The current generation of virtualization extensions only supports one VM layer. While we can't change that, it is pretty easy to emulate the CPU's behavior and implement the virtualization opcodes ourselves.
This patchset does exactly this for SVM. Using it, KVM can run within a VM. Since we're emulating the real CPU's behavior, this should also enable other VMMs to run within KVM. So far I've only tested to run KVM inside the VM though. As always, comments and suggestions are highly welcome. v2 takes most comments from Avi into account. v3 addresses Joergs comments, including - V_INTR_MASKING support - a generic permission checking helper v4 addresses even more comments from Joerg, including - don't use the guest's hsave to store the guest's vmcb in - add nested=<int> flag for kvm-amd.ko, defaults to 0 (off) - include Joerg's VM_CR MSR patch v5 removes the IOPM merging code v6 addresses comments from Joerg and Anthony: - don't flood the host's log with printks - export SVM capability to userspace (SVM CPUID capability) - prettify nsvm_printk - pass an error code on inject_gp (0) - always close interrupt_window if GIF=0 - fix 32-bit l1 guests - warn in syslog if nested=1 on module load - huge speed improvements v7 makes vmrun return 0 so the MSR stuff gets ORed (thanks muli!) To be usable, this patchset requires simple changes in the userspace part. For now you can easily use the patches I sent to the list when I sent the first version if you comment out the new svm masking in qemu/target-i386/helper.c. I will submit a newer version of the userspace patch once the kernel parts are OK. Known issues: - TODO: #VMEXIT on save/restore - SMP l2 guests break with in-kernel-apic - NPT=1 with an i386 l1 guest breaks the l2 guest - MMU syncing with NPT=1 seems strange Thanks for reviewing! Alex Alexander Graf (11): Clean up VINTR setting v7 Move EFER and MSR constants to generic x86 code v7 Add helper functions for nested SVM v7 Implement GIF, clgi and stgi v7 Implement hsave v7 Add VMLOAD and VMSAVE handlers v7 Add VMRUN handler v7 Add VMEXIT handler and intercepts v7 Allow setting the SVME bit v7 Only allow setting of EFER_SVME when CPUID SVM is set v7 Accelerate nested SVM by emulating parts of GIF=0 v7 Joerg Roedel (1): Allow read access to MSR_VM_VR v7 arch/x86/include/asm/kvm_host.h | 6 + arch/x86/include/asm/msr-index.h | 7 + arch/x86/kvm/kvm_svm.h | 10 + arch/x86/kvm/svm.c | 763 +++++++++++++++++++++++++++++++++++++- arch/x86/kvm/svm.h | 4 - arch/x86/kvm/x86.c | 60 +++- 6 files changed, 811 insertions(+), 39 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
