From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57804)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1WO7Ml-0000E8-Q0
	for qemu-devel@nongnu.org; Thu, 13 Mar 2014 11:16:21 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1WO7Md-0005xo-Ql
	for qemu-devel@nongnu.org; Thu, 13 Mar 2014 11:16:15 -0400
Received: from mx1.redhat.com ([209.132.183.28]:32913)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1WO7Md-0005xi-J6
	for qemu-devel@nongnu.org; Thu, 13 Mar 2014 11:16:07 -0400
Message-ID: <5321CBAC.20104@redhat.com>
Date: Thu, 13 Mar 2014 16:15:56 +0100
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <201403131259.s2DCxtIT011218@indigo.cs.bgu.ac.il>
In-Reply-To: <201403131259.s2DCxtIT011218@indigo.cs.bgu.ac.il>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] different IDTs of the same VCPU
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Alexander Binun <binun@cs.bgu.ac.il>
Cc: yagel@cs.bgu.ac.il, kahilm@post.bgu.ac.il, Stefan Hajnoczi <stefanha@gmail.com>, qemu-devel@nongnu.org, boaz.menuhin@gmail.com, markbl@post.bgu.ac.il

Il 13/03/2014 13:59, Alexander Binun ha scritto:
> Dear Friends,
>
>    Thanks for your assistance!
>
> We would like to ask you a question about the KVM internals.
>
> Our module includes a timer which (once in every second) fetches the IDT value of every online VCPU in the system using the kvm_x86_ops->get_idt ; the code looks like:
>
>   struct kvm_vcpu *curr_vcpu;
>   struct desc_ptr dt;
>
>   list_for_each_entry(kvm, vms_list, vm_list)
>   {
>     for (i = 0; i < kvm->online_vcpus.counter; i++)
>        {
>        curr_vcpu = kvm->vcpus[i];
>        kvm_x86_ops->get_idt(curr_vcpu, &dt);
>     }
>   }
>
> We have noticed that get_idt returns DIFFERENT values for the same
> VCPU (i.e. for the same value of i that refers to a given VCPU). We
> cannot understand this issue; could you explain ?
>
> It is very strange since nobody changes the IDT value (as , for example, rootkits do).

At the very least, running nested virtualization would lead to different 
IDT values.

But more simply, on Intel you can hardly do anything with kvm_x86_ops or 
kvm_vcpu except on the same physical CPU that is in vcpu->cpu.  The 
state is not in memory, it is cached inside the physical CPU.

There is no easy solution to this without modifying KVM.  You can add a 
request bit to KVM's vcpu->requests field, kick the vcpu and do the 
check in vcpu_enter_guest.

Paolo