From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Dong, Eddie" Subject: RE: [PATCH 06/16] vmx: nest: handling VMX instruction exits Date: Mon, 13 Sep 2010 22:29:37 +0800 Message-ID: <1A42CE6F5F474C41B63392A5F80372B22A8C1552@shsmsx501.ccr.corp.intel.com> References: <1283959344-3837-1-git-send-email-qing.he@intel.com> <1283959344-3837-7-git-send-email-qing.he@intel.com> <1A42CE6F5F474C41B63392A5F80372B22A86D1F9@shsmsx501.ccr.corp.intel.com> <20100913111130.GE3844@whitby.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Return-path: In-Reply-To: <20100913111130.GE3844@whitby.uk.xensource.com> Content-Language: en-US List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Tim Deegan Cc: "xen-devel@lists.xensource.com" , "Dong, Eddie" , "He, Qing" List-Id: xen-devel@lists.xenproject.org Tim Deegan wrote: > At 08:05 +0100 on 10 Sep (1284105901), Dong, Eddie wrote: >> Qing He wrote: >>> +static int __clear_current_vvmcs(struct vmx_nest_struct *nest) +{ >>> + int rc; >>> + >>> + if ( nest->svmcs ) >>> + __vmpclear(virt_to_maddr(nest->svmcs)); >>> + >>> +#if !CONFIG_VVMCS_MAPPING >>> + rc =3D hvm_copy_to_guest_phys(nest->gvmcs_pa, nest->vvmcs, >>=20 >>=20 >> Qing: >> Why this may be failure? The only reason may be nest->gvmcs_pa, but >> I guess we already verified the address.=20 >>=20 >=20 > It was verified at load time, but the guest could have ballooned it > out in the meantime. If the L1 guest allocated that GPA as VMCS memory, it can't balloon them ou= t. If L1 is a mallicious guest and ballooned the VMCS memory out, it is worthy= to do. Not? >=20 > Cheers, >=20 Thx, Eddie=