From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Nadav Har'El" <nyh@math.technion.ac.il>
Subject: Re: [PATCH 21/31] nVMX: vmcs12 checks on nested entry
Date: Wed, 25 May 2011 08:38:01 +0300
Message-ID: <20110525053801.GA7207@fermat.math.technion.ac.il>
References: <1305575004-nyh@il.ibm.com> <201105161954.p4GJseNX001963@rice.haifa.ibm.com> <625BA99ED14B2D499DC4E29D8138F1505C9BFA377E@shsmsx502.ccr.corp.intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	"gleb@redhat.com" <gleb@redhat.com>,
	"avi@redhat.com" <avi@redhat.com>
To: "Tian, Kevin" <kevin.tian@intel.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mailgw12.technion.ac.il ([132.68.225.12]:31548 "EHLO
	mailgw12.technion.ac.il" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752529Ab1EYFiJ (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 25 May 2011 01:38:09 -0400
Content-Disposition: inline
In-Reply-To: <625BA99ED14B2D499DC4E29D8138F1505C9BFA377E@shsmsx502.ccr.corp.intel.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Wed, May 25, 2011, Tian, Kevin wrote about "RE: [PATCH 21/31] nVMX: vmcs12 checks on nested entry":
> > +	if (vmcs12->launch_state == launch) {
> > +		nested_vmx_failValid(vcpu,
> > +			launch ? VMXERR_VMLAUNCH_NONCLEAR_VMCS
> > +			       : VMXERR_VMRESUME_NONLAUNCHED_VMCS);
> > +		return 1;
> > +	}
> 
> from SDM:
> 	ELSIF (VMLAUNCH and launch state of current VMCS is not "clear")
> 		THEN VMfailValid(VMLAUNCH with non-clear VMCS);
> 	ELSIF (VMRESUME and launch state of current VMCS is not "launched")
> 		THEN VMfailValid(VMRESUME with non-launched VMCS);
> 
> So it's legal to use VMLAUNCH on a launched VMCS. However here you
> changes this behavior. On the other hand, do you want to add a 'clear' state
> along with L1 VMCLEAR to catch the failure here?

I don't understand: I always understood the spec to mean that "clear" and
"launched" the two opposite states of the "launch state" bit? If it isn't,
what does "clear" mean?

Is it really "legal to use a VMLAUNCH on a launched VMCS"?
If it is, why does KVM, for example, go to great lengths to VMLAUNCH the
first time, and VMRESUME all subsequent times?

-- 
Nadav Har'El                        |    Wednesday, May 25 2011, 21 Iyyar 5771
nyh@math.technion.ac.il             |-----------------------------------------
Phone +972-523-790466, ICQ 13349191 |If a million Shakespeares tried to write
http://nadav.harel.org.il           |together, they would write like a monkey.