From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH KVM VMX 2/2] KVM: VMX: Support Unrestricted Guest feature Date: Sun, 07 Jun 2009 09:56:11 +0300 Message-ID: <4A2B648B.4010509@redhat.com> References: <63a17882f4bc556589f979b751f191b4e0926f02.1244064594.git.nitin.a.kamble@intel.com> <32529287ac08871607972ec351d0f020f5c1479e.1244064594.git.nitin.a.kamble@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: no To-header on input <"unlisted-recipients:;"@redhat.com>, kvm@vger.kernel.org To: Nitin A Kamble Return-path: Received: from mx2.redhat.com ([66.187.237.31]:56571 "EHLO mx2.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753063AbZFGG4O (ORCPT ); Sun, 7 Jun 2009 02:56:14 -0400 In-Reply-To: <32529287ac08871607972ec351d0f020f5c1479e.1244064594.git.nitin.a.kamble@intel.com> Sender: kvm-owner@vger.kernel.org List-ID: Nitin A Kamble wrote: > "Unrestricted Guest" feature is added in the VMX specification. > Intel Westmere and onwards processors will support this feature. > > It allows kvm guests to run real mode and unpaged mode > code natively in the VMX mode when EPT is turned on. With the > unrestricted guest there is no need to emulate the guest real mode code > in the vm86 container or in the emulator. Also the guest big real mode > code works like native. > > The attached patch enhances KVM to use the unrestricted guest feature > if available on the processor. It also adds a new kernel/module > parameter to disable the unrestricted guest feature at the boot time. > > > @@ -1431,6 +1447,9 @@ static void enter_rmode(struct kvm_vcpu *vcpu) > unsigned long flags; > struct vcpu_vmx *vmx = to_vmx(vcpu); > > + if (enable_unrestricted_guest) > + goto continue_rmode; > + > I think you should just return here. You don't need to reset the mmu context or run the init_rmode() code. Maybe you need to flush the tlb. > + > + if (enable_unrestricted_guest && (seg != VCPU_SREG_LDTR)) > + ar |= 0x1; /* Accessed */ > + > vmcs_write32(sf->ar_bytes, ar); > } > Please add a comment indicating it's for broken userspace that doesn't set the A bit. -- Do not meddle in the internals of kernels, for they are subtle and quick to panic.