From: Avi Kivity <avi@redhat.com>
To: oritw@il.ibm.com
Cc: kvm@vger.kernel.org, benami@il.ibm.com, abelg@il.ibm.com,
muli@il.ibm.com, aliguori@us.ibm.com, mdday@us.ibm.com
Subject: Re: [PATCH 3/5] Nested VMX patch 3 implements vmptrld and vmptrst
Date: Tue, 20 Oct 2009 13:24:33 +0900 [thread overview]
Message-ID: <4ADD3B81.2050202@redhat.com> (raw)
In-Reply-To: <1255617706-13564-4-git-send-email-oritw@il.ibm.com>
On 10/15/2009 11:41 PM, oritw@il.ibm.com wrote:
>
> +
> +struct __attribute__ ((__packed__)) shadow_vmcs {
>
Since this is in guest memory, we need it packed so the binary format is
preserved across migration. Please add a comment so it isn't changed
(at least without changing the revision_id).
vmclear state should be here, that will help multiguest support.
>
> struct nested_vmx {
> /* Has the level1 guest done vmxon? */
> bool vmxon;
> -
> + /* What is the location of the vmcs l1 keeps for l2? (in level1 gpa) */
> + u64 vmptr;
>
Need to expose it for live migration.
> /*
> * Level 2 state : includes vmcs,registers and
> * a copy of vmcs12 for vmread/vmwrite
> */
> struct level_state *l2_state;
> + /* Level 1 state for switching to level 2 and back */
> + struct level_state *l1_state;
>
This creates a ton of duplication.
Some of the data is completely unnecessary, for example we can
recalculate cr0 from HOST_CR0 and GUEST_CR0.
> +
> +static int vmptrld(struct kvm_vcpu *vcpu,
> + u64 phys_addr)
> +{
> + u8 error;
> +
> + asm volatile (__ex(ASM_VMX_VMPTRLD_RAX) "; setna %0"
> + : "=g"(error) : "a"(&phys_addr), "m"(phys_addr)
> + : "cc");
> + if (error) {
> + printk(KERN_ERR "kvm: %s vmptrld %llx failed\n",
> + __func__, phys_addr);
> + return 1;
> + }
> +
> + return 0;
> +}
> +
> /*
> * Switches to specified vcpu, until a matching vcpu_put(), but assumes
> * vcpu mutex is already taken.
> @@ -736,15 +923,8 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
> }
>
> if (per_cpu(current_vmcs, cpu) != vmx->vmcs) {
> - u8 error;
> -
> per_cpu(current_vmcs, cpu) = vmx->vmcs;
> - asm volatile (__ex(ASM_VMX_VMPTRLD_RAX) "; setna %0"
> - : "=g"(error) : "a"(&phys_addr), "m"(phys_addr)
> - : "cc");
> - if (error)
> - printk(KERN_ERR "kvm: vmptrld %p/%llx fail\n",
> - vmx->vmcs, phys_addr);
> + vmptrld(vcpu, phys_addr);
> }
>
This part of the patch is no longer needed.
> + if (cpu_has_vmx_msr_bitmap())
> + vmx->nested.l2_state->msr_bitmap = vmcs_read64(MSR_BITMAP);
> + else
> + vmx->nested.l2_state->msr_bitmap = 0;
> +
> + vmx->nested.l2_state->io_bitmap_a = vmcs_read64(IO_BITMAP_A);
> + vmx->nested.l2_state->io_bitmap_b = vmcs_read64(IO_BITMAP_B);
> +
>
This no longer works, since we don't load the guest vmcs.
> +int kvm_read_guest_virt(gva_t addr, void *val, unsigned int bytes,
> + struct kvm_vcpu *vcpu);
>
Isn't this in a header somewhere?
> +
> +int read_guest_vmcs_gpa(struct kvm_vcpu *vcpu, u64 *gentry)
> +{
> +
> + int r = 0;
> +
> + r = kvm_read_guest_virt(vcpu->arch.regs[VCPU_REGS_RAX], gentry,
> + sizeof(u64), vcpu);
> + if (r) {
> + printk(KERN_ERR "%s cannot read guest vmcs addr %lx : %d\n",
> + __func__, vcpu->arch.regs[VCPU_REGS_RAX], r);
> + return r;
> + }
> +
> + if (!IS_ALIGNED(*gentry, PAGE_SIZE)) {
> + printk(KERN_DEBUG "%s addr %llx not aligned\n",
> + __func__, *gentry);
> + return 1;
> + }
> +
> + return 0;
> +}
> +
>
Should go through the emulator to evaluate arguments.
> +static int handle_vmptrld(struct kvm_vcpu *vcpu)
> +{
> + struct vcpu_vmx *vmx = to_vmx(vcpu);
> + struct page *vmcs_page;
> + u64 guest_vmcs_addr;
> +
> + if (!nested_vmx_check_permission(vcpu))
> + return 1;
> +
> + if (read_guest_vmcs_gpa(vcpu,&guest_vmcs_addr))
> + return 1;
> +
> + if (create_l1_state(vcpu)) {
> + printk(KERN_ERR "%s create_l1_state failed\n", __func__);
> + return 1;
> + }
> +
> + if (create_l2_state(vcpu)) {
> + printk(KERN_ERR "%s create_l2_state failed\n", __func__);
> + return 1;
> + }
>
return errors here, so we see the problem.
> +
> +static int handle_vmptrst(struct kvm_vcpu *vcpu)
> +{
> + int r = 0;
> +
> + if (!nested_vmx_check_permission(vcpu))
> + return 1;
> +
> + r = kvm_write_guest_virt(vcpu->arch.regs[VCPU_REGS_RAX],
> + (void *)&to_vmx(vcpu)->nested.vmptr,
> + sizeof(u64), vcpu);
>
Emulator again.
> +void save_vmcs(struct shadow_vmcs *dst)
> +{
>
> + dst->io_bitmap_a = vmcs_read64(IO_BITMAP_A);
> + dst->io_bitmap_b = vmcs_read64(IO_BITMAP_B);
>
These (and many others) can never change due to a nested guest running,
so no need to save them.
> + dst->virtual_apic_page_addr = vmcs_read64(VIRTUAL_APIC_PAGE_ADDR);
>
In general, you need to translate host physical addresses to guest
physical addresses.
> + dst->apic_access_addr = vmcs_read64(APIC_ACCESS_ADDR);
> + if (enable_ept)
> + dst->ept_pointer = vmcs_read64(EPT_POINTER);
> +
>
Not all hosts support these features.
--
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.
next prev parent reply other threads:[~2009-10-20 4:24 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-15 14:41 Nested VMX support v3 oritw
2009-10-15 14:41 ` [PATCH 1/5] Nested VMX patch 1 implements vmon and vmoff oritw
2009-10-15 14:41 ` [PATCH 2/5] Nested VMX patch 2 implements vmclear oritw
2009-10-15 14:41 ` [PATCH 3/5] Nested VMX patch 3 implements vmptrld and vmptrst oritw
2009-10-15 14:41 ` [PATCH 4/5] Nested VMX patch 4 implements vmread and vmwrite oritw
2009-10-15 14:41 ` [PATCH 5/5] Nested VMX patch 5 implements vmlaunch and vmresume oritw
2009-10-19 17:29 ` Gleb Natapov
2009-10-21 14:43 ` Orit Wasserman
2009-10-22 9:04 ` Gleb Natapov
2009-10-22 15:46 ` Orit Wasserman
2009-10-25 9:44 ` Gleb Natapov
2009-10-28 16:23 ` Orit Wasserman
2009-10-29 17:31 ` Gleb Natapov
2009-11-09 9:33 ` Abel Gordon
2009-10-22 10:55 ` Avi Kivity
2009-10-20 4:56 ` Avi Kivity
2009-10-22 12:56 ` Orit Wasserman
2009-10-19 13:17 ` [PATCH 4/5] Nested VMX patch 4 implements vmread and vmwrite Gleb Natapov
2009-10-21 13:32 ` Orit Wasserman
2009-10-20 4:44 ` Avi Kivity
2009-10-22 12:50 ` Orit Wasserman
2009-10-19 11:17 ` [PATCH 3/5] Nested VMX patch 3 implements vmptrld and vmptrst Gleb Natapov
2009-10-21 13:27 ` Orit Wasserman
2009-10-19 12:59 ` Gleb Natapov
2009-10-21 13:28 ` Orit Wasserman
2009-10-20 4:24 ` Avi Kivity [this message]
2009-10-22 12:48 ` Orit Wasserman
2009-10-20 4:06 ` [PATCH 2/5] Nested VMX patch 2 implements vmclear Avi Kivity
2009-10-21 14:56 ` Orit Wasserman
2009-10-20 4:00 ` [PATCH 1/5] Nested VMX patch 1 implements vmon and vmoff Avi Kivity
2009-10-22 12:41 ` Orit Wasserman
2009-10-19 10:47 ` Nested VMX support v3 Gleb Natapov
2009-10-20 3:30 ` Avi Kivity
2009-10-21 14:50 ` Orit Wasserman
-- strict thread matches above, loose matches on Subject: below --
2009-09-30 13:32 Nested VMX support v2 oritw
2009-09-30 13:32 ` [PATCH 1/5] Nested VMX patch 1 implements vmon and vmoff oritw
2009-09-30 13:32 ` [PATCH 2/5] Nested VMX patch 2 implements vmclear oritw
2009-09-30 13:32 ` [PATCH 3/5] Nested VMX patch 3 implements vmptrld and vmptrst oritw
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4ADD3B81.2050202@redhat.com \
--to=avi@redhat.com \
--cc=abelg@il.ibm.com \
--cc=aliguori@us.ibm.com \
--cc=benami@il.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=mdday@us.ibm.com \
--cc=muli@il.ibm.com \
--cc=oritw@il.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.