Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752335AbdLLIjj (ORCPT <rfc822;w@1wt.eu>);
        Tue, 12 Dec 2017 03:39:39 -0500
Received: from mail-ot0-f193.google.com ([74.125.82.193]:38953 "EHLO
        mail-ot0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750749AbdLLIjg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 12 Dec 2017 03:39:36 -0500
X-Google-Smtp-Source: ACJfBovQb6Sy30fVHrArGFNgYnLfRg0KxfRluulcD43wDS1SDlziBLsTzHMA3UPEPgrYKXK5lKvR1Q==
Subject: Re: [PATCH] KVM: VMX: drop I/O permission bitmaps
To: Jim Mattson <jmattson@google.com>
Cc: kvm list <kvm@vger.kernel.org>, LKML <linux-kernel@vger.kernel.org>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        David Hildenbrand <david@redhat.com>
References: <1512728546-4365-1-git-send-email-quan.xu0@gmail.com>
 <CALMp9eSnH5e-0mH0D4YAS2i9RhCvaJmkSkiYbsu-9qGKj_KXxA@mail.gmail.com>
 <4dfe07e2-e70d-0074-af17-9d27e73cc115@gmail.com>
 <CALMp9eS=oC8UiCoj_+V2N6=i5ovwy5WFg9gcFj-PaATYXs+kqQ@mail.gmail.com>
From: Quan Xu <quan.xu0@gmail.com>
Message-ID: <ea0cb128-68c5-87f3-53b0-ad947f92fc7d@gmail.com>
Date: Tue, 12 Dec 2017 16:39:30 +0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <CALMp9eS=oC8UiCoj_+V2N6=i5ovwy5WFg9gcFj-PaATYXs+kqQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2113
Lines: 63



On 2017/12/12 02:08, Jim Mattson wrote:
> Removing these two lines from the initialization of
> field_to_offset_table[] means that vmcs_field_to_offset() will return
> -ENOENT for IO_BITMAP_A or IO_BITMAP_B. Hence, handle_vmread and
> handle_vmwrite will incorrectly report these fields as unsupported
> VMCS components if an L1 hypervisor tries to access them.

I will fix in v2.

Quan
Alibaba Cloud



> On Sun, Dec 10, 2017 at 9:37 PM, Quan Xu <quan.xu0@gmail.com> wrote:
>>
>> On 2017/12/09 01:31, Jim Mattson wrote:
>>> On Fri, Dec 8, 2017 at 2:22 AM, Quan Xu <quan.xu0@gmail.com> wrote:
>>>> From: Quan Xu <quan.xu0@gmail.com>
>>>>
>>>> Since KVM removes the only I/O port 0x80 bypass on Intel hosts,
>>>> clear CPU_BASED_USE_IO_BITMAPS and set CPU_BASED_UNCOND_IO_EXITING
>>>> bit. Then these I/O permission bitmaps are not used at all, so
>>>> drop I/O permission bitmaps.
>>>>
>>>> Signed-off-by: Jim Mattson <jmattson@google.com>
>>>> Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
>>>> Signed-off-by: Quan Xu <quan.xu0@gmail.com>
>>>> ---
>>>>    arch/x86/kvm/vmx.c |   17 +----------------
>>>>    1 files changed, 1 insertions(+), 16 deletions(-)
>>>>
>>>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>>>> index 2fd9a8c..3e4f760 100644
>>>> --- a/arch/x86/kvm/vmx.c
>>>> +++ b/arch/x86/kvm/vmx.c
>>>> @@ -771,8 +771,6 @@ enum segment_cache_field {
>>>>           FIELD(HOST_FS_SELECTOR, host_fs_selector),
>>>>           FIELD(HOST_GS_SELECTOR, host_gs_selector),
>>>>           FIELD(HOST_TR_SELECTOR, host_tr_selector),
>>>> -       FIELD64(IO_BITMAP_A, io_bitmap_a),
>>>> -       FIELD64(IO_BITMAP_B, io_bitmap_b),
>>> These two lines should stay.
>> Jim, could you explain why these two lines should stay?
>>
>>
>> IIUC, the main concern is from  nested virtualization, which still uses
>> io_bitmap_a/io_bitmap_b..
>> if so, we really need to further clean up these code, as
>>
>> CPU_BASED_USE_IO_BITMAPS is clear, and CPU_BASED_UNCOND_IO_EXITING is set
>> for both L0/L2. after new patches which I mentioned
>> in this thread.
>>
>> right?
>>
>> Alibaba Cloud
>> Quan
>>
>>
>>