On 01/31/2018 08:53 PM, Jim Mattson wrote:
On Wed, Jan 31, 2018 at 11:37 AM, KarimAllah Ahmed <karahmed@xxxxxxxxx> wrote:+ + if (to_vmx(vcpu)->save_spec_ctrl_on_exit) { + nested_vmx_disable_intercept_for_msr( + msr_bitmap_l1, msr_bitmap_l0, + MSR_IA32_SPEC_CTRL, + MSR_TYPE_R | MSR_TYPE_W); + } +As this is written, L2 will never get direct access to this MSR until after L1 writes it. What if L1 never writes it? The condition should really be something that captures, "if L0 is willing to yield this MSR to the guest..."
but save_spec_ctrl_on_exit is also set for L2 write. So once L2 writes to it, this condition will be true and then the bitmap will be updated.
Amazon Development Center Germany GmbH Berlin - Dresden - Aachen main office: Krausenstr. 38, 10117 Berlin Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger Ust-ID: DE289237879 Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
