2017-08-11 14:13 GMT+08:00 Paolo Bonzini <pbonzini@xxxxxxxxxx>:
> On 11/08/2017 07:59, Wanpeng Li wrote:
>> From: Wanpeng Li <wanpeng.li@xxxxxxxxxxx>
>>
>> Commit c016004494b0 (KVM: x86: Avoid guest page table walk when gpa_available
>> is set) avoids the page table walk when cr2 has already contained a valid GPA.
>> However, that is not the truth if ept == 0 and shadow page table is used. In
>> this scenario cr2 can just contains a valid GVA. The commit results in guest
>> stuck during boot due to read/write emulation against GVA instead of GPA of
>> the guest.
>>
>> This patch fixes it by not setting the gpa_available flag if the shadow page table
>> is used.
>
> Yup, I got these on my overnight tests too. A better fix that I was
> going to commit today is:
>
> if (vcpu->arch.mmu.direct_map) {
> vcpu->arch.gpa_available = true;
> vcpu->arch.gpa_val = fault_address;
> }
>
> because AMD gets here even if npt=1.
Good point, could I post a patch for this?
Regards,
Wanpeng Li
>
> Paolo
>
>> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
>> Cc: Radim Krčmář <rkrcmar@xxxxxxxxxx>
>> Cc: Brijesh Singh <brijesh.singh@xxxxxxx>
>> Signed-off-by: Wanpeng Li <wanpeng.li@xxxxxxxxxxx>
>> ---
>> arch/x86/kvm/mmu.c | 2 --
>> 1 file changed, 2 deletions(-)
>>
>> diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
>> index 849312d..e4ce20b 100644
>> --- a/arch/x86/kvm/mmu.c
>> +++ b/arch/x86/kvm/mmu.c
>> @@ -3791,8 +3791,6 @@ int kvm_handle_page_fault(struct kvm_vcpu *vcpu, u64 error_code,
>>
>> if (need_unprotect && kvm_event_needs_reinjection(vcpu))
>> kvm_mmu_unprotect_page_virt(vcpu, fault_address);
>> - vcpu->arch.gpa_available = true;
>> - vcpu->arch.gpa_val = fault_address;
>> r = kvm_mmu_page_fault(vcpu, fault_address, error_code, insn,
>> insn_len);
>> break;
>>
>
