From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jan Kiszka <jan.kiszka@siemens.com>
Subject: Re: nVMX: Shadowing of CPU_BASED_VM_EXEC_CONTROL broken
Date: Wed, 08 Oct 2014 12:29:18 +0200
Message-ID: <543511FE.3060108@siemens.com>
References: <5434F5F9.3030803@siemens.com> <20141008092539.GA16561@kernel> <5435092A.3090704@siemens.com> <54350FD4.10403@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Cc: kvm <kvm@vger.kernel.org>, Bandan Das <bsd@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
	Wanpeng Li <wanpeng.li@linux.intel.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from david.siemens.de ([192.35.17.14]:57406 "EHLO david.siemens.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1755052AbaJHK33 (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 8 Oct 2014 06:29:29 -0400
In-Reply-To: <54350FD4.10403@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 2014-10-08 12:20, Paolo Bonzini wrote:
> Il 08/10/2014 11:51, Jan Kiszka ha scritto:
>>>> Could you point out where the other places L0 sets
>>>> CPU_BASED_VIRTUAL_INTR_PENDING before entering L2?
>> enable_irq_window(). I instrumented it, and it showed up right before
>> vmcs12 state became corrupted.
> 
> But it would write to the vmcs02, not to the shadow VMCS; the shadow
> VMCS is active during copy_shadow_to_vmcs12/copy_vmcs12_to_shadow, and
> at no other time.  It is not clear to me how the VIRTUAL_INTR_PENDING
> bit ended up from the vmcs02 (where it is perfectly fine) to the vmcs12.

Well, but somehow that bit ends up in vmcs12, that's a fact. Also that
the proble disappears when shadowing is disabled. Need to think about
the path again. Maybe there is just a bug, not a conceptual issue.

Jan

-- 
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux