In the cases where vmcbs change processors from one vmrun to another updated
information in the vmcb from a prior run can potentially be lost. By tracking
the physical cpu and asid_generation per vmcb instead of svm->vcpu the following
scenario illustrated by Paolo can be avoided.
--------------------- ---------------------
pCPU 1 pCPU 2
--------------------- ---------------------
run VMCB02
run VMCB02 (*)
run VMCB01
run VMCB01 (**)
run VMCB02 (***)
--------------------- ---------------------
After the point marked (*), while L2 runs, some fields change in VMCB02.
When the processor vmexits back to L0, VMCB02 is marked clean.
At the point marked (**), svm->vcpu.cpu becomes 1 again.
Therefore, at the point marked (***) you will get svm->vcpu.cpu == cpu
and the VMCB02 will not be marked dirty. The processor can then
incorrectly
use some data that is cached from before point (*).
Theses patches are intended for the kvm nested-svm branch.
The patches have been tested on nested fedora VMs, kvm self tests, and
kvm-unit-tests.
They have not been tested on SEV.
Changes v1 -> v2:
- Remove outdated comment from svm_switch_vmcb().
Cathy Avery (2):
KVM: nSVM: Track the physical cpu of the vmcb vmrun through the vmcb
KVM: nSVM: Track the ASID generation of the vmcb vmrun through the
vmcb
arch/x86/kvm/svm/svm.c | 40 ++++++++++++++++++++--------------------
arch/x86/kvm/svm/svm.h | 3 ++-
2 files changed, 22 insertions(+), 21 deletions(-)
--
2.20.1
