Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp4778568rwe; Tue, 30 Aug 2022 17:18:33 -0700 (PDT) X-Google-Smtp-Source: AA6agR7IBhBR/bWzG3uGXKKXfER2BUZ3HTH2MN3WLUN7gcWpSFvfaOft1TA0uQV5gJ+9IDpXFcBN X-Received: by 2002:a65:680f:0:b0:42b:e186:8f3f with SMTP id l15-20020a65680f000000b0042be1868f3fmr11766590pgt.124.1661905112877; Tue, 30 Aug 2022 17:18:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661905112; cv=none; d=google.com; s=arc-20160816; b=rXcinIBsInyjC6h0IBr6J5ofiqKKCa/lprtlhgW9jjthXYTTVBHkGsa+76P/Jv5zLg f4rwpgdzZn3zYW3sJfLlBCzN3BPHvBTCTAHM9Q2lS3BJSBQb50Lo+CvUsW1xxguDPw8c Oz1GdUkq1UT8PMJgBLPAtxYcskjYYkxMKk0Hh49+ev+MykJyAGDf5UATUjIQ2eDmonxA EfSKRLnQ6kAOuZHcYx0vxLK+ztItyzjhlwDZzaHnF//iUNwPDWQ3aBXAPiJlxg0zkEGt N3A0rNj3GuBMe1HBEZEPQQHtVs824pmKZOs8Vh2h5D5dFjC+aWoXU27m3cf7xEEkGTCN iudg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date :reply-to:dkim-signature; bh=ibGBauM7dB+b2q4t6hN7wBjsjDMwsLdLonLhHf6UFbI=; b=rp1xzuBbGO0a79tyA1ZrKC4x1iRfYSSr3vOgbT+b8sqEoGDnhfcF0+rHM4CpweH7qU MNiLeWF4L+A/BPFvB0ILYAlxqkIli96AjrmGGfFHftQ7txc4t6MhiE+F2AAzFpPwmmUZ jgDM96x3cun35mBJmRtuD6qNi/BbgRAbvc67NtuxybC6n+zdn/Az919k/c6QCEclITgl P+cN+NQJfCC8L2XlRyg33PLDZ9fVWtZyCiH0AVA5zkBDy4T61yIW+5y+BXtzXUc5mjAo taJPsTr/AoPFRYZPrei/rFl3lCd/9Iq54+Ipfjw2SqJuhaOs10QX8osuhGETj/ZgyohP Lbqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="j/esEMEE"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l7-20020a170903120700b0016ed87fd1efsi1834341plh.467.2022.08.30.17.18.21; Tue, 30 Aug 2022 17:18:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="j/esEMEE"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230510AbiHaAH0 (ORCPT + 99 others); Tue, 30 Aug 2022 20:07:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43948 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229740AbiHaAHZ (ORCPT ); Tue, 30 Aug 2022 20:07:25 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6C1867F0A6 for ; Tue, 30 Aug 2022 17:07:24 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id q14-20020a6557ce000000b0041da9c3c244so6236960pgr.22 for ; Tue, 30 Aug 2022 17:07:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc; bh=ibGBauM7dB+b2q4t6hN7wBjsjDMwsLdLonLhHf6UFbI=; b=j/esEMEECs5PPWq+WEOufYXO0eWpHu6bcK/vZ9znIN1jActMDhRPM6oJZLrwYix5uW KnmP4wBkp62lRCHYn9fyUENvwf7oKtUJCs71aKfIPTtw5m+0p8s7M0jKYzNjFBhZzkzr nivtj2rGjoN89JIkZ8PWVRIT5MvNonhnZgcG2NjQ2RkavzqN8N83E6oSIp6sC3+J2IFR SATvMwTEtF3kXRNlbONjHLcai/Qo/sF7v5D94IhiRTaI5/kuGpjwTljuGaxD+g6hYc3b vrsxL/ks2TVT/oPkRDalO98uttR7zPQm8NozQJMsCYAHuQp/DRUWC5HV+RRD75AirGrG VvpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:reply-to :x-gm-message-state:from:to:cc; bh=ibGBauM7dB+b2q4t6hN7wBjsjDMwsLdLonLhHf6UFbI=; b=wXz5PUpUu3Twm0m8mAPoPiom5+VMtck5vWPpWRNqCFh/GnjMdtIJampEAeSRpgL6es 8aiCTbYeWmySxB/BoaOGvAxutdIrRLt5vd3LPxjpF82g9rCJDLU8ehcWDUeOdPkDv67G p38U62lR7YdK8wFxJl2Nyet2FqDryYy0KusvS6yuHbLrzTR4g2QJGqx1oDS1OPtYm+x6 5uDqDe+3grKSHgvZsVNcp0GNirXNCcziHSutpYXcWIGnvI+RkV2zK09qIWu2JnousFGD PlRAp1+ih+VL/7P87yIbgfzSlGL/gSdOEl5oRZqDLtSAOGGzAcN/W+ambhXJpEELVVJd lxZQ== X-Gm-Message-State: ACgBeo2ALkShezrgHtZYmSfbNIxPdJTxyY7/m23BQQakbRSIL8qjIrsa H7q45oivU3aU+/oqPawZU8PosLUxuN0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:1b66:b0:1fa:bbb5:8a5 with SMTP id q93-20020a17090a1b6600b001fabbb508a5mr530364pjq.216.1661904443892; Tue, 30 Aug 2022 17:07:23 -0700 (PDT) Reply-To: Sean Christopherson Date: Wed, 31 Aug 2022 00:07:21 +0000 Mime-Version: 1.0 X-Mailer: git-send-email 2.37.2.672.g94769d06f0-goog Message-ID: <20220831000721.4066617-1-seanjc@google.com> Subject: [PATCH] KVM: nVMX: Reword comments about generating nested CR0/4 read shadows From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Jason Wang Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Reword the comments that (attempt to) document nVMX's overrides of the CR0/4 read shadows for L2 after calling vmx_set_cr0/4(). The important behavior that needs to be documented is that KVM needs to override the shadows to account for L1's masks even though the shadows are set by the common helpers (and that setting the shadows first would result in the correct shadows being clobbered). This also fixes a repeated "we we" reported by Jason. Cc: Jason Wang Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 9 +++------ arch/x86/kvm/vmx/nested.h | 7 ++++--- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index ddd4367d4826..12f57a99f725 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2566,12 +2566,9 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12, nested_ept_init_mmu_context(vcpu); /* - * This sets GUEST_CR0 to vmcs12->guest_cr0, possibly modifying those - * bits which we consider mandatory enabled. - * The CR0_READ_SHADOW is what L2 should have expected to read given - * the specifications by L1; It's not enough to take - * vmcs12->cr0_read_shadow because on our cr0_guest_host_mask we we - * have more bits than L1 expected. + * Override the CR0/CR4 read shadows after setting the effective guest + * CR0/CR4. The common helpers also set the shadows, but they don't + * account for vmcs12's cr0/4_guest_host_mask. */ vmx_set_cr0(vcpu, vmcs12->guest_cr0); vmcs_writel(CR0_READ_SHADOW, nested_read_cr0(vmcs12)); diff --git a/arch/x86/kvm/vmx/nested.h b/arch/x86/kvm/vmx/nested.h index 88b00a7359e4..8b700ab4baea 100644 --- a/arch/x86/kvm/vmx/nested.h +++ b/arch/x86/kvm/vmx/nested.h @@ -79,9 +79,10 @@ static inline bool nested_ept_ad_enabled(struct kvm_vcpu *vcpu) } /* - * Return the cr0 value that a nested guest would read. This is a combination - * of the real cr0 used to run the guest (guest_cr0), and the bits shadowed by - * its hypervisor (cr0_read_shadow). + * Return the cr0/4 value that a nested guest would read. This is a combination + * of L1's "real" cr0 used to run the guest (guest_cr0), and the bits shadowed + * by the L1 hypervisor (cr0_read_shadow). KVM must emulate CPU behavior as + * the value+mask loaded into vmcs02 may not match the vmcs12 fields. */ static inline unsigned long nested_read_cr0(struct vmcs12 *fields) { base-commit: 372d07084593dc7a399bf9bee815711b1fb1bcf2 -- 2.37.2.672.g94769d06f0-goog