From mboxrd@z Thu Jan  1 00:00:00 1970
From: Yang Zhang <yang.zhang.wz@gmail.com>
Subject: Re: [PATCH 1/2] KVM: nVMX: fix msr bitmaps to prevent L2 from
 accessing L0 x2APIC
Date: Wed, 10 Aug 2016 13:55:21 +0800
Message-ID: <ce1c4d1d-cb54-e469-f32b-7b054db2a5d6@gmail.com>
References: <20160808181623.12132-1-rkrcmar@redhat.com>
 <20160808181623.12132-2-rkrcmar@redhat.com>
 <a7367ae6-9610-290f-22bd-e5272bdc32ef@gmail.com>
 <20160809122319.GA2607@potion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
	Jim Mattson <jmattson@google.com>,
	Wincy Van <fanwenyi0529@gmail.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Bandan Das <bsd@redhat.com>
To: =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>
Return-path: <linux-kernel-owner@vger.kernel.org>
In-Reply-To: <20160809122319.GA2607@potion>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: kvm.vger.kernel.org

On 2016/8/9 20:23, Radim Krčmář wrote:
> 2016-08-09 17:32+0800, Yang Zhang:
>> On 2016/8/9 2:16, Radim Krčmář wrote:
>>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>>> @@ -6995,16 +6982,21 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
>>>  		return 1;
>>>  	}
>>>
>>> +	if (cpu_has_vmx_msr_bitmap()) {
>>> +		vmx->nested.msr_bitmap =
>>> +				(unsigned long *)__get_free_page(GFP_KERNEL);
>>> +		if (!vmx->nested.msr_bitmap)
>>> +			goto out_msr_bitmap;
>>> +	}
>>> +
>>
>> We export msr_bitmap to guest even it is not supported by hardware. So we
>> need to allocate msr_bitmap for L1 unconditionally.
>
> We do emulate the feature, but the vmx->nested.msr_bitmap is used only
> if VMX supports it to avoid some VM exits:
>
>>> @@ -9957,10 +9938,10 @@ static void prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12)
>>>  	}
>>>
>>>  	if (cpu_has_vmx_msr_bitmap() &&
>>> -	    exec_control & CPU_BASED_USE_MSR_BITMAPS) {
>>> -		nested_vmx_merge_msr_bitmap(vcpu, vmcs12);
>>> -		/* MSR_BITMAP will be set by following vmx_set_efer. */
>>> -	} else
>>> +	    exec_control & CPU_BASED_USE_MSR_BITMAPS &&
>>> +	    nested_vmx_merge_msr_bitmap(vcpu, vmcs12))
>>> +		; /* MSR_BITMAP will be set by following vmx_set_efer. */
>>> +	else
>>>  		exec_control &= ~CPU_BASED_USE_MSR_BITMAPS;
>
> The else branch is taken if !cpu_has_vmx_msr_bitmap() and disables msr
> bitmaps.  Similar check for vmx_set_msr_bitmap(), so the NULL doesn't
> even get written to VMCS.
>
> KVM always uses L1's msr bitmaps when emulating the feature.
>

Yes, you are right. I forget the bitmap only used by hardware.:(

-- 
Yang
Alibaba Cloud Computing