On Mon, Apr 15, 2024 at 3:22 PM Chao Gao <chao.gao@xxxxxxxxx> wrote:
>
> >
> >- if (cpu_has_secondary_exec_ctrls())
> >+ if (cpu_has_secondary_exec_ctrls()) {
> > secondary_exec_controls_set(vmx, vmx_secondary_exec_control(vmx));
> >+ if (secondary_exec_controls_get(vmx) &
> >+ SECONDARY_EXEC_EPT_VIOLATION_VE) {
> >+ if (!vmx->ve_info) {
>
> how about allocating ve_info in vmx_vcpu_create()? It is better to me because:
>
> a. symmetry. ve_info is free'd in vmx_vcpu_free().
> b. no need to check if this is the first call of init_vmcs(). and ENOMEM can
> be returned on allocation failure.
There is no need to return ENOMEM however, it is okay to disable the test.
However I agree that doing it in vmx_vcpu_create(), conditional on
vmcs_config.cpu_based_2nd_exec_ctrl, is a bit cleaner.
Paolo
