On Wed, Oct 03, 2018 at 06:38:21PM +0200, Paolo Bonzini wrote: > On 26/09/2018 18:23, Sean Christopherson wrote: > > KVM currently defers many VMX consistency checks to the CPU, including > > checks that result in VMFail (as opposed to VMExit). This behavior > > may be undesirable for some users since this means KVM detects certain > > classes of VMFail only after it has processed guest state. Because > > there is a strict ordering between checks that cause VMFail and those > > that cause VMExit, i.e. all VMFail checks are performed before any > > checks that cause VMExit, we can detect all VMFail conditions via a > > dry run of sorts. > > > > The end goal of this series is to add an optional (param-controlled) > > pre-run VMEnter into the nested_vmx_run() flow in order to perform > > all VMFail consistency checks prior to actually running vmcs02. By > > itself, this is not a complex process, but getting KVM to a point > > where the approach is viable requires a fair amount of refactoring, > > e.g. to split prepare_vmcs02() so that there is a point where vmcs02 > > can pass the VMFail checks without first consuming guest state. > > > > And while the goal (and subject) of this series is to enable early > > consistency checks, the vast majority of the series deals with bug > > fixes and cleanups in the nested VMX code. During the refactoring > > and testing, a number of pre-existing bugs, opportunities for code > > cleanup and easy optimization points (which unconvered more bugs) > > were encountered. > > > > Ideally, these patches would be split into 3-4 separate series, > > especially the bug fix patches. I smushed everything into a single > > series because the early VMEnter code breaks without the bug fixes > > and the refactoring shuffles the same code, and some of the cleanup > > and fixes are inter-dependent. > > I've now finished rebasing it, but haven't tested it yet. I made some > small changes to patch 19: > > 1) remove auto mode and default to off for now (we can always add back > auto mode if the defaults are changed) > > 2) rename the parameter to nested_early_check nested_early_check is a much better name :) > I'll push it tomorrow hopefully. The changelog still refers to the original name and auto behavior. The last paragraph of the changelog can be stripped down to a single sentence or removed altogether. The addition of "#include <asm/hypervisor.h>" can also be removed, it was added to support the auto behavior. Let me know if you want a patch. Thanks!
