Re: [PATCH 1/2] KVM: SVM: Check for nested vmrun intercept beforeemulating vmrun
From: Avi Kivity
Date: Tue Aug 03 2010 - 04:16:48 EST
On 08/02/2010 11:33 PM, Joerg Roedel wrote:
On Mon, Aug 02, 2010 at 06:18:09PM +0300, Avi Kivity wrote:
On 08/02/2010 05:46 PM, Joerg Roedel wrote:
This patch lets the nested vmrun fail if the L1 hypervisor
has not intercepted vmrun. This fixes the "vmrun intercept
check" unit test.
+
static bool nested_svm_vmrun(struct vcpu_svm *svm)
{
struct vmcb *nested_vmcb;
@@ -2029,6 +2037,17 @@ static bool nested_svm_vmrun(struct vcpu_svm *svm)
if (!nested_vmcb)
return false;
+ if (!nested_vmcb_checks(nested_vmcb)) {
+ nested_vmcb->control.exit_code = SVM_EXIT_ERR;
+ nested_vmcb->control.exit_code_hi = 0;
+ nested_vmcb->control.exit_info_1 = 0;
+ nested_vmcb->control.exit_info_2 = 0;
+
+ nested_svm_unmap(page);
+
+ return false;
+ }
+
Don't you have to transfer an injected event to exitintinfo?
APM2 seems to be quiet about this.
Well, my copy says
The VMRUN instruction then checks the guest state just loaded. If an
illegal state has been loaded, the
processor exits back to the host (see “#VMEXIT” on page 374).
This matches "illegal state" and "#VMEXIT" but doesn't match "guest state".
I just tried it out and event_inj
still contains the event after a failed vmrun on real hardware. This
makes sense because this is no real vmexit because the vm was never
entered.
Okay; will apply the patches.
--
error compiling committee.c: too many arguments to function
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/