Am 25.10.2009 um 15:08 schrieb Avi Kivity <avi@xxxxxxxxxx>:
On 10/25/2009 03:53 PM, Alexander Graf wrote:
Am 25.10.2009 um 10:46 schrieb Avi Kivity <avi@xxxxxxxxxx>:
On 10/20/2009 09:23 PM, Alexander Graf wrote:
If the nested hypervisor doesn't intercept INTR we don't support
it anyways.
That's a bug.
It's a question of how accurate we want to be.
Even if we don't implement it immediately, it's still a bug. It
won't matter much until we hit a guest that needs it.
Really, pushing the whole nesting state over is not a good idea.
Isn't the entire state just one bit? Everything else should be
saved to guest memory.
It's not. We can't use the guest memory for hsave because then the
guest could break the l1 state, so a malicious hypervisor could
break us.
Guest hsave should be used for storing guest state when switching
into the nested guest, not host state. Host state is not part of
the save/restore state in any case.
No it's not.
When going in an l2 guest, we need to save the l1 state in the hsave.
Now if we'd use the l1 given hsave, the l2 guest could modify the hsave.
That means the l2 guest could rewrite the intercept bitmap to 0 and
compromize the host.
That's why we're storing the hsave data in a host allocated page.
Of course, we could save the whole hsave are off to the host on
migeation...
Alex
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
