Re: [PATCH 08/12] KVM: nSVM: Use KVM-governed feature framework to track "vVM{SAVE,LOAD} enabled"
From: Yu Zhang
Date: Fri Jun 30 2023 - 06:00:05 EST
On Thu, Jun 29, 2023 at 09:50:34AM -0700, Sean Christopherson wrote:
> On Wed, Feb 22, 2023, Sean Christopherson wrote:
> > +Maxim
> >
> > On Wed, Feb 22, 2023, Yu Zhang wrote:
> > I'll opportunistically massage the comment to make it more explicit about why
> > VMLOAD needs to be intercepted.
> >
> > That said, clearing the bits for this seems wrong. That would corrupt the MSRs
> > for 64-bit Intel guests. The "target" of the fix was 32-bit L2s, i.e. I doubt
> > anything would notice.
> >
> > This patch fixes nested migration of 32 bit nested guests, that was
> > broken because incorrect cached values of SYSENTER msrs were stored in
> > the migration stream if L1 changed these msrs with
> > vmload prior to L2 entry.
>
> Aha! Finally figured out what this code is doing. KVM intercepts VMLOAD so that
> KVM can correctly model the VMLOAD behavior of dropping bits 63:32, i.e. to clear
> svm->sysenter_eip_hi and svm->sysenter_esp_hi.
>
> So the code is correct. I'll add this comment:
>
> /*
> * Intercept VMLOAD if the vCPU mode is Intel in order to emulate that
> * VMLOAD drops bits 63:32 of SYSENTER (ignoring the fact that exposing
> * SVM on Intel is bonkers and extremely unlikely to work).
> */
>
Oh.. Because L2 will never be a 64-bit Intel guest, and the emulation of vmload
shall follow APM's requirement(to clear the upper 32 bits)?
Thanks a lot for bring me back to this discussion... I totally forgot it. :)
B.R.
Yu
Thanks a lot for this explanation, Sean!