KVM: nVMX: Assume TLB entries of L1 and L2 are tagged differently if L0 use EPT

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Since commit 1313cc2bd8f6 ("kvm: mmu: Add guest_mode to kvm_mmu_page_role"),
guest_mode was added to mmu-role and therefore if L0 use EPT, it will
always run L1 and L2 with different EPTP. i.e. EPTP01!=EPTP02.

Because TLB entries are tagged with EP4TA, KVM can assume
TLB entries populated while running L2 are tagged differently
than TLB entries populated while running L1.

Therefore, update nested_has_guest_tlb_tag() to consider if
L0 use EPT instead of if L1 use EPT.

Reviewed-by: Joao Martins <joao.m.martins@oracle.com>
Reviewed-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Signed-off-by: Liran Alon <liran.alon@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

authored by

Liran Alon and committed by

Paolo Bonzini 6 years ago 992edeae 5637f60b

+4 -2

1 changed file

expand all

arch

x86

kvm

vmx

nested.c

+4 -2

arch/x86/kvm/vmx/nested.c

··· 1126 1126 * populated by L2 differently than TLB entries populated 1127 1127 * by L1. 1128 1128 * 1129 - * If L1 uses EPT, then TLB entries are tagged with different EPTP. 1129 + * If L0 uses EPT, L1 and L2 run with different EPTP because 1130 + * guest_mode is part of kvm_mmu_page_role. Thus, TLB entries 1131 + * are tagged with different EPTP. 1130 1132 * 1131 1133 * If L1 uses VPID and we allocated a vpid02, TLB entries are tagged 1132 1134 * with different VPID (L1 entries are tagged with vmx->vpid ··· 1138 1136 { 1139 1137 struct vmcs12 *vmcs12 = get_vmcs12(vcpu); 1140 1138 1141 - return nested_cpu_has_ept(vmcs12) || 1139 + return enable_ept || 1142 1140 (nested_cpu_has_vpid(vmcs12) && to_vmx(vcpu)->nested.vpid02); 1143 1141 } 1144 1142