|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging-4.21] nestedsvm: Allow destroying the domain fully
commit 559bfc641f3b6a1f7a77c63ec7282a0ed8630a6a
Author: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
AuthorDate: Tue Jun 30 14:57:56 2026 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Jun 30 14:57:56 2026 +0200
nestedsvm: Allow destroying the domain fully
Unmapping the virtual VMCB is performed near the end of the domain
destroy procedure but the mapped guest frame prevents domain destroy
from getting to that point. This means guests that call VMRUN cannot
be fully destroyed.
Move the unmap of the virtual VMCB earlier to fix the issue.
Fixes: bcf557675d85 ("x86: properly use map_domain_page() in nested HVM
code")
Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
master commit: 4d069a84ee0e29b182482b3ae04b243d2ef25ed4
master date: 2026-06-30 09:41:35 +0200
---
xen/arch/x86/hvm/svm/nestedhvm.h | 1 +
xen/arch/x86/hvm/svm/nestedsvm.c | 15 +++++++++++++--
xen/arch/x86/hvm/svm/svm.c | 1 +
3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/svm/nestedhvm.h b/xen/arch/x86/hvm/svm/nestedhvm.h
index 9bfed5ffd7..9bb04a0434 100644
--- a/xen/arch/x86/hvm/svm/nestedhvm.h
+++ b/xen/arch/x86/hvm/svm/nestedhvm.h
@@ -48,6 +48,7 @@ bool cf_check nsvm_vmcb_guest_intercepts_event(
struct vcpu *v, unsigned int vector, int errcode);
bool cf_check nsvm_vmcb_hap_enabled(struct vcpu *v);
enum hvm_intblk cf_check nsvm_intr_blocked(struct vcpu *v);
+void cf_check nsvm_domain_relinquish_resources(struct domain *d);
/* Interrupts, vGIF */
void svm_vmexit_do_clgi(struct cpu_user_regs *regs, struct vcpu *v);
diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c
index dc2b6a4253..e4d33f96bd 100644
--- a/xen/arch/x86/hvm/svm/nestedsvm.c
+++ b/xen/arch/x86/hvm/svm/nestedsvm.c
@@ -127,8 +127,6 @@ void cf_check nsvm_vcpu_destroy(struct vcpu *v)
svm->ns_merged_msrpm = NULL;
}
- hvm_unmap_guest_frame(nv->nv_vvmcx, 1);
- nv->nv_vvmcx = NULL;
if ( nv->nv_n2vmcx )
{
free_vmcb(nv->nv_n2vmcx);
@@ -139,6 +137,19 @@ void cf_check nsvm_vcpu_destroy(struct vcpu *v)
svm->ns_iomap = NULL;
}
+void cf_check nsvm_domain_relinquish_resources(struct domain *d)
+{
+ struct vcpu *v;
+ struct nestedvcpu *nv;
+
+ for_each_vcpu ( d, v )
+ {
+ nv = &vcpu_nestedhvm(v);
+ hvm_unmap_guest_frame(nv->nv_vvmcx, 1);
+ nv->nv_vvmcx = NULL;
+ }
+}
+
int cf_check nsvm_vcpu_reset(struct vcpu *v)
{
struct nestedsvm *svm = &vcpu_nestedsvm(v);
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index b85686e387..d57c833f6a 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -2494,6 +2494,7 @@ static struct hvm_function_table __initdata_cf_clobber
svm_function_table = {
.nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled,
.nhvm_intr_blocked = nsvm_intr_blocked,
.nhvm_hap_walk_L1_p2m = nsvm_hap_walk_L1_p2m,
+ .nhvm_domain_relinquish_resources = nsvm_domain_relinquish_resources,
.get_reg = svm_get_reg,
.set_reg = svm_set_reg,
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.21
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |