Re: [PATCH 3/3] KVM: nVM: Ensure INVVPID is emulated on the correct physical CPU

Next message: Ahmad Fatoum: "Re: [PATCH] usb: typec: add trace point for typec_set_mode"
Previous message: sakari.ailus@xxxxxxxxxxxxxxx: "Re: [PATCH v3 2/3] media: i2c: add os02g10 image sensor driver"
In reply to: Yosry Ahmed: "[PATCH 3/3] KVM: nVM: Ensure INVVPID is emulated on the correct physical CPU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Huang, Kai

Date: Thu Jun 18 2026 - 07:01:22 EST

On Tue, 2026-06-16 at 21:46 +0000, Yosry Ahmed wrote:
> When emulating INVVPID, KVM executes INVVPID on the physical CPU using
> vpid02 (instead of the L1 assigned VPID), after doing some validations
> on the operands. However, it is possible that the physical CPU KVM
> executes INVVPID on is different from the CPU L2 is running on.
>
> For example, in the following scenario:
> - L2 runs on CPU #1 and exits to L1 (vmx->nested.vmcs02.cpu=1)
> - L1 migrates to CPU #2 and executes INVVPID
> - KVM executes INVVPID on CPU #2
> - L1 migrates back to CPU #1 and runs L2 (vmx->nested.vmcs02.cpu=1)
>
> The TLB entries on CPU #1 are never invalidated, because INVVPID was
> executed on CPU #2, and vmcs02 never ran on a different pCPU (i.e.
> vmx_vcpu_load_vmcs() will *not* request KVM_REQ_TLB_FLUSH).
>
> Ensure that INVVPID is being executed on the same pCPU that L2 last ran
> on, and if not, fallback to clearing last_vpid=0 to trigger a full VPID
> flush on the next nested VM-Enter (as KVM will detect L1 using a
> different VPID for L2). If L2 ends up running on a different pCPU, KVM
> will flush the TLB anyway through vmx_vcpu_load_vmcs().
>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Yosry Ahmed <yosry@xxxxxxxxxx>
>

Reviewed-by: Kai Huang <kai.huang@xxxxxxxxx>