On Thu, May 17, 2012 at 02:37:21AM +0000, Mao, Junjie wrote: > > > You can disable INVPCID exec control (which #UDs), if its in Level-2 > > > guest mode (see if_guest_mode()), and restore the Level-1 value when > > > leaving nested mode. > > > > This "!cpu_has_hypervisor " is brought by my ignorance on nested vmx. Sorry > > for that. > > > > BTW, this 'vmx_pcid_supported' is used for determining whether X86_FEATURE_[PCID|INVPCID] should be exposed for KVM_GET_SUPPORTED_CPUID ioctl. These bits are exposed to qemu in L0 if cpuid of L0 has them, but should now always be hidden from qemu in L1 no matter cpuid of L1 has them or not. I think that, for guest hypervisor, 'do_cpuid_ent' is run in L1 which has this hypervisor bit in its cpuid, giving rise to this '!cpu_has_hypervisor'. Do I understand things in the right way? The L2 guest should not execute with INVPCID_ENABLE secondary exec control set (because PCID is not supported for the L2 guest). INVPCID in L2 should #UD. See item 1 in Nadav's message. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
