From: Avi Kivity <avi@redhat.com>
To: Joerg Roedel <joro@8bytes.org>
Cc: Joerg Roedel <joerg.roedel@amd.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] KVM: SVM: Check for nested vmrun intercept before emulating vmrun
Date: Tue, 03 Aug 2010 11:16:33 +0300 [thread overview]
Message-ID: <4C57D061.9030907@redhat.com> (raw)
In-Reply-To: <20100802203344.GO23755@8bytes.org>
On 08/02/2010 11:33 PM, Joerg Roedel wrote:
> On Mon, Aug 02, 2010 at 06:18:09PM +0300, Avi Kivity wrote:
>> On 08/02/2010 05:46 PM, Joerg Roedel wrote:
>>> This patch lets the nested vmrun fail if the L1 hypervisor
>>> has not intercepted vmrun. This fixes the "vmrun intercept
>>> check" unit test.
>>> +
>>> static bool nested_svm_vmrun(struct vcpu_svm *svm)
>>> {
>>> struct vmcb *nested_vmcb;
>>> @@ -2029,6 +2037,17 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
>>> if (!nested_vmcb)
>>> return false;
>>>
>>> + if (!nested_vmcb_checks(nested_vmcb)) {
>>> + nested_vmcb->control.exit_code = SVM_EXIT_ERR;
>>> + nested_vmcb->control.exit_code_hi = 0;
>>> + nested_vmcb->control.exit_info_1 = 0;
>>> + nested_vmcb->control.exit_info_2 = 0;
>>> +
>>> + nested_svm_unmap(page);
>>> +
>>> + return false;
>>> + }
>>> +
>> Don't you have to transfer an injected event to exitintinfo?
> APM2 seems to be quiet about this.
Well, my copy says
> The VMRUN instruction then checks the guest state just loaded. If an
> illegal state has been loaded, the
> processor exits back to the host (see “#VMEXIT” on page 374).
This matches "illegal state" and "#VMEXIT" but doesn't match "guest state".
> I just tried it out and event_inj
> still contains the event after a failed vmrun on real hardware. This
> makes sense because this is no real vmexit because the vm was never
> entered.
Okay; will apply the patches.
--
error compiling committee.c: too many arguments to function
next prev parent reply other threads:[~2010-08-03 8:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-02 14:46 [PATCH 0/2] Add some checks before emulating vmrun Joerg Roedel
2010-08-02 14:46 ` [PATCH 1/2] KVM: SVM: Check for nested vmrun intercept " Joerg Roedel
2010-08-02 15:18 ` Avi Kivity
2010-08-02 20:33 ` Joerg Roedel
2010-08-03 8:16 ` Avi Kivity [this message]
2010-08-02 14:46 ` [PATCH 2/2] KVM: SVM: Check for asid != 0 on nested vmrun Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C57D061.9030907@redhat.com \
--to=avi@redhat.com \
--cc=joerg.roedel@amd.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtosatti@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.