From: Paolo Bonzini <pbonzini@redhat.com>
To: Gleb Natapov <gleb@redhat.com>
Cc: kvm@vger.kernel.org, Marcelo Tosatti <mtosatti@redhat.com>,
Jan Kiszka <jan.kiszka@siemens.com>,
Alexander Graf <agraf@suse.de>
Subject: Re: [PATCH 4/4] KVM: nVMX: Do not generate #DF if #PF happens during exception delivery into L2
Date: Wed, 25 Sep 2013 13:24:49 +0200 [thread overview]
Message-ID: <5242C801.1030100@redhat.com> (raw)
In-Reply-To: <1380102696-25267-5-git-send-email-gleb@redhat.com>
Il 25/09/2013 11:51, Gleb Natapov ha scritto:
> If #PF happens during delivery of an exception into L2 and L1 also do
> not have the page mapped in its shadow page table then L0 needs to
> generate vmexit to L2 with original event in IDT_VECTORING_INFO, but
> current code combines both exception and generates #DF instead. Fix that
> by providing nVMX specific function to handle page faults during page
> table walk that handles this case correctly.
>
> Signed-off-by: Gleb Natapov <gleb@redhat.com>
> ---
> arch/x86/kvm/vmx.c | 20 ++++++++++++++++++++
> 1 file changed, 20 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 5bfa09d..07c36fd 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -7520,6 +7520,20 @@ static void nested_ept_uninit_mmu_context(struct kvm_vcpu *vcpu)
> vcpu->arch.walk_mmu = &vcpu->arch.mmu;
> }
>
> +static void vmx_inject_page_fault_nested(struct kvm_vcpu *vcpu,
> + struct x86_exception *fault)
> +{
> + struct vmcs12 *vmcs12 = get_vmcs12(vcpu);
> +
> + WARN_ON(!is_guest_mode(vcpu));
> +
> + /* TODO: also check PFEC_MATCH/MASK, not just EB.PF. */
> + if (vmcs12->exception_bitmap & (1u << PF_VECTOR))
> + nested_vmx_vmexit(vcpu);
> + else
> + kvm_inject_page_fault(vcpu, fault);
> +}
> +
> /*
> * prepare_vmcs02 is called when the L1 guest hypervisor runs its nested
> * L2 guest. L1 has a vmcs for L2 (vmcs12), and this function "merges" it
> @@ -7773,6 +7787,9 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
> kvm_set_cr3(vcpu, vmcs12->guest_cr3);
> kvm_mmu_reset_context(vcpu);
>
> + if (!enable_ept)
> + vcpu->arch.walk_mmu->inject_page_fault = vmx_inject_page_fault_nested;
> +
> /*
> * L1 may access the L2's PDPTR, so save them to construct vmcs12
> */
> @@ -8232,6 +8249,9 @@ static void load_vmcs12_host_state(struct kvm_vcpu *vcpu,
> kvm_set_cr3(vcpu, vmcs12->host_cr3);
> kvm_mmu_reset_context(vcpu);
>
> + if (!enable_ept)
> + vcpu->arch.walk_mmu->inject_page_fault = kvm_inject_page_fault;
This is strictly speaking not needed, because kvm_mmu_reset_context
takes care of it.
But I wonder if it is cleaner to not touch the struct here, and instead
add a new member to kvm_x86_ops---used directly in init_kvm_softmmu like
kvm_x86_ops->set_cr3. The new member can do something like
if (is_guest_mode(vcpu)) {
struct vmcs12 *vmcs12 = get_vmcs12(vcpu);
if (vmcs12->exception_bitmap & (1u << PF_VECTOR)) {
nested_vmx_vmexit(vcpu);
return;
}
}
kvm_inject_page_fault(vcpu, fault);
Marcelo, Jan, what do you think?
Alex (or Gleb :)), do you have any idea why SVM does not need this?
Paolo
> if (enable_vpid) {
> /*
> * Trivially support vpid by letting L2s share their parent
>
next prev parent reply other threads:[~2013-09-25 11:24 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-25 9:51 [PATCH 0/4] Fix shadow-on-shadow nested VMX Gleb Natapov
2013-09-25 9:51 ` [PATCH 1/4] KVM: nVMX: Amend nested_run_pending logic Gleb Natapov
2013-09-25 9:51 ` [PATCH 2/4] KVM: nVMX: Do not put exception that caused vmexit to IDT_VECTORING_INFO Gleb Natapov
2013-09-25 9:51 ` [PATCH 3/4] KVM: nVMX: Check all exceptions for intercept during delivery to L2 Gleb Natapov
2013-09-25 10:38 ` Paolo Bonzini
2013-09-25 11:00 ` Gleb Natapov
2013-09-25 11:25 ` Paolo Bonzini
2013-09-25 11:52 ` Gleb Natapov
2013-09-25 14:00 ` Paolo Bonzini
2013-09-25 14:19 ` Gleb Natapov
2013-09-25 14:22 ` Paolo Bonzini
2013-09-25 16:31 ` Gleb Natapov
2013-09-25 9:51 ` [PATCH 4/4] KVM: nVMX: Do not generate #DF if #PF happens during exception delivery into L2 Gleb Natapov
2013-09-25 11:24 ` Paolo Bonzini [this message]
2013-09-25 11:51 ` Gleb Natapov
2013-09-25 12:08 ` Paolo Bonzini
2013-09-25 12:21 ` Gleb Natapov
2013-09-25 13:26 ` Paolo Bonzini
2013-09-25 13:36 ` Gleb Natapov
2013-09-25 13:53 ` Paolo Bonzini
2013-09-26 15:10 ` [PATCH 0/4] Fix shadow-on-shadow nested VMX Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5242C801.1030100@redhat.com \
--to=pbonzini@redhat.com \
--cc=agraf@suse.de \
--cc=gleb@redhat.com \
--cc=jan.kiszka@siemens.com \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.