Nested VMX: always mark VVMCS as not-launched on VMCLEAR. The SDM says to flush changes and clear the launch state even if this isn't the "current VMCS", and KVM seems to rely on this behaviour. Signed-off-by: Tim Deegan diff -r 9dbbf1631193 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Mon Jul 25 14:21:13 2011 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Mon Jul 25 17:16:01 2011 +0100 @@ -1162,6 +1162,7 @@ int nvmx_handle_vmclear(struct cpu_user_ struct vmx_inst_decoded decode; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); unsigned long gpa = 0; + void *vvmcs; int rc; rc = decode_vmx_inst(regs, &decode, &gpa, 0); @@ -1179,6 +1180,13 @@ int nvmx_handle_vmclear(struct cpu_user_ gdprintk(XENLOG_WARNING, "vmclear gpa %lx not the same as current vmcs %"PRIpaddr"\n", gpa, nvcpu->nv_vvmcxaddr); + + /* Even if this VMCS isn't the current one, we must clear it. */ + vvmcs = hvm_map_guest_frame_rw(gpa >> PAGE_SHIFT); + if ( vvmcs ) + __set_vvmcs(vvmcs, NVMX_LAUNCH_STATE, 0); + hvm_unmap_guest_frame(vvmcs); + vmreturn(regs, VMSUCCEED); goto out; }