Re: [PATCH 0/5] Fix EFER.NX=0 with EPT
On Wed, Apr 28, 2010 at 04:47:14PM +0300, Avi Kivity wrote: Currently we run with EFER.NX=1 on the guest even if the guest value is 0. This is fine with shadow, since we check bit 63 when instantiating a page table, and fault if bit 63 is set while EFER.NX is clear. This doesn't work with EPT, since we no longer get the change to check guest ptes. So we need to run with EFER.NX=0. This is complicated by the fact that if we switch EFER.NX on the host, we'll trap immediately, since some host pages are mapped with the NX bit set. As a result, we need to switch the MSR atomically during guest entry and exit. This patchset implements the complications described above. Avi Kivity (5): KVM: Let vcpu structure alignment be determined at runtime KVM: VMX: Add definition for msr autoload entry KVM: VMX: Add definitions for guest and host EFER autoswitch vmcs entries KVM: VMX: Add facility to atomically switch MSRs on guest entry/exit KVM: VMX: Atomically switch efer if EPT !EFER.NX Applied, thanks. Out of curiosity, did you measure the vmentry/vmexit overhead? -- To unsubscribe from this list: send the line unsubscribe kvm in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 0/5] Fix EFER.NX=0 with EPT
On 04/29/2010 02:22 AM, Marcelo Tosatti wrote: On Wed, Apr 28, 2010 at 04:47:14PM +0300, Avi Kivity wrote: Currently we run with EFER.NX=1 on the guest even if the guest value is 0. This is fine with shadow, since we check bit 63 when instantiating a page table, and fault if bit 63 is set while EFER.NX is clear. This doesn't work with EPT, since we no longer get the change to check guest ptes. So we need to run with EFER.NX=0. This is complicated by the fact that if we switch EFER.NX on the host, we'll trap immediately, since some host pages are mapped with the NX bit set. As a result, we need to switch the MSR atomically during guest entry and exit. Applied, thanks. Out of curiosity, did you measure the vmentry/vmexit overhead? Just did now. nx=0: 3384 nx=1: 2203 Perhaps using the dedicated vmcs field is faster (but since it's optional, we have to support the generic autoload area). -- Do not meddle in the internals of kernels, for they are subtle and quick to panic. -- To unsubscribe from this list: send the line unsubscribe kvm in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/5] Fix EFER.NX=0 with EPT
Currently we run with EFER.NX=1 on the guest even if the guest value is 0. This is fine with shadow, since we check bit 63 when instantiating a page table, and fault if bit 63 is set while EFER.NX is clear. This doesn't work with EPT, since we no longer get the change to check guest ptes. So we need to run with EFER.NX=0. This is complicated by the fact that if we switch EFER.NX on the host, we'll trap immediately, since some host pages are mapped with the NX bit set. As a result, we need to switch the MSR atomically during guest entry and exit. This patchset implements the complications described above. Avi Kivity (5): KVM: Let vcpu structure alignment be determined at runtime KVM: VMX: Add definition for msr autoload entry KVM: VMX: Add definitions for guest and host EFER autoswitch vmcs entries KVM: VMX: Add facility to atomically switch MSRs on guest entry/exit KVM: VMX: Atomically switch efer if EPT !EFER.NX arch/ia64/kvm/vmm.c|2 +- arch/powerpc/kvm/44x.c |2 +- arch/powerpc/kvm/book3s.c |3 +- arch/powerpc/kvm/e500.c|2 +- arch/s390/kvm/kvm-s390.c |2 +- arch/x86/include/asm/vmx.h | 12 +++- arch/x86/kvm/svm.c |2 +- arch/x86/kvm/vmx.c | 63 +++- include/linux/kvm_host.h |2 +- virt/kvm/kvm_main.c|7 +++-- 10 files changed, 85 insertions(+), 12 deletions(-) -- To unsubscribe from this list: send the line unsubscribe kvm in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
