On Wed, Aug 07, 2013 at 03:32:37PM +0200, Paolo Bonzini wrote:
> >>>>>diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> >>>>>index 44494ed..60a3644 100644
> >>>>>--- a/arch/x86/kvm/vmx.c
> >>>>>+++ b/arch/x86/kvm/vmx.c
> >>>>>@@ -3375,8 +3375,10 @@ static void vmx_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
> >>>>> if (enable_ept) {
> >>>>> eptp = construct_eptp(cr3);
> >>>>> vmcs_write64(EPT_POINTER, eptp);
> >>>>>- guest_cr3 = is_paging(vcpu) ? kvm_read_cr3(vcpu) :
> >>>>>- vcpu->kvm->arch.ept_identity_map_addr;
> >>>>>+ if (is_paging(vcpu) || is_guest_mode(vcpu))
> >>>>>+ guest_cr3 = kvm_read_cr3(vcpu) :
> >>>>>+ else
> >>>>>+ guest_cr3 = vcpu->kvm->arch.ept_identity_map_addr;
> >>>>> ept_load_pdptrs(vcpu);
> >>>>> }
> >>>>>
> >>>>That what I am thinking, will think about it some more tomorrow.
> >>>
> >>>OK, and I'll feed it into a local test.
> >>>
> >>Thought about is some more. So without nested unrestricted guest (nUG)
> >>is_paging() will always be true (since without nUG guest entry is not
> >>possible otherwise) and guest's cr3 will be used, but with nUG identity
> >>map is not used (that is why L2 still works even though wrong identity
> >>map pointer is assigned to cr3), so the code here just corrupts nested
> >>guest's cr3 for no reason and that is why you had to use kvm_read_cr3()
> >>in prepare_vmcs12() to get correct cr3 value. The patch above should be
> >>used instead of original one IMO. How is testing going?
> >
> >Yes, testing worked fine. I've queued above patch and will send it out
> >within the next round.
>
> Just reply here with the commit message you desire and
> Signed-off-by, so I can queue it for people who wish to play with
> nEPT.
>
I would love to have a comment there too :)
--
Gleb.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
