From: Gleb Natapov <gleb@redhat.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>, kvm <kvm@vger.kernel.org>,
Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>,
Jun Nakajima <jun.nakajima@intel.com>,
Yang Zhang <yang.z.zhang@intel.com>,
Arthur Chunqi Li <yzt356@gmail.com>
Subject: Re: [PATCH v3 1/6] KVM: nVMX: Replace kvm_set_cr0 with vmx_set_cr0 in load_vmcs12_host_state
Date: Mon, 2 Sep 2013 11:21:36 +0300 [thread overview]
Message-ID: <20130902082136.GM22899@redhat.com> (raw)
In-Reply-To: <93ce2376292d9d6fc7a4f4d53919b0a07d4e7859.1375971992.git.jan.kiszka@siemens.com>
On Thu, Aug 08, 2013 at 04:26:28PM +0200, Jan Kiszka wrote:
> Likely a typo, but a fatal one as kvm_set_cr0 performs checks on the
Not a typo :) That what Avi asked for do during initial nested VMX
review: http://markmail.org/message/hhidqyhbo2mrgxxc
But there is at least one transition check that kvm_set_cr0() does that
should not be done during vmexit emulation, namely CS.L bit check, so I
tend to agree that kvm_set_cr0() is not appropriate here, at lest not as
it is. But can we skip other checks kvm_set_cr0() does? For instance
what prevents us from loading CR0.PG = 1 EFER.LME = 1 and CR4.PAE = 0
during nested vmexit? What _should_ prevent it is vmentry check from
26.2.4
If the "host address-space size" VM-exit control is 1, the following
must hold:
- Bit 5 of the CR4 field (corresponding to CR4.PAE) is 1.
But I do not see that we do that check on vmentry.
What about NW/CD bit checks, or reserved bits checks? 27.5.1 says:
The following bits are not modified:
For CR0, ET, CD, NW; bits 63:32 (on processors that support Intel 64
architecture), 28:19, 17, and 15:6; and any bits that are fixed in
VMX operation (see Section 23.8).
But again current vmexit code does not emulate this properly and just
sets everything from host_cr0. vmentry should also preserve all those
bit but it looks like it doesn't too.
> state transition that may prevent loading L1's cr0.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> arch/x86/kvm/vmx.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 57b4e12..d001b019 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -8185,7 +8185,7 @@ static void load_vmcs12_host_state(struct kvm_vcpu *vcpu,
> * fpu_active (which may have changed).
> * Note that vmx_set_cr0 refers to efer set above.
> */
> - kvm_set_cr0(vcpu, vmcs12->host_cr0);
> + vmx_set_cr0(vcpu, vmcs12->host_cr0);
> /*
> * If we did fpu_activate()/fpu_deactivate() during L2's run, we need
> * to apply the same changes to L1's vmcs. We just set cr0 correctly,
> --
> 1.7.3.4
--
Gleb.
next prev parent reply other threads:[~2013-09-02 8:21 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-08 14:26 [PATCH v3 0/6] KVM: nVMX: Enable unrestricted guest mode and fix some nEPT issues Jan Kiszka
2013-08-08 14:26 ` [PATCH v3 1/6] KVM: nVMX: Replace kvm_set_cr0 with vmx_set_cr0 in load_vmcs12_host_state Jan Kiszka
2013-09-02 8:21 ` Gleb Natapov [this message]
2013-09-02 9:06 ` Jan Kiszka
2013-09-02 9:36 ` Gleb Natapov
2013-09-03 17:44 ` Jan Kiszka
2013-09-03 17:55 ` Gleb Natapov
2013-09-03 19:11 ` [PATCH v4] " Jan Kiszka
2013-09-08 8:57 ` Gleb Natapov
2013-09-10 13:14 ` [PATCH v3 1/6] " Arthur Chunqi Li
2013-09-10 13:26 ` Paolo Bonzini
2013-09-15 11:01 ` Gleb Natapov
2013-08-08 14:26 ` [PATCH v3 2/6] KVM: nVMX: Do not set identity page map for L2 Jan Kiszka
2013-08-08 14:26 ` [PATCH v3 3/6] KVM: nVMX: Load nEPT state after EFER Jan Kiszka
2013-09-02 13:16 ` Gleb Natapov
2013-09-02 17:58 ` Jan Kiszka
2013-09-02 18:09 ` Gleb Natapov
2013-09-02 18:20 ` Jan Kiszka
2013-09-02 18:38 ` Jan Kiszka
2013-08-08 14:26 ` [PATCH v3 4/6] KVM: nVMX: Implement support for EFER saving on VM-exit Jan Kiszka
2013-08-08 14:26 ` [PATCH v3 5/6] KVM: nVMX: Update mmu.base_role.nxe after EFER loading on VM-entry/exit Jan Kiszka
2013-09-03 8:39 ` Gleb Natapov
2013-09-03 8:51 ` Jan Kiszka
2013-09-03 9:04 ` Gleb Natapov
2013-09-03 9:32 ` Jan Kiszka
2013-08-08 14:26 ` [PATCH v3 6/6] KVM: nVMX: Enable unrestricted guest mode support Jan Kiszka
2013-08-25 6:46 ` [PATCH v3 0/6] KVM: nVMX: Enable unrestricted guest mode and fix some nEPT issues Jan Kiszka
2013-08-25 10:01 ` Paolo Bonzini
2013-08-27 11:18 ` Gleb Natapov
2013-09-12 16:34 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130902082136.GM22899@redhat.com \
--to=gleb@redhat.com \
--cc=jan.kiszka@siemens.com \
--cc=jun.nakajima@intel.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=xiaoguangrong@linux.vnet.ibm.com \
--cc=yang.z.zhang@intel.com \
--cc=yzt356@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.