From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [patch] KVM: paravirtual guest support Date: Tue, 09 Jan 2007 12:13:56 +0200 Message-ID: <45A36AE4.6000904@qumranet.com> References: <20070109093354.GA10318@elte.hu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: kvm-devel Return-path: To: Ingo Molnar In-Reply-To: <20070109093354.GA10318-X9Un+BFzKDI@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org Errors-To: kvm-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org List-Id: kvm.vger.kernel.org Ingo Molnar wrote: > Subject: [patch] KVM: paravirtual guest support > From: Ingo Molnar > > this enables a CONFIG_PARAVIRT Linux guest kernel to establish a > hypercall API to a KVM host. If successfully registered, then the Linux > guest will optimize a few things like its interrupt controller, io-delay > and it also registers its cr3-cache structures with the host. (but the > host will not touch those, just yet) > > (this is fully backwards compatible - if the WRMSR fails then the Linux > guest continues to execute as a native kernel.) > > Signed-off-by: Ingo Molnar > --- > + /* > + * Cache-hit: we load the cached host-CR3 value. > + * This never causes any VM exit. (if it does then the > + * hypervisor could do nothing with this instruction > + * and the guest OS would be aborted) > + */ > + asm volatile("movl %0, %%cr3" > + : : "r" (cache->entry[idx].host_cr3)); > + goto out; > + } > + } > + > + /* > + * Cache-miss. Load the guest-cr3 value into cr3, which will > + * cause a VM exit to the hypervisor, which then loads the > + * host cr3 value and updates the cr3_cache. > + */ > + asm volatile("movl %0, %%cr3" : : "r" (guest_cr3)); > +out: > + put_cpu_var(para_state); > +} > + > There's a problem here. A cache-hit cr3 is an hpa, while a cache-miss cr3 is a gpa. The two could alias: /* pseudoassembler */ guest: mov $0x1234, %cr3 /* cache miss */ host: creates shadow for 0x1234 at 0x5678 set cr3 cache entry: $0x1234 -> 0x5678 guest: mov $0x5678, %cr3 /* cache miss */ vmx accepts that as a cached cr3 equivalent to the guest's 0x1234, whereas a 0x5678 gpa cr3 was intended. The only solution I see is to use the hypercall API on a cache miss. Once the guest indicates it wants to use the cr3 cache, set_cr3() should fault, and cr3 should only be accepted from the hypercall. -- error compiling committee.c: too many arguments to function ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV