On Mon, Sep 14, 2009 at 06:25:20PM +0200, Alexander Graf wrote: >>> having succeeded. The hardware_enable_all caller calls >>> hardware_disable_all (kvm_usage_count--) when enabling fails. >> >> But it does not hold any lock in between hardware_enable_all >> and hardware_disable_all. >> >> So its unsafe if another kvm_create_vm call happens in between, while >> kvm_usage_count is 1 ? > > So what we really need is a lock, so hardware_enable_all doesn't get > called twice? Isn't that what the kvm_lock here does? Either that or check hardware_enable_failed atomic variable even if kvm_usage_count > 1. >>>> Also, better move vmx.c's ept_sync_global from vmx_init to >>>> hardware_enable. >>> >>> Why? What does that do? >> >> 25.3.3.4 Guidelines for Use of the INVEPT Instruction >> >> Software can use the INVEPT instruction with the “all-context” >> INVEPT type immediately after execution of the VMXON instruction or >> immediately prior to execution of the VMXOFF instruction. Either >> prevents potentially undesired retention of information cached from >> EPT >> paging structures between separate uses of VMX operation. > > Hmhm. I don't have EPT hardware to test things on, but I can of course > make a blind move of the call. OK, i can do some basic testing before applying the patch. > > Alex -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
