From mboxrd@z Thu Jan  1 00:00:00 1970
From: Gleb Natapov <gleb@redhat.com>
Subject: Re: [PATCH v2 5/8] KVM: nVMX: Fix guest CR3 read-back on VM-exit
Date: Wed, 7 Aug 2013 16:38:19 +0300
Message-ID: <20130807133819.GA3672@redhat.com>
References: <20130806140248.GB8218@redhat.com>
 <A9667DDFB95DB7438FA9D7D576C3D87E0A8DD16B@SHSMSX104.ccr.corp.intel.com>
 <20130806144117.GD8218@redhat.com>
 <A9667DDFB95DB7438FA9D7D576C3D87E0A8DD432@SHSMSX104.ccr.corp.intel.com>
 <52011AE6.2010006@siemens.com>
 <20130806155344.GE8218@redhat.com>
 <52011CCE.4000109@siemens.com>
 <20130807123958.GA30470@redhat.com>
 <520241A7.5060301@siemens.com>
 <52024C75.9000304@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Jan Kiszka <jan.kiszka@siemens.com>,
	"Zhang, Yang Z" <yang.z.zhang@intel.com>,
	kvm <kvm@vger.kernel.org>,
	Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>,
	"Nakajima, Jun" <jun.nakajima@intel.com>,
	Arthur Chunqi Li <yzt356@gmail.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:59492 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S933040Ab3HGNi0 (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 7 Aug 2013 09:38:26 -0400
Content-Disposition: inline
In-Reply-To: <52024C75.9000304@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Wed, Aug 07, 2013 at 03:32:37PM +0200, Paolo Bonzini wrote:
> >>>>>diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> >>>>>index 44494ed..60a3644 100644
> >>>>>--- a/arch/x86/kvm/vmx.c
> >>>>>+++ b/arch/x86/kvm/vmx.c
> >>>>>@@ -3375,8 +3375,10 @@ static void vmx_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
> >>>>>  	if (enable_ept) {
> >>>>>  		eptp = construct_eptp(cr3);
> >>>>>  		vmcs_write64(EPT_POINTER, eptp);
> >>>>>-		guest_cr3 = is_paging(vcpu) ? kvm_read_cr3(vcpu) :
> >>>>>-			vcpu->kvm->arch.ept_identity_map_addr;
> >>>>>+		if (is_paging(vcpu) || is_guest_mode(vcpu))
> >>>>>+			guest_cr3 = kvm_read_cr3(vcpu) :
> >>>>>+		else
> >>>>>+			guest_cr3 = vcpu->kvm->arch.ept_identity_map_addr;
> >>>>>  		ept_load_pdptrs(vcpu);
> >>>>>  	}
> >>>>>
> >>>>That what I am thinking, will think about it some more tomorrow.
> >>>
> >>>OK, and I'll feed it into a local test.
> >>>
> >>Thought about is some more. So without nested unrestricted guest (nUG)
> >>is_paging() will always be true (since without nUG guest entry is not
> >>possible otherwise) and guest's cr3 will be used, but with nUG identity
> >>map is not used (that is why L2 still works even though wrong identity
> >>map pointer is assigned to cr3), so the code here just corrupts nested
> >>guest's cr3 for no reason and that is why you had to use kvm_read_cr3()
> >>in prepare_vmcs12() to get correct cr3 value. The patch above should be
> >>used instead of original one IMO. How is testing going?
> >
> >Yes, testing worked fine. I've queued above patch and will send it out
> >within the next round.
> 
> Just reply here with the commit message you desire and
> Signed-off-by, so I can queue it for people who wish to play with
> nEPT.
> 
I would love to have a comment there too :)

--
			Gleb.