On 21/05/2020 22:43, Igor Druzhinin wrote: > If a recalculation NPT fault hasn't been handled explicitly in > hvm_hap_nested_page_fault() then it's potentially safe to retry - > US bit has been re-instated in PTE and any real fault would be correctly > re-raised next time. > > This covers a specific case of migration with vGPU assigned on AMD: > global log-dirty is enabled and causes immediate recalculation NPT > fault in MMIO area upon access. This type of fault isn't described > explicitly in hvm_hap_nested_page_fault (this isn't called on > EPT misconfig exit on Intel) which results in domain crash. > > Signed-off-by: Igor Druzhinin <igor.druzhi...@citrix.com> > ---
Alternatively, I can re-raise the fault immediately after recalculation is done which is less efficient (will take one more VMEXIT) but safer IMO - hvm_hap_nested_page_fault might potentially leave VM in inconsistent state in case of a real failure and cause second page fault to conceal it. Another alternative is to inject fall_through bool into hvm_hap_nested_page_fault to give it the idea of expected behavior in that case and avoid guessing in SVM code. I think that's an improvement over suggestion in v1 and a candidate for v2. Igor
