From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755475AbbIYICA (ORCPT ); Fri, 25 Sep 2015 04:02:00 -0400 Received: from mail-wi0-f180.google.com ([209.85.212.180]:37847 "EHLO mail-wi0-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755028AbbIYIB6 (ORCPT ); Fri, 25 Sep 2015 04:01:58 -0400 Subject: Re: [PATCH 1/2] KVM: introduce __vmx_flush_tlb to handle specific vpid To: Bandan Das , Wanpeng Li References: Cc: Jan Kiszka , Wincy Van , kvm@vger.kernel.org, linux-kernel@vger.kernel.org From: Paolo Bonzini X-Enigmail-Draft-Status: N1110 Message-ID: <5604FF71.6090109@redhat.com> Date: Fri, 25 Sep 2015 10:01:53 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 24/09/2015 18:12, Bandan Das wrote: > Not sure myself what's the right thing to do but this may be undesirable > in a nested environment. Assuming the processor supports global invalidation > only, this seems like a easy way for the nested guest to invalidate *all* > mappings - even the L1 specific mappings. It's not a great thing but it's already what happens if you do a global INVEPT (it calls vmx_flush_tlb, which results in a global INVVPID if the single-context variant is not supported). Even without nested virt a single guest could slow down all other guests just by triggering frequent TLB flushes (e.g. by moving around a ROM BAR thousands of times per second). It would help to know _which_ processors actually don't support single-context INVVPIDs... Paolo