On 20.03.2025 11:38, Sergiy Kibrik wrote: > Check whether nested HVM is enabled for domain before calling > nestedhvm_vcpu_*() > and other not already guarded nestedhvm functions. > > Signed-off-by: Sergiy Kibrik <sergiy_kib...@epam.com> > --- > xen/arch/x86/hvm/hvm.c | 6 ++++-- > xen/arch/x86/hvm/svm/asid.c | 2 +- > xen/arch/x86/hvm/svm/svm.c | 6 +++--- > 3 files changed, 8 insertions(+), 6 deletions(-)
Afaics common and VMX code have quite a few more references to nestedhvm_vcpu_in_guestmode(), without nestedhvm_enabled(). Are they all fine to keep as is, while the respective adjustments here are strictly necessary? In fact I wonder whether (a) nestedhvm_vcpu_in_guestmode() couldn't be made constant-false when nested is build-time disabled, which ought to eliminate the need for those changes below. Or whether (b) nestedhvm_vcpu_in_guestmode() wouldn't better include a nestedhvm_enabled() check. > --- a/xen/arch/x86/hvm/svm/asid.c > +++ b/xen/arch/x86/hvm/svm/asid.c > @@ -30,7 +30,7 @@ void svm_asid_handle_vmrun(void) > struct vcpu *curr = current; > struct vmcb_struct *vmcb = curr->arch.hvm.svm.vmcb; > struct hvm_vcpu_asid *p_asid = > - nestedhvm_vcpu_in_guestmode(curr) > + ( nestedhvm_enabled(curr->domain) && > nestedhvm_vcpu_in_guestmode(curr) ) Nit: No blanks inside parentheses like these. (There's no real need for parentheses here in the first place.) Jan
