Re: [PATCH v4 0/9] KVM: nSVM: fixes for CR3/MMU switch upon nested guest entry/exit

Paolo Bonzini <pbonzini@xxxxxxxxxx> · Fri, 10 Jul 2020 19:03:37 +0200

On 10/07/20 16:11, Vitaly Kuznetsov wrote:
> Changes since v3:
> - Swapped my "KVM: nSVM: stop dereferencing vcpu->arch.mmu to get the
>  context in kvm_init_shadow{,_npt}_mmu()" with Paolo's "KVM: MMU: stop
>  dereferencing vcpu->arch.mmu to get the context for MMU init".
> - keeping nested_svm_init_mmu_context() in nested_prepare_vmcb_control()
>  as this is also used from svm_set_nested_state() [Paolo],
>  nested_svm_load_cr3() becomes a separate step in enter_svm_guest_mode().
> - nested_prepare_vmcb_save() remains 'void' [Paolo]
> 
> Original description:
> 
> This is a successor of "[PATCH v2 0/3] KVM: nSVM: fix #TF from CR3 switch
> when entering guest" and "[PATCH] KVM: x86: drop erroneous mmu_check_root()
> from fast_pgd_switch()".
> 
> The snowball is growing fast! It all started with an intention to fix
> the particular 'tripple fault' issue (now fixed by PATCH7) but now we
> also get rid of unconditional kvm_mmu_reset_context() upon nested guest
> entry/exit and make the code resemble nVMX. There is still a huge room
> for further improvement (proper error propagation, removing unconditional
> MMU sync/TLB flush,...) but at least we're making some progress.
> 
> Tested with kvm selftests/kvm-unit-tests and by running nested Hyper-V
> on KVM. The series doesn't seem to introduce any new issues.
> 
> Paolo Bonzini (1):
>   KVM: MMU: stop dereferencing vcpu->arch.mmu to get the context for MMU
>     init
> 
> Vitaly Kuznetsov (8):
>   KVM: nSVM: split kvm_init_shadow_npt_mmu() from kvm_init_shadow_mmu()
>   KVM: nSVM: reset nested_run_pending upon nested_svm_vmrun_msrpm()
>     failure
>   KVM: nSVM: prepare to handle errors from enter_svm_guest_mode()
>   KVM: nSVM: introduce nested_svm_load_cr3()/nested_npt_enabled()
>   KVM: nSVM: move kvm_set_cr3() after nested_svm_uninit_mmu_context()
>   KVM: nSVM: implement nested_svm_load_cr3() and use it for host->guest
>     switch
>   KVM: nSVM: use nested_svm_load_cr3() on guest->host switch
>   KVM: x86: drop superfluous mmu_check_root() from fast_pgd_switch()
> 
>  arch/x86/kvm/mmu.h        |  3 +-
>  arch/x86/kvm/mmu/mmu.c    | 45 ++++++++++++------
>  arch/x86/kvm/svm/nested.c | 97 ++++++++++++++++++++++++++++-----------
>  arch/x86/kvm/svm/svm.c    |  6 ++-
>  arch/x86/kvm/svm/svm.h    |  4 +-
>  5 files changed, 110 insertions(+), 45 deletions(-)
> 

Queued, thanks.

Paolo