Nested SVM: fix race in remote shootdown.

nestedhvm_flushtlb_ipi() can run between nsvm_vcpu_switch() and CLGI,
which would leave the VMCB pointing at the wrong p2m table.
Check for this after CLGI.

Signed-off-by: Tim Deegan <Tim.Deegan@citrix.com>

diff --git a/xen/arch/x86/hvm/svm/entry.S b/xen/arch/x86/hvm/svm/entry.S
index af9d3e8fad028a528fdaf88796f47b8e34156844..9e124fc6aff84205fca42e6937ba298adbd19cb2 100644 (file)
--- a/xen/arch/x86/hvm/svm/entry.S
+++ b/xen/arch/x86/hvm/svm/entry.S
@@ -65,6 +65,12 @@ ENTRY(svm_asm_do_resume)
         testl $~0,(r(dx),r(ax),1)
         jnz  .Lsvm_process_softirqs
 
+        mov  VCPU_nhvm_p2m(r(bx)),r(ax)
+        test r(ax),r(ax)
+        sete %al
+        andb VCPU_nhvm_guestmode(r(bx)),%al
+        jnz  .Lsvm_nsvm_no_p2m
+
         call svm_asid_handle_vmrun
 
         cmpb $0,addr_of(tb_init_done)
@@ -174,3 +180,9 @@ svm_stgi_label:
 .Lsvm_trace:
         call svm_trace_vmentry
         jmp  .Lsvm_trace_done
+
+.Lsvm_nsvm_no_p2m:
+        /* Someone shot down our nested p2m table; go round again
+         * and nsvm_vcpu_switch() will fix it for us. */
+        STGI
+        jmp  svm_asm_do_resume

diff --git a/xen/arch/x86/x86_32/asm-offsets.c b/xen/arch/x86/x86_32/asm-offsets.c
index ee007abcf33777bdeec5b8460b49961ad45fe52d..7bcbf513bd1dfe32e6a0f1668eae057e6a431285 100644 (file)
--- a/xen/arch/x86/x86_32/asm-offsets.c
+++ b/xen/arch/x86/x86_32/asm-offsets.c
@@ -93,6 +93,10 @@ void __dummy__(void)
     OFFSET(VCPU_hvm_guest_cr2, struct vcpu, arch.hvm_vcpu.guest_cr[2]);
     BLANK();
 
+    OFFSET(VCPU_nhvm_guestmode, struct vcpu, arch.hvm_vcpu.nvcpu.nv_guestmode);
+    OFFSET(VCPU_nhvm_p2m, struct vcpu, arch.hvm_vcpu.nvcpu.nv_p2m);
+    BLANK();
+
     OFFSET(VMCB_rax, struct vmcb_struct, rax);
     OFFSET(VMCB_rip, struct vmcb_struct, rip);
     OFFSET(VMCB_rsp, struct vmcb_struct, rsp);

diff --git a/xen/arch/x86/x86_64/asm-offsets.c b/xen/arch/x86/x86_64/asm-offsets.c
index fbe17b7026707f9082a4b22a80f906f6397c52db..a2c82d859d835e4e131c4f8fa107c06cba7ab94e 100644 (file)
--- a/xen/arch/x86/x86_64/asm-offsets.c
+++ b/xen/arch/x86/x86_64/asm-offsets.c
@@ -115,6 +115,10 @@ void __dummy__(void)
     OFFSET(VCPU_hvm_guest_cr2, struct vcpu, arch.hvm_vcpu.guest_cr[2]);
     BLANK();
 
+    OFFSET(VCPU_nhvm_guestmode, struct vcpu, arch.hvm_vcpu.nvcpu.nv_guestmode);
+    OFFSET(VCPU_nhvm_p2m, struct vcpu, arch.hvm_vcpu.nvcpu.nv_p2m);
+    BLANK();
+
     OFFSET(DOMAIN_is_32bit_pv, struct domain, arch.is_32bit_pv);
     BLANK();