mbox series

[0/2] KVM: nVMX: Alternative no-EPT GUEST_CR3 fix

Message ID 20190520201029.7126-1-sean.j.christopherson@intel.com (mailing list archive)
Headers show
Series KVM: nVMX: Alternative no-EPT GUEST_CR3 fix | expand

Message

Sean Christopherson May 20, 2019, 8:10 p.m. UTC 
As an alternative to forcing early consistency checks in hardware (to
avoid reaching nested_vmx_restore_host_state() due to a missed VM-FAIL),
stuff vmcs01.GUEST_CR3 with L1's desired CR3 prior to nested VM-Entry
so that nested_vmx_restore_host_state() loads the correct L1 state when
EPT is disabled in L0.

Code complexity in the two approaches is roughly similar, although the
GUEST_CR3 stuffing is definitely more subtle.  The primary motiviation
is performance, e.g. VMWRITE is less than 30 cyles, whereas doing
consistency checks via hardware is several hundred cycles.  Arguably
performance may be somewhat of a moot point when EPT is disabled, but
Nehalem hardware isn't *that* old.  :-)

Sean Christopherson (2):
  KVM: nVMX: Stash L1's CR3 in vmcs01.GUEST_CR3 on nested entry w/o EPT
  Revert "KVM: nVMX: always use early vmcs check when EPT is disabled"

 arch/x86/include/uapi/asm/vmx.h |  1 -
 arch/x86/kvm/vmx/nested.c       | 27 ++++++---------------------
 2 files changed, 6 insertions(+), 22 deletions(-)