On Sun, Jun 22, 2014 at 04:35:24PM +0300, Avi Kivity wrote: > >>>+ * Failure to instantiate pages will abort guest entry. > >>>+ * > >>>+ * Page frames should be pinned with get_page in advance. > >>>+ * > >>>+ * Pinning is not guaranteed while executing as L2 guest. > >>Does this undermine security? > >PEBS writes should not be enabled when L2 guest is executing. > > What prevents L1 for setting up PEBS MSRs for L2? L2 should set up PEBS MSR, not L1 setup MSRs for L2. In case L2 sets up PEBS, L1->L2 switch should pin pages as well. But since PEBS is not supported for L2 ATM, i'll keep the code as is so it can be fixed later. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
