Changeset 79874 in vbox for trunk/src/VBox/VMM

Timestamp:

Jul 19, 2019 9:15:09 AM (6 years ago)

Author:

vboxsync

Message:

VMM/HM: Nested VMX: bugref:9180 We need to flush the TLB when the VMX APIC-access page address changes (when we switch to/from guest/nested-guest).

Location:

trunk/src/VBox/VMM

Files:

• VMMAll/HMVMXAll.cpp (modified) (1 diff)
• VMMR0/HMVMXR0.cpp (modified) (4 diffs)
• include/HMInternal.h (modified) (1 diff)

trunk/src/VBox/VMM/VMMAll/HMVMXAll.cpp

@@ -1325 +1325 @@
      */
     pVCpu->hm.s.vmx.fMergedNstGstCtls = false;
+
+    /*
+     * Flush the TLB before entering the outer guest execution (mainly required since the
+     * APIC-access guest-physical address would have changed and probably more things in
+     * the future).
+     */
+    pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb = true;
 }
 

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -3034 +3034 @@
         HMVMX_SET_TAGGED_TLB_FLUSHED();
     }
+    else if (pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb)
+    {
+        /*
+         * The nested-guest specifies its own guest-physical address to use as the APIC-access
+         * address which requires flushing the TLB of EPT cached structures.
+         *
+         * See Intel spec. 28.3.3.4 "Guidelines for Use of the INVEPT Instruction".
+         */
+        hmR0VmxFlushEpt(pVCpu, pVmcsInfo, pVM->hm.s.vmx.enmTlbFlushEpt);
+        pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb = false;
+        STAM_COUNTER_INC(&pVCpu->hm.s.StatFlushTlbNstGst);
+        HMVMX_SET_TAGGED_TLB_FLUSHED();
+    }
+
 
     pVCpu->hm.s.fForceTLBFlush = false;
@@ -3091 +3105 @@
     }
 
+    /* Check for TLB flushes while switching to/from a nested-guest. */
+    if (pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb)
+    {
+        pVCpu->hm.s.fForceTLBFlush = true;
+        pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb = false;
+        STAM_COUNTER_INC(&pVCpu->hm.s.StatFlushTlbNstGst);
+    }
+
     pVCpu->hm.s.idLastCpu   = pHostCpu->idCpu;
     pVCpu->hm.s.cTlbFlushes = pHostCpu->cTlbFlushes;
@@ -3142 +3164 @@
         pVCpu->hm.s.fForceTLBFlush = true;
         STAM_COUNTER_INC(&pVCpu->hm.s.StatFlushTlb);
+    }
+
+    /* Check for TLB flushes while switching to/from a nested-guest. */
+    if (pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb)
+    {
+        pVCpu->hm.s.fForceTLBFlush = true;
+        pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb = false;
+        STAM_COUNTER_INC(&pVCpu->hm.s.StatFlushTlbNstGst);
     }
 
@@ -10959 +10989 @@
     pVmcsInfoNstGst->u32XcptPFMatch = u32XcptPFMatch;
     pVmcsInfoNstGst->HCPhysVirtApic = HCPhysVirtApic;
+
+    /*
+     * We need to flush the TLB if we are switching the API-access page address.
+     * See Intel spec. 28.3.3.4 "Guidelines for Use of the INVEPT Instruction".
+     */
+    if (u32ProcCtls2 & VMX_PROC_CTLS2_VIRT_APIC_ACCESS)
+        pVCpu->hm.s.vmx.fSwitchedNstGstFlushTlb = true;
 
     /*

trunk/src/VBox/VMM/include/HMInternal.h

@@ -994 +994 @@
             /** Whether the nested-guest VMCS has been copied to the shadow VMCS. */
             bool                        fCopiedNstGstToShadowVmcs;
+            /** Whether flushing the TLB is required due to switching to/from the
+             *  nested-geust. */
+            bool                        fSwitchedNstGstFlushTlb;
             /** Alignment. */
-            bool                        afAlignment0[5];
+            bool                        afAlignment0[4];
             /** Cached guest APIC-base MSR for identifying when to map the APIC-access page. */
             uint64_t                    u64GstMsrApicBase;