Re: [PATCH V2 3/5] KVM/VMX: Add identical ept table pointer check

From: Paolo Bonzini
Date: Wed Jul 18 2018 - 07:59:15 EST

Next message: Matthew Wilcox: "Re: linux-next: build failure after merge of the ida tree"
Previous message: Joerg Roedel: "Re: [PATCH 10/39] x86/entry/32: Handle Entry from Kernel-Mode on Entry-Stack"
Next in thread: Tianyu Lan: "Re: [PATCH V2 3/5] KVM/VMX: Add identical ept table pointer check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09/07/2018 11:02, Tianyu Lan wrote:
> +static void check_ept_pointer(struct kvm_vcpu *vcpu, u64 eptp)
> +{
> + struct kvm *kvm = vcpu->kvm;
> + u64 tmp_eptp = INVALID_PAGE;
> + int i;
> +
> + if (!kvm_x86_ops->tlb_remote_flush)
> + return;
> +
> + spin_lock(&to_kvm_vmx(kvm)->ept_pointer_lock);
> + to_vmx(vcpu)->ept_pointer = eptp;
> +
> + kvm_for_each_vcpu(i, vcpu, kvm) {
> + if (!VALID_PAGE(tmp_eptp)) {
> + tmp_eptp = to_vmx(vcpu)->ept_pointer;
> + } else if (tmp_eptp != to_vmx(vcpu)->ept_pointer) {
> + to_kvm_vmx(kvm)->ept_pointers_match = false;
> + spin_unlock(&to_kvm_vmx(kvm)->ept_pointer_lock);
> + return;
> + }
> + }
> +
> + to_kvm_vmx(kvm)->ept_pointers_match = true;
> + spin_unlock(&to_kvm_vmx(kvm)->ept_pointer_lock);
> +}
> +

Is there any reason to do the check here, rather than the first time the
TLB flush is invoked? You could:

- have a tristate (true, false, check) value for ept_pointers_match

- reset it to "check" in vmx_set_cr3

- set it to either true or false in tlb_remote_flush if it is check, and
do the hypercall if it is true.

Paolo

Next message: Matthew Wilcox: "Re: linux-next: build failure after merge of the ida tree"
Previous message: Joerg Roedel: "Re: [PATCH 10/39] x86/entry/32: Handle Entry from Kernel-Mode on Entry-Stack"
Next in thread: Tianyu Lan: "Re: [PATCH V2 3/5] KVM/VMX: Add identical ept table pointer check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]