From: Sean Christopherson <seanjc@google.com>
To: Chao Gao <chao.gao@intel.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Paolo Bonzini <pbonzini@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>
Subject: Re: [PATCH] KVM: VMX: Flush shadow VMCS on emergency reboot
Date: Mon, 14 Apr 2025 18:03:44 -0700 [thread overview]
Message-ID: <Z_0XCXwptNhtI_A_@google.com> (raw)
In-Reply-To: <Z/0LJTnNCsQ3RIrR@intel.com>
On Mon, Apr 14, 2025, Chao Gao wrote:
> A related topic is why KVM is flushing VMCSs. I haven't found any explicit
> statement in the SDM indicating that the flush is necessary.
>
> SDM chapter 26.11 mentions:
>
> If a logical processor leaves VMX operation, any VMCSs active on that logical
> processor may be corrupted (see below). To prevent such corruption of a VMCS
> that may be used either after a return to VMX operation or on another logical
> processor, software should execute VMCLEAR for that VMCS before executing the
> VMXOFF instruction or removing power from the processor (e.g., as part of a
> transition to the S3 and S4 power states).
>
> To me, the issue appears to be VMCS corruption after leaving VMX operation and
> the flush is necessary only if you intend to use the VMCS after re-entering VMX
> operation.
The problem is that if the CPU flushes a VMCS from the cache at a later time, for
any reason, then the CPU will write back data to main memory. The issue isn't
reusing the VMCS, it's reusing the underlying memory.
next prev parent reply other threads:[~2025-04-15 1:03 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-24 14:08 [PATCH] KVM: VMX: Flush shadow VMCS on emergency reboot Chao Gao
2025-03-31 23:17 ` Huang, Kai
2025-04-10 21:55 ` Sean Christopherson
2025-04-11 8:46 ` Chao Gao
2025-04-11 16:57 ` Sean Christopherson
2025-04-14 6:24 ` Xiaoyao Li
2025-04-14 12:15 ` Huang, Kai
2025-04-14 13:18 ` Chao Gao
2025-04-15 1:03 ` Sean Christopherson [this message]
2025-04-15 1:55 ` Chao Gao
2025-10-08 23:01 ` Sean Christopherson
2025-10-09 5:36 ` Chao Gao
2025-10-10 1:16 ` dan.j.williams
2025-10-10 21:22 ` VMXON for TDX (was: Re: [PATCH] KVM: VMX: Flush shadow VMCS on emergency reboot) Sean Christopherson
2025-05-02 21:51 ` [PATCH] KVM: VMX: Flush shadow VMCS on emergency reboot Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z_0XCXwptNhtI_A_@google.com \
--to=seanjc@google.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox