On 14.09.2009, at 18:46, Marcelo Tosatti wrote:
On Mon, Sep 14, 2009 at 06:25:20PM +0200, Alexander Graf wrote:
having succeeded. The hardware_enable_all caller calls
hardware_disable_all (kvm_usage_count--) when enabling fails.
But it does not hold any lock in between hardware_enable_all
and hardware_disable_all.
So its unsafe if another kvm_create_vm call happens in between,
while
kvm_usage_count is 1 ?
So what we really need is a lock, so hardware_enable_all doesn't get
called twice? Isn't that what the kvm_lock here does?
Either that or check hardware_enable_failed atomic variable even
if kvm_usage_count > 1.
The patch does a lock already.
Also, better move vmx.c's ept_sync_global from vmx_init to
hardware_enable.
Why? What does that do?
25.3.3.4 Guidelines for Use of the INVEPT Instruction
Software can use the INVEPT instruction with the “all-context”
INVEPT type immediately after execution of the VMXON instruction or
immediately prior to execution of the VMXOFF instruction. Either
prevents potentially undesired retention of information cached from
EPT
paging structures between separate uses of VMX operation.
Hmhm. I don't have EPT hardware to test things on, but I can of
course
make a blind move of the call.
OK, i can do some basic testing before applying the patch.
Great :-)
Alex
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html