From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paolo Bonzini Subject: Re: [PATCH v3 07/13] nEPT: Fix wrong test in kvm_set_cr3 Date: Mon, 20 May 2013 15:17:58 +0200 Message-ID: <519A2286.4000003@redhat.com> References: <1368939152-11406-1-git-send-email-jun.nakajima@intel.com> <1368939152-11406-7-git-send-email-jun.nakajima@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Cc: kvm@vger.kernel.org, Gleb Natapov To: Jun Nakajima Return-path: Received: from mx1.redhat.com ([209.132.183.28]:55467 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752710Ab3ETNSJ (ORCPT ); Mon, 20 May 2013 09:18:09 -0400 In-Reply-To: <1368939152-11406-7-git-send-email-jun.nakajima@intel.com> Sender: kvm-owner@vger.kernel.org List-ID: Il 19/05/2013 06:52, Jun Nakajima ha scritto: > From: Nadav Har'El > > kvm_set_cr3() attempts to check if the new cr3 is a valid guest physical > address. The problem is that with nested EPT, cr3 is an *L2* physical > address, not an L1 physical address as this test expects. > > As the comment above this test explains, it isn't necessary, and doesn't > correspond to anything a real processor would do. So this patch removes it. > > Note that this wrong test could have also theoretically caused problems > in nested NPT, not just in nested EPT. However, in practice, the problem > was avoided: nested_svm_vmexit()/vmrun() do not call kvm_set_cr3 in the > nested NPT case, and instead set the vmcb (and arch.cr3) directly, thus > circumventing the problem. Additional potential calls to the buggy function > are avoided in that we don't trap cr3 modifications when nested NPT is > enabled. However, because in nested VMX we did want to use kvm_set_cr3() > (as requested in Avi Kivity's review of the original nested VMX patches), > we can't avoid this problem and need to fix it Makes sense, but did you test what happens (without nesting, and both with/without EPT) if L1 points CR3 at an invalid physical address? Does a basic level of sanity remain? Paolo