On Wed, Jan 07, 2009 at 12:19:26PM +0200, Avi Kivity wrote: > Alexander Graf wrote: >> Using this patch it works. But if I read it correctly, that doesn't >> actually fix anything but only treats NPT/EPT special, which it >> shouldn't, should it? > > The patch doesn't fix the bug but is nevertheless correct. cr4.pge only > matters to the mmu if using the shadow mmu; with tdp it only wastes > memory (and exposes the bug which you encountered). > > So, wrt to the bug you saw, it's a workaround, but it's also a correct > fix for another bug. > >> Maybe this actually even breaks EPT? >> > > It shouldn't. > >> I remember having seen a lot of CR4 hacks in svm.c when npt is enabled. >> Maybe that is related? >> > > No. cr4 controls the guest mmu, but with npt the guest mmu is > completely virtualized, so we need to ignore those bits.
Let me shoot at one direction: a shadow page with PGE bit in either state is created. Later that shadow page is nuked (via mmu notifiers, for example). Then set_cr4 changes base_role.pge to a different value, and a fault creates a new shadow page and instantiates that in the tree. Perhaps a svm_flush_tlb is required in such case, when updating a previously valid pagetable entry? Joerg? -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
