From: Abel Gordon Date: Thu, 18 Apr 2013 11:39:55 +0000 (+0300) Subject: KVM: nVMX: Enable and disable shadow vmcs functionality X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=8a1b9dd0006bce5cc770fd80bc95f9916670c151;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git KVM: nVMX: Enable and disable shadow vmcs functionality Once L1 loads VMCS12 we enable shadow-vmcs capability and copy all the VMCS12 shadowed fields to the shadow vmcs. When we release the VMCS12, we also disable shadow-vmcs capability. Signed-off-by: Abel Gordon Reviewed-by: Orit Wasserman Signed-off-by: Gleb Natapov --- diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index c5baecc37c98..6abce2d5d18e 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -5616,12 +5616,17 @@ static int nested_vmx_check_permission(struct kvm_vcpu *vcpu) static inline void nested_release_vmcs12(struct vcpu_vmx *vmx) { + u32 exec_control; if (enable_shadow_vmcs) { if (vmx->nested.current_vmcs12 != NULL) { /* copy to memory all shadowed fields in case they were modified */ copy_shadow_to_vmcs12(vmx); vmx->nested.sync_shadow_vmcs = false; + exec_control = vmcs_read32(SECONDARY_VM_EXEC_CONTROL); + exec_control &= ~SECONDARY_EXEC_SHADOW_VMCS; + vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control); + vmcs_write64(VMCS_LINK_POINTER, -1ull); } } kunmap(vmx->nested.current_vmcs12_page); @@ -6110,6 +6115,7 @@ static int handle_vmptrld(struct kvm_vcpu *vcpu) gva_t gva; gpa_t vmptr; struct x86_exception e; + u32 exec_control; if (!nested_vmx_check_permission(vcpu)) return 1; @@ -6155,6 +6161,11 @@ static int handle_vmptrld(struct kvm_vcpu *vcpu) vmx->nested.current_vmcs12 = new_vmcs12; vmx->nested.current_vmcs12_page = page; if (enable_shadow_vmcs) { + exec_control = vmcs_read32(SECONDARY_VM_EXEC_CONTROL); + exec_control |= SECONDARY_EXEC_SHADOW_VMCS; + vmcs_write32(SECONDARY_VM_EXEC_CONTROL, exec_control); + vmcs_write64(VMCS_LINK_POINTER, + __pa(vmx->nested.current_shadow_vmcs)); vmx->nested.sync_shadow_vmcs = true; } }