From: Gleb Natapov <gleb@redhat.com>
To: Abel Gordon <ABELG@il.ibm.com>
Cc: dongxiao.xu@intel.com, jun.nakajima@intel.com,
kvm@vger.kernel.org, nadav@harel.org.il, owasserm@redhat.com
Subject: Re: [PATCH 10/10] KVM: nVMX: Enable and disable shadow vmcs functionality
Date: Wed, 17 Apr 2013 18:20:08 +0300 [thread overview]
Message-ID: <20130417152008.GB8997@redhat.com> (raw)
In-Reply-To: <OFF8BFCCCB.53A84B65-ONC2257B50.00532041-C2257B50.0054162E@il.ibm.com>
On Wed, Apr 17, 2013 at 06:18:27PM +0300, Abel Gordon wrote:
>
>
> Gleb Natapov <gleb@redhat.com> wrote on 17/04/2013 05:41:07 PM:
>
> > On Wed, Apr 17, 2013 at 02:55:40PM +0300, Abel Gordon wrote:
> > > Once L1 loads VMCS12 we enable shadow-vmcs capability and copy allthe
> VMCS12
> > > shadowed fields to the shadow vmcs. When we release the VMCS12, we
> also
> > > disable shadow-vmcs capability.
> > >
> > > Signed-off-by: Abel Gordon <abelg@il.ibm.com>
> > > ---
> > > arch/x86/kvm/vmx.c | 11 +++++++++++
> > > 1 file changed, 11 insertions(+)
> > >
> > > --- .before/arch/x86/kvm/vmx.c 2013-04-17 14:20:51.000000000 +0300
> > > +++ .after/arch/x86/kvm/vmx.c 2013-04-17 14:20:51.000000000 +0300
> > > @@ -5590,12 +5590,17 @@ static int nested_vmx_check_permission(s
> > >
> > > static inline void nested_release_vmcs12(struct vcpu_vmx *vmx)
> > > {
> > > + u32 exec_control;
> > > if (enable_shadow_vmcs) {
> > > if (vmx->nested.current_vmcs12 != NULL) {
> > > /* copy to memory all shadowed fields in case
> > > they were modified */
> > > copy_shadow_to_vmcs12(vmx);
> > > vmx->nested.sync_shadow_vmcs = false;
> > > + exec_control = vmcs_read32(SECONDARY_VM_EXEC_CONTROL);
> > > + exec_control &= ~SECONDARY_EXEC_SHADOW_VMCS;
> > > + vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control);
> > > + vmcs_write64(VMCS_LINK_POINTER, -1ull);
> > > free_vmcs(vmx->nested.current_shadow_vmcs);
> > > }
> > > }
> > > @@ -6084,6 +6089,7 @@ static int handle_vmptrld(struct kvm_vcp
> > > gpa_t vmptr;
> > > struct x86_exception e;
> > > struct vmcs *shadow_vmcs;
> > > + u32 exec_control;
> > >
> > > if (!nested_vmx_check_permission(vcpu))
> > > return 1;
> > > @@ -6140,6 +6146,11 @@ static int handle_vmptrld(struct kvm_vcp
> > > /* init shadow vmcs */
> > > vmcs_clear(shadow_vmcs);
> > > vmx->nested.current_shadow_vmcs = shadow_vmcs;
> > > + exec_control = vmcs_read32(SECONDARY_VM_EXEC_CONTROL);
> > > + exec_control |= SECONDARY_EXEC_SHADOW_VMCS;
> > > + vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control);
> > > + vmcs_write64(VMCS_LINK_POINTER,
> > > + __pa(shadow_vmcs));
> > How hard would it be to disable shadowing for individual vmcs if shadow
> > vmcs allocation fails? It bothers me a little that we can fail perfectly
> > valid vmptrld() because of failed allocation.
>
> That's really a corner case... IMHO, if we fail to allocate a shadow vmcs
> we may experience bigger issues, like failing to allocate VMCS02.
> Anyway, if we reuse the shadow vmcs as you requested, then we can allocate
> the shadow vmcs once in handle_vmon. In this case, handle_vmon will fail
> and
> not handle_vmptrld.
Yes, I agree that with shadow vmcs reuse the issue is almost non
existent.
--
Gleb.
next prev parent reply other threads:[~2013-04-17 15:20 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-04-17 11:50 [PATCH 0/10] KVM: nVMX: shadow VMCS support, v2 Abel Gordon
2013-04-17 11:51 ` [PATCH 01/10] KVM: nVMX: Shadow-vmcs control fields/bits Abel Gordon
2013-04-17 11:51 ` [PATCH 02/10] KVM: nVMX: Detect shadow-vmcs capability Abel Gordon
2013-04-17 13:51 ` Gleb Natapov
2013-04-17 14:33 ` Abel Gordon
2013-04-17 11:52 ` [PATCH 03/10] KVM: nVMX: Introduce vmread and vmwrite bitmaps Abel Gordon
2013-04-17 11:52 ` [PATCH 04/10] KVM: nVMX: Refactor handle_vmwrite Abel Gordon
2013-04-17 11:53 ` [PATCH 05/10] KVM: nVMX: Allocate shadow vmcs Abel Gordon
2013-04-17 14:10 ` Gleb Natapov
2013-04-17 14:41 ` Abel Gordon
2013-04-17 14:44 ` Gleb Natapov
2013-04-17 11:53 ` [PATCH 06/10] KVM: nVMX: Release " Abel Gordon
2013-04-17 11:54 ` [PATCH 07/10] KVM: nVMX: Copy processor-specific shadow-vmcs to VMCS12 Abel Gordon
2013-04-17 11:54 ` [PATCH 08/10] KVM: nVMX: Copy VMCS12 to processor-specific shadow vmcs Abel Gordon
2013-04-17 11:55 ` [PATCH 09/10] KVM: nVMX: Synchronize VMCS12 content with the " Abel Gordon
2013-04-17 14:34 ` Gleb Natapov
2013-04-17 14:59 ` Abel Gordon
2013-04-17 15:39 ` Gleb Natapov
2013-04-17 16:03 ` Abel Gordon
2013-04-17 21:59 ` Paolo Bonzini
2013-04-18 6:24 ` Abel Gordon
2013-04-18 6:54 ` Gleb Natapov
2013-04-18 6:59 ` Paolo Bonzini
2013-04-17 11:55 ` [PATCH 10/10] KVM: nVMX: Enable and disable shadow vmcs functionality Abel Gordon
2013-04-17 14:41 ` Gleb Natapov
2013-04-17 15:18 ` Abel Gordon
2013-04-17 15:20 ` Gleb Natapov [this message]
-- strict thread matches above, loose matches on Subject: below --
2013-04-17 17:05 [PATCH 0/10] KVM: nVMX: shadow VMCS support, v3 Abel Gordon
2013-04-17 17:10 ` [PATCH 10/10] KVM: nVMX: Enable and disable shadow vmcs functionality Abel Gordon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130417152008.GB8997@redhat.com \
--to=gleb@redhat.com \
--cc=ABELG@il.ibm.com \
--cc=dongxiao.xu@intel.com \
--cc=jun.nakajima@intel.com \
--cc=kvm@vger.kernel.org \
--cc=nadav@harel.org.il \
--cc=owasserm@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox