diff mbox

[v7,3/3] KVM: nVMX: Emulate EPTP switching for the L1 hypervisor

Message ID b612922d-c27d-a6f5-f2e5-fb935bd4c6fb@redhat.com (mailing list archive)
State New, archived
Headers show

Commit Message

David Hildenbrand Aug. 4, 2017, 2:42 p.m. UTC 
Looks very good to me now. :)

>  	/*
> @@ -7820,6 +7834,88 @@ static int handle_preemption_timer(struct kvm_vcpu *vcpu)
>  	return 1;
>  }
>  
> +static bool valid_ept_address(struct kvm_vcpu *vcpu, u64 address)
> +{
> +	struct vcpu_vmx *vmx = to_vmx(vcpu);
> +	u64 mask = address & 0x7;
> +	int maxphyaddr = cpuid_maxphyaddr(vcpu);
> +
> +	/* Check for memory type validity */
> +	switch (mask) {
> +	case 0:
> +		if (!(vmx->nested.nested_vmx_ept_caps & VMX_EPTP_UC_BIT))
> +			return false;
> +		break;
> +	case 6:
> +		if (!(vmx->nested.nested_vmx_ept_caps & VMX_EPTP_WB_BIT))
> +			return false;
> +		break;

KVM always sets 6 without checking. But there is also a TODO left in
construct_eptp(). But we could hit this case probably only in very
strange environments (e.g. revoking it for our L1, so it cannot use WB
memory for L2). So we should be safe by requiring WB for now.


From 0ac06e7242d25ba1b66e4e6e2b20dbfa21ba4308 Mon Sep 17 00:00:00 2001
From: David Hildenbrand <david@redhat.com>
Date: Fri, 4 Aug 2017 16:40:32 +0200
Subject: [PATCH v1] KVM: VMX: require EPT WB (Write Back) memory type
support

Signed-off-by: David Hildenbrand <david@redhat.com>
---
 arch/x86/kvm/vmx.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

 	if (enable_ept_ad_bits &&
@@ -6579,7 +6583,8 @@ static __init int hardware_setup(void)
 		init_vmcs_shadow_fields();

 	if (!cpu_has_vmx_ept() ||
-	    !cpu_has_vmx_ept_4levels()) {
+	    !cpu_has_vmx_ept_4levels() ||
+	    !cpu_has_vmx_ept_wb_bit()) {
 		enable_ept = 0;
 		enable_unrestricted_guest = 0;
 		enable_ept_ad_bits = 0;
diff mbox

Patch

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 78c66a7..a2f8475 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -1192,6 +1192,11 @@  static inline bool cpu_has_vmx_ept_4levels(void)
 	return vmx_capability.ept & VMX_EPT_PAGE_WALK_4_BIT;
 }

+static inline bool cpu_has_vmx_ept_wb_bit(void)
+{
+	return vmx_capability.ept & VMX_EPTP_WB_BIT;
+}
+
 static inline bool cpu_has_vmx_ept_ad_bits(void)
 {
 	return vmx_capability.ept & VMX_EPT_AD_BIT;
@@ -4260,7 +4265,6 @@  static u64 construct_eptp(struct kvm_vcpu *vcpu,
unsigned long root_hpa)
 {
 	u64 eptp;

-	/* TODO write the value reading from MSR */
 	eptp = VMX_EPT_DEFAULT_MT |
 		VMX_EPT_DEFAULT_GAW << VMX_EPT_GAW_EPTP_SHIFT;