On 7/18/2018 7:59 PM, Paolo Bonzini wrote: > On 09/07/2018 11:02, Tianyu Lan wrote: >> +static void check_ept_pointer(struct kvm_vcpu *vcpu, u64 eptp) >> +{ >> + struct kvm *kvm = vcpu->kvm; >> + u64 tmp_eptp = INVALID_PAGE; >> + int i; >> + >> + if (!kvm_x86_ops->tlb_remote_flush) >> + return; >> + >> + spin_lock(&to_kvm_vmx(kvm)->ept_pointer_lock); >> + to_vmx(vcpu)->ept_pointer = eptp; >> + >> + kvm_for_each_vcpu(i, vcpu, kvm) { >> + if (!VALID_PAGE(tmp_eptp)) { >> + tmp_eptp = to_vmx(vcpu)->ept_pointer; >> + } else if (tmp_eptp != to_vmx(vcpu)->ept_pointer) { >> + to_kvm_vmx(kvm)->ept_pointers_match = false; >> + spin_unlock(&to_kvm_vmx(kvm)->ept_pointer_lock); >> + return; >> + } >> + } >> + >> + to_kvm_vmx(kvm)->ept_pointers_match = true; >> + spin_unlock(&to_kvm_vmx(kvm)->ept_pointer_lock); >> +} >> + > > Is there any reason to do the check here, rather than the first time the > TLB flush is invoked? You could: > > - have a tristate (true, false, check) value for ept_pointers_match > > - reset it to "check" in vmx_set_cr3 > > - set it to either true or false in tlb_remote_flush if it is check, and > do the hypercall if it is true. > Thanks for your suggestion. Will update. > Paolo >