Commit e90008df authored by Sean Christopherson's avatar Sean Christopherson Committed by Paolo Bonzini

KVM: VMX: don't configure EPT identity map for unrestricted guest

An unrestricted guest can run with hardware CR0.PG==0, i.e.
IA32 paging disabled, in which case there is no need to load
the guest's CR3 with identity mapped IA32 page tables since
hardware will effectively ignore CR3.  If unrestricted guest
is enabled, don't configure the identity mapped IA32 page
table and always load the guest's desired CR3.
Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: default avatarRadim Krčmář <rkrcmar@redhat.com>
parent f7eaeb0a
...@@ -4490,7 +4490,8 @@ static void vmx_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) ...@@ -4490,7 +4490,8 @@ static void vmx_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3)
if (enable_ept) { if (enable_ept) {
eptp = construct_eptp(vcpu, cr3); eptp = construct_eptp(vcpu, cr3);
vmcs_write64(EPT_POINTER, eptp); vmcs_write64(EPT_POINTER, eptp);
if (is_paging(vcpu) || is_guest_mode(vcpu)) if (enable_unrestricted_guest || is_paging(vcpu) ||
is_guest_mode(vcpu))
guest_cr3 = kvm_read_cr3(vcpu); guest_cr3 = kvm_read_cr3(vcpu);
else else
guest_cr3 = vcpu->kvm->arch.ept_identity_map_addr; guest_cr3 = vcpu->kvm->arch.ept_identity_map_addr;
...@@ -9801,7 +9802,7 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id) ...@@ -9801,7 +9802,7 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
goto free_vmcs; goto free_vmcs;
} }
if (enable_ept) { if (enable_ept && !enable_unrestricted_guest) {
err = init_rmode_identity_map(kvm); err = init_rmode_identity_map(kvm);
if (err) if (err)
goto free_vmcs; goto free_vmcs;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment