support: bool,
+    pub vrew_clear_support: bool,
+    pub tsa_l1_no_support: bool,
+    pub tsa_sq_no_support: bool,
+    pub lass_support: bool,
+    #[bits(2)]
+    _reserved_bank1: u8,
+}
+
+/// Partition processor XSAVE features.
+#[bitfield(u64)]
+pub struct HvX64PartitionProcessorXsaveFeatures {
+    pub xsave_support: bool,
+    pub xsaveopt_support: bool,
+    pub avx_support: bool,
+    pub avx2_support: bool,
+    pub fma_support: bool,
+    pub mpx_support: bool,
+    pub avx512_support: bool,
+    pub avx512_dq_support: bool,
+    pub avx512_cd_support: bool,
+    pub avx512_bw_support: bool,
+    pub avx512_vl_support: bool,
+    pub xsave_comp_support: bool,
+    pub xsave_supervisor_support: bool,
+    pub xcr1_support: bool,
+    pub avx512_bitalg_support: bool,
+    pub avx512_ifma_support: bool,
+    pub avx512_vbmi_support: bool,
+    pub avx512_vbmi2_support: bool,
+    pub avx512_vnni_support: bool,
+    pub gfni_support: bool,
+    pub vaes_support: bool,
+    pub avx512_vpopcntdq_support: bool,
+    pub vpclmulqdq_support: bool,
+    pub avx512_bf16_support: bool,
+    pub avx512_vp2_intersect_support: bool,
+    pub avx512_fp16_support: bool,
+    pub xfd_support: bool,
+    pub amx_tile_support: bool,
+    pub amx_bf16_support: bool,
+    pub amx_int8_support: bool,
+    pub avx_vnni_support: bool,
+    pub avx_ifma_support: bool,
+    pub avx_ne_convert_support: bool,
+    pub avx_vnni_int8_support: bool,
+    pub avx_vnni_int16_support: bool,
+    pub avx10_1_256_support: bool,
+    pub avx10_1_512_support: bool,
+    pub amx_fp16_support: bool,
+    #[bits(26)]
+    _reserved: u64,
+}
+
+/// Synthetic processor features that control which Hyper-V enlightenments
+/// are exposed to a guest partition.
+#[bitfield(u64)]
+pub struct HvPartitionSyntheticProcessorFeatures {
+    pub hypervisor_present: bool,
+    pub hv1: bool,
+    pub access_vp_run_time_reg: bool,
+    pub access_partition_reference_counter: bool,
+    pub access_synic_regs: bool,
+    pub access_synthetic_timer_regs: bool,
+    pub access_intr_ctrl_regs: bool,
+    pub access_hypercall_regs: bool,
+    pub access_vp_index: bool,
+    pub access_partition_reference_tsc: bool,
+    pub access_guest_idle_reg: bool,
+    pub access_frequency_regs: bool,
+    _reserved_z12: bool,
+    _reserved_z13: bool,
+    _reserved_z14: bool,
+    pub enable_extended_gva_ranges_for_flush_virtual_address_list: bool,
+    _reserved_z16: bool,
+    _reserved_z17: bool,
+    pub fast_hypercall_output: bool,
+    _reserved_z19: bool,
+    pub start_virtual_processor: bool,
+    _reserved_z21: bool,
+    pub direct_synthetic_timers: bool,
+    _reserved_z23: bool,
+    pub extended_processor_masks: bool,
+    pub tb_flush_hypercalls: bool,
+    pub synthetic_cluster_ipi: bool,
+    pub notify_long_spin_wait: bool,
+    pub query_numa_distance: bool,
+    pub signal_events: bool,
+    pub retarget_device_interrupt: bool,
+    pub restore_time: bool,
+    pub enlightened_vmcs: bool,
+    pub nested_debug_ctl: bool,
+    pub synthetic_time_unhalted_timer: bool,
+    pub idle_spec_ctrl: bool,
+    _reserved_z36: bool,
+    pub wake_vps: bool,
+    pub access_vp_regs: bool,
+    _reserved_z39: bool,
+    pub management_vtl_synic_support: bool,
+    pub proxy_interrupt_doorbell_support: bool,
+    _reserved_z42: bool,
+    pub mmio_hypercalls: bool,
+    #[bits(20)]
+    _reserved: u64,
+}
+
 open_enum! {
     #[derive(IntoBytes, Immutable, KnownLayout, FromBytes)]
     pub enum HvPartitionIsolationType: u8 {
diff --git a/vmm_core/virt_mshv/Cargo.toml b/vmm_core/virt_mshv/Cargo.toml
@@ -13,6 +13,7 @@ hv1_hypercall.workspace = true
 hvdef.workspace = true
 virt.workspace = true
 virt_support_x86emu.workspace = true
+vm_topology.workspace = true
 guestmem.workspace = true
 pci_core.workspace = true
 vmcore.workspace = true
diff --git a/vmm_core/virt_mshv/src/lib.rs b/vmm_core/virt_mshv/src/lib.rs
