> On 13 Sep 2018, at 16:41, Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote:
>
> On Thu, Sep 13, 2018 at 03:43:19PM +0300, Liran Alon wrote:
>> L2 IA32_BNDCFGS should be updated with vmcs12->guest_bndcfgs only
>> when VM_ENTRY_LOAD_BNDCFGS is specified in vmcs12->vm_entry_controls.
>>
>> Otherwise, L2 IA32_BNDCFGS should be set to vmcs01->guest_bndcfgs which
>> is L1 IA32_BNDCFGS.
>>
>> Reviewed-by: Nikita Leshchenko <nikita.leshchenko@xxxxxxxxxx>
>> Reviewed-by: Darren Kenny <darren.kenny@xxxxxxxxxx>
>> Signed-off-by: Liran Alon <liran.alon@xxxxxxxxxx>
>> ---
>> arch/x86/kvm/vmx.c | 12 ++++++++++--
>> 1 file changed, 10 insertions(+), 2 deletions(-)
>>
>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>> index 6a82e603f2c5..3259775814d0 100644
>> --- a/arch/x86/kvm/vmx.c
>> +++ b/arch/x86/kvm/vmx.c
>> @@ -856,6 +856,7 @@ struct nested_vmx {
>>
>> /* to migrate it to L2 if VM_ENTRY_LOAD_DEBUG_CONTROLS is off */
>> u64 vmcs01_debugctl;
>> + u64 vmcs01_guest_bndcfgs;
>>
>> u16 vpid02;
>> u16 last_vpid;
>> @@ -12028,8 +12029,13 @@ static void prepare_vmcs02_full(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
>>
>> set_cr4_guest_host_mask(vmx);
>>
>> - if (vmx_mpx_supported())
>> - vmcs_write64(GUEST_BNDCFGS, vmcs12->guest_bndcfgs);
>> + if (vmx_mpx_supported()) {
>> + if (vmx->nested.nested_run_pending &&
>> + (vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS))
>> + vmcs_write64(GUEST_BNDCFGS, vmcs12->guest_bndcfgs);
>> + else
>> + vmcs_write64(GUEST_BNDCFGS, vmx->nested.vmcs01_guest_bndcfgs);
>> + }
>>
>> if (enable_vpid) {
>> u16 vmcs02_vpid;
>> @@ -12597,6 +12603,8 @@ static int enter_vmx_non_root_mode(struct kvm_vcpu *vcpu, u32 *exit_qual)
>>
>> if (!(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS))
>> vmx->nested.vmcs01_debugctl = vmcs_read64(GUEST_IA32_DEBUGCTL);
>> + if (!(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS))
>> + vmx->nested.vmcs01_guest_bndcfgs = vmcs_read64(GUEST_BNDCFGS);
>
> This needs to be wrapped with vmx_mpx_supported() else you'll VMREAD a
> non-existent field.
Oops. You are right. Will fix in v2.
Thanks,
-Liran
>
>>
>> vmx_switch_vmcs(vcpu, &vmx->nested.vmcs02);
>> vmx_segment_cache_clear(vmx);
>> --
>> 2.16.1
>>
