On 2013-08-06 12:12, Gleb Natapov wrote: > On Tue, Aug 06, 2013 at 10:39:59AM +0200, Jan Kiszka wrote: >> From: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> >> >> If nested EPT is enabled, the L2 guest may change CR3 without any exits. >> We therefore have to read the current value from the VMCS when switching >> to L1. However, if paging wasn't enabled, L0 tracks L2's CR3, and >> GUEST_CR3 rather contains the real-mode identity map. So we need to >> retrieve CR3 from the architectural state after conditionally updating >> it - and this is what kvm_read_cr3 does. >> > I have a headache from trying to think about it already, but shouldn't > L1 be the one who setups identity map for L2? I traced what > vmcs_read64(GUEST_CR3)/kvm_read_cr3(vcpu) return here and do not see > different values in real mode. Did you try with my patches applied and unrestricted guest mode in use? Jan > >> Signed-off-by: Jan Kiszka <jan.kiszka@xxxxxxxxxxx> >> --- >> arch/x86/kvm/vmx.c | 2 +- >> 1 files changed, 1 insertions(+), 1 deletions(-) >> >> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c >> index b482d47..09666aa 100644 >> --- a/arch/x86/kvm/vmx.c >> +++ b/arch/x86/kvm/vmx.c >> @@ -8106,7 +8106,7 @@ static void prepare_vmcs12(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12) >> * Additionally, restore L2's PDPTR to vmcs12. >> */ >> if (enable_ept) { >> - vmcs12->guest_cr3 = vmcs_read64(GUEST_CR3); >> + vmcs12->guest_cr3 = kvm_read_cr3(vcpu); >> vmcs12->guest_pdptr0 = vmcs_read64(GUEST_PDPTR0); >> vmcs12->guest_pdptr1 = vmcs_read64(GUEST_PDPTR1); >> vmcs12->guest_pdptr2 = vmcs_read64(GUEST_PDPTR2); >> -- >> 1.7.3.4 > > -- > Gleb. >
Attachment:
signature.asc
Description: OpenPGP digital signature