On Tue, 2021-11-16 at 15:11 +0100, Paolo Bonzini wrote: > On 11/16/21 14:17, David Woodhouse wrote: > > I'm not sure I'm ready to sign up to immediately fix everything that's > > hosed in nesting and kill off all users of the unsafe kvm_vcpu_map(), > > but I'll at least convert one vCPU user to demonstrate that the new > > gfn_to_pfn_cache is working sanely for that use case. > > I even have old patches that tried to do that, so I can try. Thanks. I think it starts with this on top of my current tree at https://git.infradead.org/users/dwmw2/linux.git/shortlog/refs/heads/xen-evtchn --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -9735,6 +9735,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) if (kvm_check_request(KVM_REQ_UPDATE_CPU_DIRTY_LOGGING, vcpu)) static_call(kvm_x86_update_cpu_dirty_logging)(vcpu); + if (kvm_check_request(KVM_REQ_GPC_INVALIDATE, vcpu)) + ; /* Nothing to do. It just wanted to wake us */ } if (kvm_check_request(KVM_REQ_EVENT, vcpu) || req_int_win || @@ -9781,6 +9783,14 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) local_irq_disable(); vcpu->mode = IN_GUEST_MODE; + /* + * If the guest requires direct access to mapped L1 pages, check + * the caches are valid. Will raise KVM_REQ_GET_NESTED_STATE_PAGES + * to go and revalidate them, if necessary. + */ + if (is_guest_mode(vcpu) && kvm_x86_ops.nested_ops->check_guest_maps) + kvm_x86_ops.nested_ops->check_guest_maps(); + srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx); /* That check_guest_maps() function can validate the caches which the L2 guest is actually using in the VMCS02, and if they need to be refreshed then raising a req will immediately break out of vcpu_enter_guest() to allow that to happen. I *think* we can just use KVM_REQ_GET_NESTED_STATE_PAGES for that and don't need to invent a new one?
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
