From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: Nested paging in nested SVM setup
Date: Mon, 01 Sep 2014 18:11:37 +0200
Message-ID: <54049AB9.20202@redhat.com>
References: <53A179C4.9060203@gmail.com> <53A18A6D.2050407@siemens.com> <53F44440.6070408@gmail.com> <53F44645.2000708@redhat.com> <53F45036.1070309@gmail.com> <53F45832.5080708@redhat.com> <53F59192.3070500@gmail.com> <53F5B250.3000206@gmail.com> <53F5D709.3060207@redhat.com> <53F62DD7.4090607@gmail.com> <53F65728.7030301@redhat.com> <53F6C820.3070308@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
To: Valentine Sinitsyn <valentine.sinitsyn@gmail.com>,
	Jan Kiszka <jan.kiszka@siemens.com>, kvm@vger.kernel.org
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-qc0-f181.google.com ([209.85.216.181]:43415 "EHLO
	mail-qc0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751421AbaIAQLn (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 1 Sep 2014 12:11:43 -0400
Received: by mail-qc0-f181.google.com with SMTP id i17so5544960qcy.26
        for <kvm@vger.kernel.org>; Mon, 01 Sep 2014 09:11:42 -0700 (PDT)
In-Reply-To: <53F6C820.3070308@gmail.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Il 22/08/2014 06:33, Valentine Sinitsyn ha scritto:
> On 22.08.2014 02:31, Paolo Bonzini wrote:
>> VMX used the right access size already, the tests are separate for VMX
>> and SVM.
> Sure. So the bug is NPT-specific?

Hmm, unfortunately the test cannot reproduce the bug, at least with 3.16.
It only failed due to a (somewhat unbelievable...) typo:

diff --git a/x86/svm.c b/x86/svm.c
index 54d804b..ca1e64e 100644
--- a/x86/svm.c
+++ b/x86/svm.c
@@ -87,7 +87,7 @@ static void setup_svm(void)
         page = alloc_page();
 
         for (j = 0; j < 512; ++j)
-            page[j] = (u64)pte[(i * 514) + j] | 0x027ULL;
+            page[j] = (u64)pte[(i * 512) + j] | 0x027ULL;
 
         pde[i] = page;
     }

The trace correctly points at APIC_LVR for both the guest read:

 qemu-system-x86-23749 [019]  6718.397998: kvm_exit:             reason npf rip 0x4003ba info 100000004 fee00030
 qemu-system-x86-23749 [019]  6718.397998: kvm_nested_vmexit:    rip: 0x00000000004003ba reason: npf ext_inf1: 0x0000000100000004 ext_inf2: 0x00000000fee00030 ext_int: 0x00000000 ext_int_err: 0x00000000
 qemu-system-x86-23749 [019]  6718.397999: kvm_page_fault:       address fee00030 error_code 4
 qemu-system-x86-23749 [019]  6718.398009: kvm_emulate_insn:     0:4003ba:a1 30 00 e0 fe 00 00 00 00 (prot64)
 qemu-system-x86-23749 [019]  6718.398013: kvm_apic:             apic_read APIC_LVR = 0x1050014
 qemu-system-x86-23749 [019]  6718.398014: kvm_mmio:             mmio read len 4 gpa 0xfee00030 val 0x1050014
 qemu-system-x86-23749 [019]  6718.398015: kvm_entry:            vcpu 0

and the host read:

 qemu-system-x86-23749 [019]  6718.398035: kvm_entry:            vcpu 0
 qemu-system-x86-23749 [019]  6718.398036: kvm_exit:             reason npf rip 0x4003ca info 10000000d fee00030
 qemu-system-x86-23749 [019]  6718.398037: kvm_page_fault:       address fee00030 error_code d
 qemu-system-x86-23749 [019]  6718.398039: kvm_emulate_insn:     0:4003ca:a1 30 00 e0 fe 00 00 00 00 (prot64)
 qemu-system-x86-23749 [019]  6718.398040: kvm_apic:             apic_read APIC_LVR = 0x1050014
 qemu-system-x86-23749 [019]  6718.398040: kvm_mmio:             mmio read len 4 gpa 0xfee00030 val 0x1050014

The different error codes are because the first read will install the shadow
page.  If I change the test to do two reads, the error codes match.  I will
look at this more closely tomorrow.

Paolo