From patchwork Mon Nov 14 22:15:39 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9428647 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id CEFC660471 for ; Mon, 14 Nov 2016 22:50:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D7EBE28783 for ; Mon, 14 Nov 2016 22:50:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CC580287D4; Mon, 14 Nov 2016 22:50:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DD8428783 for ; Mon, 14 Nov 2016 22:50:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S941083AbcKNWuS (ORCPT ); Mon, 14 Nov 2016 17:50:18 -0500 Received: from mail-sn1nam02on0067.outbound.protection.outlook.com ([104.47.36.67]:29888 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S938977AbcKNWuQ (ORCPT ); Mon, 14 Nov 2016 17:50:16 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=7Qdaw8muCMwhNOt4GYFI8zi9zvukGJnpUutU0OMtLDw=; b=nT6zQKZmtCjej+BF6oTT4SOnrZ5AdB0SeDZ/dMGU39mrzIj5Z7VwJCJ4oIulPUI+zNuj0mWlEOQGoJqbZG0nZy7lQP2z7JXNk1i4/3aQak2n0/+80VX12C0cVqb/lDbDn2u7V8EA3FkeY0iRHsN5TwTbc9qIff6qIAWlr2sGcBE= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from [127.0.1.1] (165.204.77.1) by SN1PR12MB0670.namprd12.prod.outlook.com (10.163.208.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.707.6; Mon, 14 Nov 2016 22:15:43 +0000 Subject: [PATCH v1 1/3] kvm: svm: Add support for additional SVM NPF error codes From: Brijesh Singh To: CC: , , , , , , , , , , Date: Mon, 14 Nov 2016 17:15:39 -0500 Message-ID: <147916173923.16347.14406683681257344312.stgit@brijesh-build-machine> In-Reply-To: <147916172660.16347.15695649975899246333.stgit@brijesh-build-machine> References: <147916172660.16347.15695649975899246333.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: MWHPR21CA0017.namprd21.prod.outlook.com (10.173.47.27) To SN1PR12MB0670.namprd12.prod.outlook.com (10.163.208.28) X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0670; 2:CMsHQ6baXTbq3r6W4jAHr+Z6yPjusEs6PF6pDbc0llFotFInldXa3D0c2VP1tCbzes4v6jITUoxaRSrgzUsuSBI3ju4h8xUPqN9LOTt1E6tw+/fReDfpkI0rY0KrEMKp2mi73d6GOmYwQMLpExNOg9jjqYUfdqvFN5SZiUVqLJA=; 3:Mlu7RLBPuOYriays9yMtFGbrTz/866nQ03zdiVHWUh8yacxKMoMKwMFzi75Gdyp5CIIW6SlTexudZwJF4dmwRGu0Kgg84R924nHji+PStaUVPwecqGndCt7yHtrEH00llHybBu2HMlLxaRQR1uq2HlTW/IUFXE1lTd2970Rr5I4= X-MS-Office365-Filtering-Correlation-Id: 3a7a0219-2632-4b3b-a71f-08d40cdbc78b X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001); SRVR:SN1PR12MB0670; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0670; 25:/uNzN0t41k89rnqzpBftB7i/5H6WmW0b5vDFRZ6bbDMEPOAbzUZyPbVmBelsOyx2c7OnuCd9Wuxbu9Rifr17l0EEU9xDejh9sXd4zILtuK4bueOXq03SHWlRyw2mKvhT3yDJMD8Zg7nbVNR8If8scjgl7d3P7IAwzSnUrwYhK45uFwQsoKEzTsx0PxBmITxHxmjtJNZOiAFRiUcWWd/kj/kZTgDhYVu6lHe+yLhs2ALwu//xKMSFFkEVuxBBbc0wesh8rTsn/MdF1jV9kK0RWtiq4HZ/hMa4dWn0EzuXMbl4dx+q0lsVKk7TVPZnMTBCTD82oWjoFhXzcNEIrUOHH46Z7RJIipUlI6GX9HKnBSqJ4dfTav2wNomzorvuNP/qFKAN2TUvUe7ZiIK/qtinBXogD8tjdzyKiyrzI5FvV+ch9RbxmMDtACpiUaC8RiHJWJBGz+awRgkiRNMxF4Oxfqhy9+PO1d2VqaBjJWC/aBJoF2dq2WanQjw5zMwnr7U0anS6T5LE8dsN2EOYiToPi3u3YHyhTSk+Z7qr9bbcxscnVQgSbfXsldOCXlm+ZnUAn+r4izYhHIrxZnvt2q9OFow3D+XB3WHuX+RPxCjmWEn1GkDhFmgjyXNqzXeLNQ8jhjNbVzGFUjkjQO1JdbtZNfmfhtoPH2HfOIQeAxBUjbuyLqxBiPcump9QMxoKh/RTA0xJeoXvwxU9Ivm9pMM2HgsZlmbCgNMCyaiW7gb0GHY5zo0dEfZLvDfo6dW8PB7M X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0670; 31:FdqqKm0ZrdFJrwAk4pEX00Fdg1m7AbOsIWm7xNt+8HkDEAekPeHQHb35zCxUFy12UI9qV6+Ofg9rs2TrwAoApG3yuK1DTuqzKY56E4oSdpqJZ9EDHLhzFvOG6J1TWTw8ynOzWayec83s1/3EJrW513TWJqidD2aqN40j8It3uvQxUE3VCnRWo7aOEVPRn/1pzDQLmmIIUUEP/ocGNmFGwX+34Emp3HVSF+ChjkPqzansaHgKnLjR02DSghDfbHu7JK1QSdh13sYxRwI2igyNikE/MGfjNhTDxrHUbWH0+Jk=; 20:W8DRZdRcq9EZ+LVXMzPxohxcgTuLqBfoIdgUHpcXncRetnRdaSSYhLe0DMgPgSDLYIYthrDFUk7CY0qTjfYa7bOsbHO0yEu9jSDHsoSGnxJXZryM1np7BXsvNkvXW5yOq1FRH62x6sfElLuWk39E3sXijx9ezHnebVQXhpaOUEMYXlEKeX71VtEvjrFDzW2H4lNOOFPxceuPLcWD38bV2xLsDI6GKlyIOztiC2DIssF1lucJjgpswLJ6+Fx3WnOSeCZK2A37VeGmRwYtzDW+s2C0wjOV3zHbzeuOdt3jzv7VrE6t00CxA3X7pIIZg1JElDe0w5PzUXF0rfYA4sk7f2vchYzl34t1+yXVDj5NT484RDeO8KO4IXEXWR+T7BEEy8D9KvYrAPLpA+mNCZc0nYgPbMPqTpgco1QrzABoD/vK7IBh2IIyKkedP/ftvd0FFE/snV0E0JMZ6i3qfog1ySinH3cdcpoqZh/M++DMVhTvRqcgnc7koGhv7YEiaWyP X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6060326)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6061324); SRVR:SN1PR12MB0670; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB0670; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0670; 4:ZF6rDPGBF3/V1IJvM5xkh6TpRbIP5WAFw7ZrVCpAznV1eSRppIdoIv46GQL16VdTsBHd03LwDKIjWcZSrKVV42OkfCh2ITNAozz2iJOfaiSATmbI2AIX1TLSBtADSuJdjtyBkE8mIdT+Ds9tNioRKmxth0BIC3fSfieYSX/z12dgJd2wQsQRlp6ca+A8ryEKX0bmSfKx2YZ/jFqS2e8lT5VGTyXyVnmRT5TL3sZf1oYcKTwiEM8RhU/H9/z0xHucDGt8n0+Hk98CzsoR3O6xpxrgtGZZIH6oOPeukyisy0cicoBDLTkycvT8pEnUoJCH4yOdHqYhp/t3XzRzcQYGJuoUoxyyBtGB0LT+u2uqD9yqww9QYZ2eM6bv8U7zq0U4sLHxr3vDVvcEJ2PBj7l74yjeKm1ZjBD89BHIxNROL5T7fL0SxwIHrijI+f8H8d8DdLMFgCD+SgfKEYQYJGzWyIQFGI8mANmZsgrO6TyhAek= X-Forefront-PRVS: 0126A32F74 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6049001)(6009001)(7916002)(189002)(199003)(92566002)(305945005)(101416001)(50466002)(8676002)(2351001)(5660300001)(103116003)(42186005)(2906002)(7416002)(4326007)(105586002)(77096005)(110136003)(2950100002)(86362001)(81156014)(81166006)(6916009)(106356001)(6116002)(3846002)(4001350100001)(6666003)(23676002)(9686002)(66066001)(47776003)(33716001)(68736007)(50986999)(33646002)(189998001)(230700001)(7736002)(54356999)(83506001)(97736004)(7846002)(76176999)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0670; H:[127.0.1.1]; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwNjcwOzIzOkNRVUxxQUVRMnVuVzFNbnBYQzlTZGg3QlVD?= =?utf-8?B?N1hzNDBYdmRLMXJuMlA4UmNXVmFFa1plTFBwY1ArcDNUYi9GUEhsaWU4dnNB?= =?utf-8?B?NWoyMW5vS08wV2wxYllpNjA2QlBhRWZJdzhxYlRjY0ptcWppQTJiRkxCWHlU?= =?utf-8?B?LzBicU1KRGhDUE0rOVp3aU9Pc08zTXBRaTNnRlI4T2JucW1LaGY5OS95ZnZT?= =?utf-8?B?Q1NUelE0NEdMUk9xVHFnUGJ1OFVqTWJLVDhHaWs4K0czZnJMb2lsUTdka01V?= =?utf-8?B?eVRnSHdRZnpIQTFBendjOGtDSm82U0VIaGF6b2h4Q0lzNCtwU2pKZlRnT21R?= =?utf-8?B?MDREYStJUnFIamVrUms0WllrYVQ3QXd4RUtUeWlkb3NzSlVrOHNxTmoxVFFG?= =?utf-8?B?VDZWWXM4TFVLdW5Nb1A1eFlWUkcyUXVVcUp2SUQ0U2tvc0k5Q0c5ZXVrd0t6?= =?utf-8?B?L1pOM3p1Ym5jcTlUVEF2YTE0RC9lWUIrMGRPQWxIRmhJVHBLRnA4WUEzOFoy?= =?utf-8?B?a0ozemVCVERrZmJVdldQeGZhVno2UVdXUlZEMFBIMDhBV2VMV2xJOVJHcXE2?= =?utf-8?B?R2lWWW5TanhseWtHcTJrdVprUEhZNU1uRG5sYmdOV2ZKUktnSWs2WkVUVXJq?= =?utf-8?B?dlNmMjNjZndPbG5EUWlXSEE5ZlhTWEN3S3l0MXV1TWdGZ1gwcEVPQkkyUzlH?= =?utf-8?B?TjYrMm9UV1E4eGJobjJocllxRVhHN1poMUZQLzU0ZFdlVXBRS3R2dS9uY1ND?= =?utf-8?B?aGFiY2hwK1N1Z2RRaGdrWmtha0FwbHlDWjdsZ24zU0NYNlpWMi9QN3V1RjFL?= =?utf-8?B?ajltV3cxSmJWV0p0b296UEh4QXI3UFMreFM1QnJaOExkUCtnUDR3anc0cWNT?= =?utf-8?B?ZndRQ2FFUUtvVmdlMkprQ3htdG9BQkJkZUd3bHdaRmJ1THJnZTdGUjdjRlpC?= =?utf-8?B?Q2ZvbCtROVVqR1FyQU1lMkpmdzBaSld2SW5nSno4RDh1NXBqQXFUMVV0cEJo?= =?utf-8?B?Uk5aY1NqeWVpMk92YzJubnk5ODJnaFFzbU9LMk82OHJFTVcyRUVWMkdBRGZ4?= =?utf-8?B?QlNkTzBEcWowWHRmdXVEWGdqaG41SHc4d3BWNEVFS0lXUXh3dk1hYlFPeENm?= =?utf-8?B?WkxPOW9VNU9rUEp2ZkM0K0FMUk1TWWRzT0NUb1dVMDNSUjU1S2hNQmkxbGZF?= =?utf-8?B?cWdBcVhVRVpxNU5wdE9FcUVNajZ0ZWdwWHNZOHFXVWt1NHZTY0tTeDBNNWw4?= =?utf-8?B?S3h5OC9MMkFUMU1NVEZLdnNnenpBQ2dTZzVITEtzV2ZsS3pycGgyWXBMYUlY?= =?utf-8?B?S251dzhEOXBWU1RHSmhIWGNHNWNZcnpaZy9HMnlCM3p1cWhKRUR3V3l4NXhN?= =?utf-8?B?Wmx2SnZLR2hSM0dISTBraGhpZXU4cnRCNytYZTRBSUdmYjhPNkEreWxkUGgx?= =?utf-8?B?Mk9yb0F1eEZYK0lrWDFqUEp0UnFuVkpKS241aFlVZHFhK0t0cXRpRWIxa2tT?= =?utf-8?B?eHBrTEtQQkRsWFJqcHBpdU1TMU5KTjBrV2cwV2JZTXZtK1hJY0NqdkpubVZq?= =?utf-8?Q?1nGiFKfCzEPfxwv46iOZxeB4AR3HeIFlOObLPxEqri4g=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0670; 6:kpvEVs4QpT2fgeYTmGmBP+3cLq5nWawTszI9QmGaQCzrMFCFlDgfpv+EgF/aWRrgzy+cQoboMy2IXgBdf6CmaQpdqNQrxfP78KvtgkKxoecw0KL3hYQLwzX9hT1hYspTnHum90hFy5Rs9cG4OsJEiAG+ed0yqqERZfrrEEWoamLZe83DdDap+HhuR2dm7GzOBTGTZEz+tZGsqCD7bCwLFhg0kusB4KX8NV7fsVpx+o88EEYtXfXDWpj9CrDFayDm1+lP9XYzttyKgmX5oASMRuD8JZglaceobvE99obvjq2nHeAq9YE4BUOErVWVBq2EBcTp42tyNqm2CZDgRLEe2Y9RBxnin6s1L4v27vvcT8FVH5QK12B+1cIFeT1kLiO0; 5:ztb9YGA00BIdkhnPKDgoW7brRMB4IjvWoRg7c5GpO7LJCIUOLc6Z5pMjoVK53koqjmQkcDhQgp841K7TpPOo54x1UiddZFxtEo4c4vEOyXZpK5IvpHNN/UQ9uiASxQne8cbQ+qGVHdgcFCqjlVFStQ==; 24:0glew8yhWMyR1u9UTTS0olSzE5bMN34miZyYs9fhZfDnTz3oKbK14cjcXZ+sM6JLpjeWNfs2YA/QrkLLcxgtE41wflqpSmCtCcDdSBsLUqk= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0670; 7:q/TXurGyog4dJIjgcd9KmiX3qBpk/wiJ3e+7qYXYdMKB4kfud32iSgCSBc8e6wQGt038e5Yfhe3noM7IT5FVBe2iyJgU4Y1T6ZivRFN0wqBW+WBAYN/sS8rF8wrQsOBuWn5Q9C9Tdev151iyEzNmW+3ygXN+kJCdZGRa086RCbfoxHtTsA2GLIXejOaR2XEuq61eqt8nABgnMppcrHFpCdCBLoZPtaHBAOVnDRbhyQ7/A6H2EbJB5JmUquHAq1GItgBWDN5b9T/AIyCkAzc7dowHmiwbq4CndJJf+uCE7gorFXBGuD0Wrb5Zz0Kjr7MLu9JFlyymExhqdgVnHgagqRXuBxrj0kIPrK9f31OTSVs=; 20:zoEqqC/Kv0v07yetoUvTrKdoWop9UZuLfqkS43nlLQgmepx4P2yJOVAPsNRSt3swvES3gVn5o1hc7W6RpOfhOkCz5Ox3VFbjRCHddvZN4t3ekNeOuuzQGe0jY3qdMJyvaearugXoELBmnTmwqXTtvEk9HIgmv5hRs55zRJZXqxfoPXDm9izw7IP2QwohwXrmyg3snUriQlnIjZP6jivrbsQA7hzCCZbx5QoWcML7I8pqIJr+hKT9QbVqVqGwYvRg X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Nov 2016 22:15:43.7490 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0670 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Tom Lendacky AMD hardware adds two additional bits to aid in nested page fault handling. Bit 32 - NPF occurred while translating the guest's final physical address Bit 33 - NPF occurred while translating the guest page tables The guest page tables fault indicator can be used as an aid for nested virtualization. Using V0 for the host, V1 for the first level guest and V2 for the second level guest, when both V1 and V2 are using nested paging there are currently a number of unnecessary instruction emulations. When V2 is launched shadow paging is used in V1 for the nested tables of V2. As a result, KVM marks these pages as RO in the host nested page tables. When V2 exits and we resume V1, these pages are still marked RO. Every nested walk for a guest page table is treated as a user-level write access and this causes a lot of NPFs because the V1 page tables are marked RO in the V0 nested tables. While executing V1, when these NPFs occur KVM sees a write to a read-only page, emulates the V1 instruction and unprotects the page (marking it RW). This patch looks for cases where we get a NPF due to a guest page table walk where the page was marked RO. It immediately unprotects the page and resumes the guest, leading to far fewer instruction emulations when nested virtualization is used. Signed-off-by: Tom Lendacky Reviewed-by: Borislav Petkov Signed-off-by: Brijesh Singh --- arch/x86/include/asm/kvm_host.h | 11 ++++++++++- arch/x86/kvm/mmu.c | 20 ++++++++++++++++++-- arch/x86/kvm/svm.c | 2 +- 3 files changed, 29 insertions(+), 4 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index bdde807..da07e17 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -191,6 +191,8 @@ enum { #define PFERR_RSVD_BIT 3 #define PFERR_FETCH_BIT 4 #define PFERR_PK_BIT 5 +#define PFERR_GUEST_FINAL_BIT 32 +#define PFERR_GUEST_PAGE_BIT 33 #define PFERR_PRESENT_MASK (1U << PFERR_PRESENT_BIT) #define PFERR_WRITE_MASK (1U << PFERR_WRITE_BIT) @@ -198,6 +200,13 @@ enum { #define PFERR_RSVD_MASK (1U << PFERR_RSVD_BIT) #define PFERR_FETCH_MASK (1U << PFERR_FETCH_BIT) #define PFERR_PK_MASK (1U << PFERR_PK_BIT) +#define PFERR_GUEST_FINAL_MASK (1ULL << PFERR_GUEST_FINAL_BIT) +#define PFERR_GUEST_PAGE_MASK (1ULL << PFERR_GUEST_PAGE_BIT) + +#define PFERR_NESTED_GUEST_PAGE (PFERR_GUEST_PAGE_MASK | \ + PFERR_USER_MASK | \ + PFERR_WRITE_MASK | \ + PFERR_PRESENT_MASK) /* apic attention bits */ #define KVM_APIC_CHECK_VAPIC 0 @@ -1203,7 +1212,7 @@ void kvm_vcpu_deactivate_apicv(struct kvm_vcpu *vcpu); int kvm_emulate_hypercall(struct kvm_vcpu *vcpu); -int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t gva, u32 error_code, +int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t gva, u64 error_code, void *insn, int insn_len); void kvm_mmu_invlpg(struct kvm_vcpu *vcpu, gva_t gva); void kvm_mmu_new_cr3(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index d9c7e98..f633d29 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -4508,7 +4508,7 @@ static void make_mmu_pages_available(struct kvm_vcpu *vcpu) kvm_mmu_commit_zap_page(vcpu->kvm, &invalid_list); } -int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u32 error_code, +int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code, void *insn, int insn_len) { int r, emulation_type = EMULTYPE_RETRY; @@ -4527,12 +4527,28 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u32 error_code, return r; } - r = vcpu->arch.mmu.page_fault(vcpu, cr2, error_code, false); + r = vcpu->arch.mmu.page_fault(vcpu, cr2, lower_32_bits(error_code), + false); if (r < 0) return r; if (!r) return 1; + /* + * Before emulating the instruction, check if the error code + * was due to a RO violation while translating the guest page. + * This can occur when using nested virtualization with nested + * paging in both guests. If true, we simply unprotect the page + * and resume the guest. + * + * Note: AMD only (since it supports the PFERR_GUEST_PAGE_MASK used + * in PFERR_NEXT_GUEST_PAGE) + */ + if (error_code == PFERR_NESTED_GUEST_PAGE) { + kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(cr2)); + return 1; + } + if (mmio_info_in_cache(vcpu, cr2, direct)) emulation_type = 0; emulate: diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 8ca1eca..4e462bb 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -2074,7 +2074,7 @@ static void svm_set_dr7(struct kvm_vcpu *vcpu, unsigned long value) static int pf_interception(struct vcpu_svm *svm) { u64 fault_address = svm->vmcb->control.exit_info_2; - u32 error_code; + u64 error_code; int r = 1; switch (svm->apf_reason) {