Re: [PATCH] KVM: nVMX: Fix CR4 after VMLAUNCH/VMRESUME failure

From: Jim Mattson
Date: Mon Feb 12 2018 - 12:38:07 EST


On Sun, Feb 11, 2018 at 3:56 AM, Wanpeng Li <kernellwp@xxxxxxxxx> wrote:

> Writes 0 to cr3 can't be detected during vmentry checks by hardware.

I never suggested otherwise. I was just trying to explain why you
can't assume that the host CR3 field in the VMCS matches the host CR3
at the time of VMLAUNCH.

KVM is set up for failure, because it loads a bunch of guest state
before checking the validity of all of the control fields. If a
control field in the vmcs12 is invalid, but KVM doesn't recognize this
until after it has loaded guest state, all of the host state that has
been overwritten should be restored. "Restored" does not mean "loaded
from the vmcs12." It means reverted to its state at the time of the
failed VMLAUNCH/VMRESUME.