|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging-4.20] nestedsvm: Allow destroying the domain fully
commit 17ef80135ef0ac04d244d757a2d7884c480e47ba
Author: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
AuthorDate: Tue Jun 30 15:02:35 2026 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Jun 30 15:02:35 2026 +0200
nestedsvm: Allow destroying the domain fully
Unmapping the virtual VMCB is performed near the end of the domain
destroy procedure but the mapped guest frame prevents domain destroy
from getting to that point. This means guests that call VMRUN cannot
be fully destroyed.
Move the unmap of the virtual VMCB earlier to fix the issue.
Fixes: bcf557675d85 ("x86: properly use map_domain_page() in nested HVM
code")
Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
master commit: 4d069a84ee0e29b182482b3ae04b243d2ef25ed4
master date: 2026-06-30 09:41:35 +0200
---
xen/arch/x86/hvm/svm/nestedhvm.h | 1 +
xen/arch/x86/hvm/svm/nestedsvm.c | 15 +++++++++++++--
xen/arch/x86/hvm/svm/svm.c | 1 +
3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/svm/nestedhvm.h b/xen/arch/x86/hvm/svm/nestedhvm.h
index 9bfed5ffd7..9bb04a0434 100644
--- a/xen/arch/x86/hvm/svm/nestedhvm.h
+++ b/xen/arch/x86/hvm/svm/nestedhvm.h
@@ -48,6 +48,7 @@ bool cf_check nsvm_vmcb_guest_intercepts_event(
struct vcpu *v, unsigned int vector, int errcode);
bool cf_check nsvm_vmcb_hap_enabled(struct vcpu *v);
enum hvm_intblk cf_check nsvm_intr_blocked(struct vcpu *v);
+void cf_check nsvm_domain_relinquish_resources(struct domain *d);
/* Interrupts, vGIF */
void svm_vmexit_do_clgi(struct cpu_user_regs *regs, struct vcpu *v);
diff --git a/xen/arch/x86/hvm/svm/nestedsvm.c b/xen/arch/x86/hvm/svm/nestedsvm.c
index 35a2cbfd7d..56694a950e 100644
--- a/xen/arch/x86/hvm/svm/nestedsvm.c
+++ b/xen/arch/x86/hvm/svm/nestedsvm.c
@@ -127,8 +127,6 @@ void cf_check nsvm_vcpu_destroy(struct vcpu *v)
svm->ns_merged_msrpm = NULL;
}
- hvm_unmap_guest_frame(nv->nv_vvmcx, 1);
- nv->nv_vvmcx = NULL;
if ( nv->nv_n2vmcx )
{
free_vmcb(nv->nv_n2vmcx);
@@ -139,6 +137,19 @@ void cf_check nsvm_vcpu_destroy(struct vcpu *v)
svm->ns_iomap = NULL;
}
+void cf_check nsvm_domain_relinquish_resources(struct domain *d)
+{
+ struct vcpu *v;
+ struct nestedvcpu *nv;
+
+ for_each_vcpu ( d, v )
+ {
+ nv = &vcpu_nestedhvm(v);
+ hvm_unmap_guest_frame(nv->nv_vvmcx, 1);
+ nv->nv_vvmcx = NULL;
+ }
+}
+
int cf_check nsvm_vcpu_reset(struct vcpu *v)
{
struct nestedsvm *svm = &vcpu_nestedsvm(v);
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index ce54b7857f..55d9ad1255 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -2478,6 +2478,7 @@ static struct hvm_function_table __initdata_cf_clobber
svm_function_table = {
.nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled,
.nhvm_intr_blocked = nsvm_intr_blocked,
.nhvm_hap_walk_L1_p2m = nsvm_hap_walk_L1_p2m,
+ .nhvm_domain_relinquish_resources = nsvm_domain_relinquish_resources,
.get_reg = svm_get_reg,
.set_reg = svm_set_reg,
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.20
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |