diff mbox series

[15/54] KVM: nSVM: Add a comment to document why nNPT uses vmcb01, not vCPU state

Message ID 20210622175739.3610207-16-seanjc@google.com (mailing list archive)
State New, archived
Headers show
Series KVM: x86/mmu: Bug fixes and summer cleaning | expand

Commit Message

Sean Christopherson June 22, 2021, 5:57 p.m. UTC
Add a comment in the nested NPT initialization flow to call out that it
intentionally uses vmcb01 instead current vCPU state to get the effective
hCR4 and hEFER for L1's NPT context.

Note, despite nSVM's efforts to handle the case where vCPU state doesn't
reflect L1 state, the MMU may still do the wrong thing due to pulling
state from the vCPU instead of the passed in CR0/CR4/EFER values.  This
will be addressed in future commits.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/svm/nested.c | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Paolo Bonzini June 23, 2021, 5:06 p.m. UTC | #1
On 22/06/21 19:57, Sean Christopherson wrote:
> +	/*
> +	 * L1's CR4 and EFER are stuffed into vmcb01 by the caller.  Note, when
> +	 * called via KVM_SET_NESTED_STATE, that state may_not_  match current
> +	 * vCPU state.  CR0.WP is explicitly ignored, while CR0.PG is required.
> +	 */

"stuffed into" doesn't really match reality of vmentry, though it works 
for KVM_SET_NESTED_STATE.  What about a more neutral "The NPT format 
depends on L1's CR4 and EFER, which is in vmcb01"?

Paolo
Sean Christopherson June 23, 2021, 8:49 p.m. UTC | #2
On Wed, Jun 23, 2021, Paolo Bonzini wrote:
> On 22/06/21 19:57, Sean Christopherson wrote:
> > +	/*
> > +	 * L1's CR4 and EFER are stuffed into vmcb01 by the caller.  Note, when
> > +	 * called via KVM_SET_NESTED_STATE, that state may_not_  match current
> > +	 * vCPU state.  CR0.WP is explicitly ignored, while CR0.PG is required.
> > +	 */
> 
> "stuffed into" doesn't really match reality of vmentry, though it works for
> KVM_SET_NESTED_STATE.  What about a more neutral "The NPT format depends on
> L1's CR4 and EFER, which is in vmcb01"?

Ah, true.  Works for me.
diff mbox series

Patch

diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c
index 9f0e7ed672b2..33b2f9337e26 100644
--- a/arch/x86/kvm/svm/nested.c
+++ b/arch/x86/kvm/svm/nested.c
@@ -98,6 +98,12 @@  static void nested_svm_init_mmu_context(struct kvm_vcpu *vcpu)
 	WARN_ON(mmu_is_nested(vcpu));
 
 	vcpu->arch.mmu = &vcpu->arch.guest_mmu;
+
+	/*
+	 * L1's CR4 and EFER are stuffed into vmcb01 by the caller.  Note, when
+	 * called via KVM_SET_NESTED_STATE, that state may _not_ match current
+	 * vCPU state.  CR0.WP is explicitly ignored, while CR0.PG is required.
+	 */
 	kvm_init_shadow_npt_mmu(vcpu, X86_CR0_PG, svm->vmcb01.ptr->save.cr4,
 				svm->vmcb01.ptr->save.efer,
 				svm->nested.ctl.nested_cr3);