From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Dong, Eddie" <eddie.dong@intel.com>
Subject: RE: [PATCH 8/24] Hold a vmcs02 for each vmcs12
Date: Tue, 6 Jul 2010 17:50:26 +0800
Message-ID: <1A42CE6F5F474C41B63392A5F80372B21F67B76C@shsmsx501.ccr.corp.intel.com>
References: <1276431753-nyh@il.ibm.com>
 <201006131226.o5DCQebV012952@rice.haifa.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 8BIT
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	"Dong, Eddie" <eddie.dong@intel.com>
To: Nadav Har'El <nyh@il.ibm.com>, "avi@redhat.com" <avi@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mga02.intel.com ([134.134.136.20]:30043 "EHLO mga02.intel.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751038Ab0GFJxu convert rfc822-to-8bit (ORCPT
	<rfc822;kvm@vger.kernel.org>); Tue, 6 Jul 2010 05:53:50 -0400
In-Reply-To: <201006131226.o5DCQebV012952@rice.haifa.ibm.com>
Content-Language: en-US
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

> +/* Allocate an L0 VMCS (vmcs02) for the current L1 VMCS (vmcs12), if
> one + * does not already exist. The allocation is done in L0 memory,
> so to avoid + * denial-of-service attack by guests, we limit the
> number of concurrently- + * allocated vmcss. A well-behaving L1 will
> VMCLEAR unused vmcs12s and not + * trigger this limit.
> + */
> +static const int NESTED_MAX_VMCS = 256;
> +static int nested_create_current_vmcs(struct kvm_vcpu *vcpu)
> +{
> +	struct vmcs_list *new_l2_guest;
> +	struct vmcs *l2_vmcs;
> +
> +	if (nested_get_current_vmcs(vcpu))
> +		return 0; /* nothing to do - we already have a VMCS */
> +
> +	if (to_vmx(vcpu)->nested.l2_vmcs_num >= NESTED_MAX_VMCS)
> +		return -ENOMEM;
> +
> +	new_l2_guest = (struct vmcs_list *)
> +		kmalloc(sizeof(struct vmcs_list), GFP_KERNEL);
> +	if (!new_l2_guest)
> +		return -ENOMEM;
> +
> +	l2_vmcs = alloc_vmcs();

I didn't see where it was used. Hints on the usage?

> +	if (!l2_vmcs) {
> +		kfree(new_l2_guest);
> +		return -ENOMEM;
> +	}
> +
> +	new_l2_guest->vmcs_addr = to_vmx(vcpu)->nested.current_vmptr;
> +	new_l2_guest->l2_vmcs = l2_vmcs;
> +	list_add(&(new_l2_guest->list),
> &(to_vmx(vcpu)->nested.l2_vmcs_list));
> +	to_vmx(vcpu)->nested.l2_vmcs_num++; +	return 0;
> +}
> +