|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] nestedsvm: Allow destroying the domain fully
commit 4d069a84ee0e29b182482b3ae04b243d2ef25ed4
Author: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
AuthorDate: Tue Jun 30 09:41:35 2026 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Jun 30 09:41:35 2026 +0200
nestedsvm: Allow destroying the domain fully
Unmapping the virtual VMCB is performed near the end of the domain
destroy procedure but the mapped guest frame prevents domain destroy
from getting to that point. This means guests that call VMRUN cannot
be fully destroyed.
Move the unmap of the virtual VMCB earlier to fix the issue.
Fixes: bcf557675d85 ("x86: properly use map_domain_page() in nested HVM
code")
Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
xen/arch/x86/hvm/svm/nestedhvm.h | 1 +
xen/arch/x86/hvm/svm/nestedsvm.c | 15 +++++++++++++--
xen/arch/x86/hvm/svm/svm.c | 1 +
3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/svm/nestedhvm.h b/xen/arch/x86/hvm/svm/nestedhvm.h
index 9bfed5ffd7..9bb04a0434 100644
--- a/xen/arch/x86/hvm/svm/nestedhvm.h
+++ b/xen/arch/x86/hvm/svm/nestedhvm.h
@@ -48,6 +48,7 @@ bool cf_check nsvm_vmcb_guest_intercepts_event(
struct vcpu *v, unsigned int vector, int errcode);
bool cf_check nsvm_vmcb_hap_enabled(struct vcpu *v);
enum hvm_intblk cf_check nsvm_intr_blocked(struct vcpu *v);
+void cf_check nsvm_domain_relinquish_resources(struct domain *d);
/* Interrupts, vGIF */
void svm_vmexit_do_clgi(struct cpu_user_regs *regs, struct vcpu *v);
diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c
index 9899cb2147..b06124c2c9 100644
--- a/xen/arch/x86/hvm/svm/nestedsvm.c
+++ b/xen/arch/x86/hvm/svm/nestedsvm.c
@@ -110,8 +110,6 @@ void cf_check nsvm_vcpu_destroy(struct vcpu *v)
svm->ns_merged_msrpm = NULL;
}
- hvm_unmap_guest_frame(nv->nv_vvmcx, 1);
- nv->nv_vvmcx = NULL;
if ( nv->nv_n2vmcx )
{
free_vmcb(nv->nv_n2vmcx);
@@ -122,6 +120,19 @@ void cf_check nsvm_vcpu_destroy(struct vcpu *v)
svm->ns_iomap = NULL;
}
+void cf_check nsvm_domain_relinquish_resources(struct domain *d)
+{
+ struct vcpu *v;
+ struct nestedvcpu *nv;
+
+ for_each_vcpu ( d, v )
+ {
+ nv = &vcpu_nestedhvm(v);
+ hvm_unmap_guest_frame(nv->nv_vvmcx, 1);
+ nv->nv_vvmcx = NULL;
+ }
+}
+
int cf_check nsvm_vcpu_reset(struct vcpu *v)
{
struct nestedsvm *svm = &vcpu_nestedsvm(v);
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index 49fcdd906c..38c61db1d7 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -2420,6 +2420,7 @@ static struct hvm_function_table __initdata_cf_clobber
svm_function_table = {
.nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled,
.nhvm_intr_blocked = nsvm_intr_blocked,
.nhvm_hap_walk_L1_p2m = nsvm_hap_walk_L1_p2m,
+ .nhvm_domain_relinquish_resources = nsvm_domain_relinquish_resources,
.get_reg = svm_get_reg,
.set_reg = svm_set_reg,
--
generated by git-patchbot for /home/xen/git/xen.git#master
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |