Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753143AbdHDPBN (ORCPT ); Fri, 4 Aug 2017 11:01:13 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41112 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753115AbdHDPBL (ORCPT ); Fri, 4 Aug 2017 11:01:11 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com DA275793F9 Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=david@redhat.com Subject: Re: [PATCH v7 0/3] Expose VMFUNC to the nested hypervisor To: Bandan Das , kvm@vger.kernel.org Cc: pbonzini@redhat.com, rkrcmar@redhat.com, jmattson@google.com, linux-kernel@vger.kernel.org References: <20170803195443.24911-1-bsd@redhat.com> From: David Hildenbrand Organization: Red Hat GmbH Message-ID: <03583ab4-49e3-3955-3895-aff54e579d7e@redhat.com> Date: Fri, 4 Aug 2017 17:00:36 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170803195443.24911-1-bsd@redhat.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Fri, 04 Aug 2017 15:01:11 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2462 Lines: 74 On 03.08.2017 21:54, Bandan Das wrote: > v7: > 3/3: > Fix check for AD > Use kvm_vcpu_read_guest_page() > > v6: > https://lkml.org/lkml/2017/8/1/1015 > 3/3: > Fix check for memory type in address > Change check function name as requested in the review > Move setting of mmu->ept_ad to after calling mmu_unload > and also reset base_role.ad_disabled appropriately > Replace IS_ALIGN with page_address_valid() > > v5: > https://lkml.org/lkml/2017/7/28/621 > 1/3 and 2/3 are unchanged but some changes in 3/3. I left > the mmu_load failure path untouched because I am not sure what's > the right thing to do here. > 3/3: > Move the eptp switching logic to a different function > Add check for EPTP_ADDRESS in check_vmentry_prereq > Add check for validity of ept pointer > Check if AD bit is set and set ept_ad > Add TODO item about mmu_unload failure > > v4: > https://lkml.org/lkml/2017/7/10/705 > 2/3: Use WARN_ONCE to avoid logging dos > > v3: > https://lkml.org/lkml/2017/7/10/684 > 3/3: Add missing nested_release_page_clean() and check the > eptp as mentioned in SDM 24.6.14 > > v2: > https://lkml.org/lkml/2017/7/6/813 > 1/3: Patch to enable vmfunc on the host but cause a #UD if > L1 tries to use it directly. (new) > 2/3: Expose vmfunc to the nested hypervisor, but no vm functions > are exposed and L0 emulates a vmfunc vmexit to L1. > 3/3: Force a vmfunc vmexit when L2 tries to use vmfunc and emulate > eptp switching. Unconditionally expose EPTP switching to the > L1 hypervisor since L0 fakes eptp switching via a mmu reload. > > These patches expose eptp switching/vmfunc to the nested hypervisor. > vmfunc is enabled in the secondary controls for the host and is > exposed to the nested hypervisor. However, if the nested hypervisor > decides to use eptp switching, L0 emulates it. > > v1: > https://lkml.org/lkml/2017/6/29/958 > > Bandan Das (3): > KVM: vmx: Enable VMFUNCs > KVM: nVMX: Enable VMFUNC for the L1 hypervisor > KVM: nVMX: Emulate EPTP switching for the L1 hypervisor > > arch/x86/include/asm/vmx.h | 9 +++ > arch/x86/kvm/vmx.c | 185 ++++++++++++++++++++++++++++++++++++++++++++- > 2 files changed, 192 insertions(+), 2 deletions(-) > Acked-by: David Hildenbrand (not 100% confident for a r-b, not because of your patches but because of the involved complexity (flushes, MMU ...)) -- Thanks, David