[PATCH 05/11] nEPT: Fix wrong test in kvm_set_cr3

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Jun Nakajima <jun.nakajima@intel.com>
To: kvm@vger.kernel.org
Subject: [PATCH 05/11] nEPT: Fix wrong test in kvm_set_cr3
Date: Thu, 25 Apr 2013 23:43:25 -0700	[thread overview]
Message-ID: <1366958611-6935-5-git-send-email-jun.nakajima@intel.com> (raw)
In-Reply-To: <1366958611-6935-4-git-send-email-jun.nakajima@intel.com>

kvm_set_cr3() attempts to check if the new cr3 is a valid guest physical
address. The problem is that with nested EPT, cr3 is an *L2* physical
address, not an L1 physical address as this test expects.

As the comment above this test explains, it isn't necessary, and doesn't
correspond to anything a real processor would do. So this patch removes it.

Note that this wrong test could have also theoretically caused problems
in nested NPT, not just in nested EPT. However, in practice, the problem
was avoided: nested_svm_vmexit()/vmrun() do not call kvm_set_cr3 in the
nested NPT case, and instead set the vmcb (and arch.cr3) directly, thus
circumventing the problem. Additional potential calls to the buggy function
are avoided in that we don't trap cr3 modifications when nested NPT is
enabled. However, because in nested VMX we did want to use kvm_set_cr3()
(as requested in Avi Kivity's review of the original nested VMX patches),
we can't avoid this problem and need to fix it.

Signed-off-by: Nadav Har'El <nyh@il.ibm.com>
Signed-off-by: Jun Nakajima <jun.nakajima@intel.com>
Signed-off-by: Xinhao Xu <xinhao.xu@intel.com>
---
 arch/x86/kvm/x86.c | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index e172132..c34590d 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -659,17 +659,6 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
 		 */
 	}

-	/*
-	 * Does the new cr3 value map to physical memory? (Note, we
-	 * catch an invalid cr3 even in real-mode, because it would
-	 * cause trouble later on when we turn on paging anyway.)
-	 *
-	 * A real CPU would silently accept an invalid cr3 and would
-	 * attempt to use it - with largely undefined (and often hard
-	 * to debug) behavior on the guest side.
-	 */
-	if (unlikely(!gfn_to_memslot(vcpu->kvm, cr3 >> PAGE_SHIFT)))
-		return 1;
 	vcpu->arch.cr3 = cr3;
 	__set_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail);
 	vcpu->arch.mmu.new_cr3(vcpu);
-- 
1.8.2.1.610.g562af5b

next prev parent reply	other threads:[~2013-04-26  6:43 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-04-26  6:43 [PATCH 01/11] nEPT: Support LOAD_IA32_EFER entry/exit controls for L1 Jun Nakajima
2013-04-26  6:43 ` [PATCH 02/11] nEPT: Add EPT tables support to paging_tmpl.h Jun Nakajima
2013-04-26  6:43   ` [PATCH 03/11] nEPT: MMU context for nested EPT Jun Nakajima
2013-04-26  6:43     ` [PATCH 04/11] nEPT: Fix cr3 handling in nested exit and entry Jun Nakajima
2013-04-26  6:43       ` Jun Nakajima [this message]
2013-04-26  6:43         ` [PATCH 06/11] nEPT: Some additional comments Jun Nakajima
2013-04-26  6:43           ` [PATCH 07/11] nEPT: Advertise EPT to L1 Jun Nakajima
2013-04-26  6:43             ` [PATCH 08/11] nEPT: Nested INVEPT Jun Nakajima
2013-04-26  6:43               ` [PATCH 09/11] nEPT: Documentation Jun Nakajima
2013-04-26  6:43                 ` [PATCH 10/11] nEPT: Miscelleneous cleanups Jun Nakajima
2013-04-26  6:43                   ` [PATCH 11/11] nEPT: Provide the correct exit qualification upon EPT Jun Nakajima
2013-04-27  6:42                     ` Xu, Xinhao
2013-04-28  9:35                       ` Jan Kiszka
2013-05-02  6:59                         ` Xu, Xinhao
2013-05-02  8:50                           ` Jan Kiszka
2013-04-29 15:37                     ` Paolo Bonzini
2013-04-29 15:50                       ` Nakajima, Jun
2013-04-29 15:12                   ` [PATCH 10/11] nEPT: Miscelleneous cleanups Paolo Bonzini
2013-04-28  9:22             ` [PATCH 07/11] nEPT: Advertise EPT to L1 Jan Kiszka
2013-04-29 15:05   ` [PATCH 02/11] nEPT: Add EPT tables support to paging_tmpl.h Paolo Bonzini
2013-05-02 23:54   ` Marcelo Tosatti
2013-05-03 17:27     ` Nakajima, Jun

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e172132 dfblob:c34590d )
 OR (
bs:"[PATCH 05/11] nEPT: Fix wrong test in kvm_set_cr3" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1366958611-6935-5-git-send-email-jun.nakajima@intel.com \
    --to=jun.nakajima@intel.com \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox