On 04/08/2017 15:14, David Hildenbrand wrote: > ept_* function should only be called with enable_ept being set. > > Signed-off-by: David Hildenbrand <david@xxxxxxxxxx> > --- > arch/x86/kvm/vmx.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 4709032..11dfdca 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -3512,7 +3512,8 @@ static int hardware_enable(void) > wrmsrl(MSR_IA32_FEATURE_CONTROL, old | test_bits); > } > kvm_cpu_vmxon(phys_addr); > - ept_sync_global(); > + if (enable_ept) > + ept_sync_global(); > > return 0; > } > We probably should also disable EPT if !cpu_has_vmx_invept_global() in hardware_setup, and remove the "if" from ept_sync_global(). Paolo
