Re: [PATCH v2 5/8] KVM: nVMX: Fix guest CR3 read-back on VM-exit

[Jan Kiszka <jan.kiszka@web.de>]

[-- Attachment #1: Type: text/plain, Size: 1715 bytes --]

On 2013-08-06 12:12, Gleb Natapov wrote:
> On Tue, Aug 06, 2013 at 10:39:59AM +0200, Jan Kiszka wrote:
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> If nested EPT is enabled, the L2 guest may change CR3 without any exits.
>> We therefore have to read the current value from the VMCS when switching
>> to L1. However, if paging wasn't enabled, L0 tracks L2's CR3, and
>> GUEST_CR3 rather contains the real-mode identity map. So we need to
>> retrieve CR3 from the architectural state after conditionally updating
>> it - and this is what kvm_read_cr3 does.
>>
> I have a headache from trying to think about it already, but shouldn't
> L1 be the one who setups identity map for L2? I traced what
> vmcs_read64(GUEST_CR3)/kvm_read_cr3(vcpu) return here and do not see
> different values in real mode.

Did you try with my patches applied and unrestricted guest mode in use?

Jan

> 
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>> ---
>>  arch/x86/kvm/vmx.c |    2 +-
>>  1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>> index b482d47..09666aa 100644
>> --- a/arch/x86/kvm/vmx.c
>> +++ b/arch/x86/kvm/vmx.c
>> @@ -8106,7 +8106,7 @@ static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
>>  	 * Additionally, restore L2's PDPTR to vmcs12.
>>  	 */
>>  	if (enable_ept) {
>> -		vmcs12->guest_cr3 = vmcs_read64(GUEST_CR3);
>> +		vmcs12->guest_cr3 = kvm_read_cr3(vcpu);
>>  		vmcs12->guest_pdptr0 = vmcs_read64(GUEST_PDPTR0);
>>  		vmcs12->guest_pdptr1 = vmcs_read64(GUEST_PDPTR1);
>>  		vmcs12->guest_pdptr2 = vmcs_read64(GUEST_PDPTR2);
>> -- 
>> 1.7.3.4
> 
> --
> 			Gleb.
> 



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]