On 07/31/2013 05:48 PM, Gleb Natapov wrote: > From: Nadav Har'El <nyh@xxxxxxxxxx> > > kvm_set_cr3() attempts to check if the new cr3 is a valid guest physical > address. The problem is that with nested EPT, cr3 is an *L2* physical > address, not an L1 physical address as this test expects. > > As the comment above this test explains, it isn't necessary, and doesn't > correspond to anything a real processor would do. So this patch removes it. > > Note that this wrong test could have also theoretically caused problems > in nested NPT, not just in nested EPT. However, in practice, the problem > was avoided: nested_svm_vmexit()/vmrun() do not call kvm_set_cr3 in the > nested NPT case, and instead set the vmcb (and arch.cr3) directly, thus > circumventing the problem. Additional potential calls to the buggy function > are avoided in that we don't trap cr3 modifications when nested NPT is > enabled. However, because in nested VMX we did want to use kvm_set_cr3() > (as requested in Avi Kivity's review of the original nested VMX patches), > we can't avoid this problem and need to fix it. > > Reviewed-by: Xiao Guangrong <xiaoguangrong@xxxxxxxxxxxxxxxxxx> > Signed-off-by: Nadav Har'El <nyh@xxxxxxxxxx> > Signed-off-by: Jun Nakajima <jun.nakajima@xxxxxxxxx> > Signed-off-by: Xinhao Xu <xinhao.xu@xxxxxxxxx> > Signed-off-by: Yang Zhang <yang.z.zhang@xxxxxxxxx> > Signed-off-by: Gleb Natapov <gleb@xxxxxxxxxx> > --- > arch/x86/kvm/x86.c | 11 ----------- > 1 file changed, 11 deletions(-) > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index d2caeb9..e2fef8b 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -682,17 +682,6 @@ int kvm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) > */ > } > > - /* > - * Does the new cr3 value map to physical memory? (Note, we > - * catch an invalid cr3 even in real-mode, because it would > - * cause trouble later on when we turn on paging anyway.) > - * > - * A real CPU would silently accept an invalid cr3 and would > - * attempt to use it - with largely undefined (and often hard > - * to debug) behavior on the guest side. > - */ > - if (unlikely(!gfn_to_memslot(vcpu->kvm, cr3 >> PAGE_SHIFT))) > - return 1; > vcpu->arch.cr3 = cr3; > __set_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail); > vcpu->arch.mmu.new_cr3(vcpu); > Reviewed-by: Orit Wasserman <owasserm@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
