On Thu, 21 Sep 2023 10:16:42 +0100,
Zenghui Yu <yuzenghui@xxxxxxxxxx> wrote:
>
> On 2023/9/21 2:17, Marc Zyngier wrote:
> > Signed-off-by: Marc Zyngier <maz@xxxxxxxxxx>
> > ---
> > arch/arm64/kvm/arm.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c
> > index 872679a0cbd7..23c22dbd1969 100644
> > --- a/arch/arm64/kvm/arm.c
> > +++ b/arch/arm64/kvm/arm.c
> > @@ -438,9 +438,9 @@ void kvm_arch_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
> > * We might get preempted before the vCPU actually runs, but
> > * over-invalidation doesn't affect correctness.
> > */
> > - if (*last_ran != vcpu->vcpu_id) {
> > + if (*last_ran != vcpu->vcpu_idx) {
> > kvm_call_hyp(__kvm_flush_cpu_context, mmu);
> > - *last_ran = vcpu->vcpu_id;
> > + *last_ran = vcpu->vcpu_idx;
> > }
> > vcpu->cpu = cpu;
>
> Isn't the original code (using vcpu_id) enough to detect a different
> previously run VCPU? What am I missing?
It is in theory enough. However, I couldn't convince myself of the
*unicity* of the vcpu_id field. It really feels like something as
crucial as the TLB invalidation shouldn't rely on something that is
controlled by userspace.
And I really should write a commit message to capture this.
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
