From: Jan Kiszka <jan.kiszka@web.de>
To: Paolo Bonzini <pbonzini@redhat.com>,
Gleb Natapov <gleb@kernel.org>,
Marcelo Tosatti <mtosatti@redhat.com>
Cc: kvm <kvm@vger.kernel.org>
Subject: [PATCH 05/12] KVM: nVMX: Leave VMX mode on clearing of feature control MSR
Date: Sat, 4 Jan 2014 18:47:19 +0100 [thread overview]
Message-ID: <a339b0288d0fe2ab9be2e1f82f8710e29a82c6db.1388857646.git.jan.kiszka@web.de> (raw)
In-Reply-To: <cover.1388857646.git.jan.kiszka@web.de>
In-Reply-To: <cover.1388857646.git.jan.kiszka@web.de>
From: Jan Kiszka <jan.kiszka@siemens.com>
When userspace sets MSR_IA32_FEATURE_CONTROL to 0, make sure we leave
root and non-root mode, fully disabling VMX. The register state of the
VCPU is undefined after this step, so userspace has to set it to a
proper state afterward.
This enables to reboot a VM while it is running some hypervisor code.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
arch/x86/kvm/vmx.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 9fa8a1c..3edf08f 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2455,6 +2455,8 @@ static int vmx_get_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 *pdata)
return 1;
}
+static void vmx_leave_nested(struct kvm_vcpu *vcpu);
+
static int vmx_set_vmx_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
{
u32 msr_index = msr_info->index;
@@ -2470,6 +2472,8 @@ static int vmx_set_vmx_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
& FEATURE_CONTROL_LOCKED)
return 0;
to_vmx(vcpu)->nested.msr_ia32_feature_control = data;
+ if (host_initialized && data == 0)
+ vmx_leave_nested(vcpu);
return 1;
}
@@ -8507,6 +8511,16 @@ static void nested_vmx_vmexit(struct kvm_vcpu *vcpu)
}
/*
+ * Forcibly leave nested mode in order to be able to reset the VCPU later on.
+ */
+static void vmx_leave_nested(struct kvm_vcpu *vcpu)
+{
+ if (is_guest_mode(vcpu))
+ nested_vmx_vmexit(vcpu);
+ free_nested(to_vmx(vcpu));
+}
+
+/*
* L1's failure to enter L2 is a subset of a normal exit, as explained in
* 23.7 "VM-entry failures during or after loading guest state" (this also
* lists the acceptable exit-reason and exit-qualification parameters).
--
1.8.1.1.298.ge7eed54
next prev parent reply other threads:[~2014-01-04 17:47 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-04 17:47 [PATCH 00/12] KVM: x86: Fixes for debug registers, IA32_APIC_BASE, and nVMX Jan Kiszka
2014-01-04 17:47 ` [PATCH 01/12] KVM: x86: Sync DR7 on KVM_SET_DEBUGREGS Jan Kiszka
2014-01-04 17:47 ` [PATCH 02/12] KVM: SVM: Fix reading of DR6 Jan Kiszka
2014-01-04 17:47 ` [PATCH 03/12] KVM: VMX: Fix DR6 update on #DB exception Jan Kiszka
2014-01-04 17:47 ` [PATCH 04/12] KVM: x86: Validate guest writes to MSR_IA32_APICBASE Jan Kiszka
2014-01-16 14:07 ` Paolo Bonzini
2014-01-16 14:19 ` Jan Kiszka
2014-01-04 17:47 ` Jan Kiszka [this message]
2014-01-04 17:47 ` [PATCH 06/12] KVM: nVMX: Pass vmexit parameters to nested_vmx_vmexit Jan Kiszka
2014-01-04 17:47 ` [PATCH 07/12] KVM: nVMX: Add tracepoints for nested_vmexit and nested_vmexit_inject Jan Kiszka
2014-01-04 17:47 ` [PATCH 08/12] KVM: nVMX: Clean up handling of VMX-related MSRs Jan Kiszka
2014-01-04 17:47 ` [PATCH 09/12] KVM: nVMX: Fix nested_run_pending on activity state HLT Jan Kiszka
2014-01-04 17:47 ` [PATCH 10/12] KVM: nVMX: Update guest activity state field on L2 exits Jan Kiszka
2014-01-05 20:01 ` Paolo Bonzini
2014-01-05 20:16 ` Jan Kiszka
2014-01-04 17:47 ` [PATCH 11/12] KVM: nVMX: Rework interception of IRQs and NMIs Jan Kiszka
2014-01-16 15:08 ` Paolo Bonzini
2014-01-04 17:47 ` [PATCH 12/12] KVM: nVMX: Fully emulate preemption timer Jan Kiszka
2014-01-16 15:08 ` [PATCH 00/12] KVM: x86: Fixes for debug registers, IA32_APIC_BASE, and nVMX Paolo Bonzini
2014-01-16 15:12 ` Jan Kiszka
2014-01-16 15:20 ` Paolo Bonzini
2014-01-16 15:38 ` Jan Kiszka
2014-01-21 15:32 ` Jan Kiszka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a339b0288d0fe2ab9be2e1f82f8710e29a82c6db.1388857646.git.jan.kiszka@web.de \
--to=jan.kiszka@web.de \
--cc=gleb@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.