Once L1 loads VMCS12 we enable shadow-vmcs capability and copy all the VMCS12
shadowed fields to the shadow vmcs. When we release the VMCS12, we also
disable shadow-vmcs capability.
Signed-off-by: Abel Gordon <abelg@xxxxxxxxxx>
---
arch/x86/kvm/vmx.c | 11 +++++++++++
1 file changed, 11 insertions(+)
--- .before/arch/x86/kvm/vmx.c 2013-04-17 19:58:33.000000000 +0300
+++ .after/arch/x86/kvm/vmx.c 2013-04-17 19:58:33.000000000 +0300
@@ -5601,12 +5601,17 @@ static int nested_vmx_check_permission(s
static inline void nested_release_vmcs12(struct vcpu_vmx *vmx)
{
+ u32 exec_control;
if (enable_shadow_vmcs) {
if (vmx->nested.current_vmcs12 != NULL) {
/* copy to memory all shadowed fields in case
they were modified */
copy_shadow_to_vmcs12(vmx);
vmx->nested.sync_shadow_vmcs = false;
+ exec_control = vmcs_read32(SECONDARY_VM_EXEC_CONTROL);
+ exec_control &= ~SECONDARY_EXEC_SHADOW_VMCS;
+ vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control);
+ vmcs_write64(VMCS_LINK_POINTER, -1ull);
}
}
kunmap(vmx->nested.current_vmcs12_page);
@@ -6095,6 +6100,7 @@ static int handle_vmptrld(struct kvm_vcp
gva_t gva;
gpa_t vmptr;
struct x86_exception e;
+ u32 exec_control;
if (!nested_vmx_check_permission(vcpu))
return 1;
@@ -6140,6 +6146,11 @@ static int handle_vmptrld(struct kvm_vcp
vmx->nested.current_vmcs12 = new_vmcs12;
vmx->nested.current_vmcs12_page = page;
if (enable_shadow_vmcs) {
+ exec_control = vmcs_read32(SECONDARY_VM_EXEC_CONTROL);
+ exec_control |= SECONDARY_EXEC_SHADOW_VMCS;
+ vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control);
+ vmcs_write64(VMCS_LINK_POINTER,
+ __pa(vmx->nested.current_shadow_vmcs));
vmx->nested.sync_shadow_vmcs = true;
}
}
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
