On 13/06/19 18:16, Jim Mattson wrote:
> When L0 is executing handle_invept(), the TDP MMU is active. Emulating
> an L1 INVEPT does require synchronizing the appropriate shadow EPT
> root(s), but a call to kvm_mmu_sync_roots in this context won't do
> that. Similarly, the hardware TLB and paging-structure-cache entries
> associated with the appropriate shadow EPT root(s) must be flushed,
> but requesting a TLB_FLUSH from this context won't do that either.
>
> How did this ever work? KVM always does a sync_roots and TLB flush (in
> the correct context) when transitioning from L1 to L2. That isn't the
> best choice for nested VM performance, but it effectively papers over
> the mistakes here.
>
> Remove the unnecessary operations and leave a comment to try to do
> better in the future.
>
> Reported-by: Junaid Shahid <junaids@xxxxxxxxxx>
> Fixes: bfd0a56b90005f ("nEPT: Nested INVEPT")
> Cc: Xiao Guangrong <xiaoguangrong@xxxxxxxxxxxxxxxxxx>
> Cc: Nadav Har'El <nyh@xxxxxxxxxx>
> Cc: Jun Nakajima <jun.nakajima@xxxxxxxxx>
> Cc: Xinhao Xu <xinhao.xu@xxxxxxxxx>
> Cc: Yang Zhang <yang.z.zhang@xxxxxxxxx>
> Cc: Gleb Natapov <gleb@xxxxxxxxxx>
> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Reviewed-by Peter Shier <pshier@xxxxxxxxxx>
> Reviewed-by: Junaid Shahid <junaids@xxxxxxxxxx>
> Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx>
> ---
> arch/x86/kvm/vmx/nested.c | 8 +++-----
> 1 file changed, 3 insertions(+), 5 deletions(-)
Queued, thanks.
Paolo
