KVM guest memory mapping

[Tony Roberts]

Hi list,

I've just started doing some research into VM memory allocation, and
I've got a few questions about how KVM performs memory translations
from guest to host, using Intel-VT extensions.  My questions relate to
the implementation of Intel EPTs.

I've put in a few printk statements within the KVM source,
specifically mmu.c to try to follow what is happening within the VM
and hypervisor, however, I'm a little bit lost at what I'm seeing.

The very first virtual memory access from within my guest triggers a
'handle_ept_violation', this is to be expected as it's the very first,
and no pages will have been allocated as of yet.

The value taken from the guest's CR2 register is: 0xfff0 (which I
am assuming to be a guest physical address).  Upon this ept violation
occurring, the function tdp_page_fault is called, which then in turn
calls __direct_map.  I'm a little confused about exactly what
__direct_map is actually doing.

The input to __direct_map is:

gpa_t v: fff0
gfn_t gfn: f
pfn_t pfn: 35b649
level: 1

Firstly, I'm confused as to why the gpa_t type variable is called 'v'.
This would indicate to me that it's a virtual address, however it is
being stored as a guest physical type.  Could anyone explain why this
is named as such?

After this I can see a lot of different memory addresses being passed
around the system, but I'd still like to better understand how KVM
allocates and finally translates guest addresses into host physical
address.  If anyone could help explain how __direct_map functions, I
would appreciate it.

Thanks

Tony
--
To unsubscribe from this list: send the line unsubscribe kvm in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

KVM EPT implementation

[Tony Roberts]

Hello list,

(Apologies if this appears twice!)

I'm currently doing some research into guest memory allocation,
specifically trying to determine when guests write data into certain
memory locations, and I'm trying to get my head around how KVM updates
the extended page tables, and where within the KVM code the actual
updates occur.  I'm working on an Intel box with VT extensions, and
Debian 3.6.6 kernel.

After going through the code, I can see that a lot of the existing
shadow page table code is resued, however I'm a little confused over
how exactly that is.

As an example, I can see the function vmx_set_cr3 (vmx.c) being
called, which is setting the host CR3 to the base of the PML4 table.

Then from that address, the EPTP is created, essentially setting the
bottom 12 bits to various flags.

Then, handle_ept_violation is called which contains the GPA that
generated the page fault.  I've looked into the function
kvm_mmu_page_fault which contains the value in the CR2, I'm assuming
this to be the guest's CR2 value, which I think is the guest physical
address that caused the page fault.

However this is where I lose the chase slightly.  I know from studying
the Intel developers manuals that the top level of the 4 level
hierarchy for the EPTs is the PML4 table, which can contain a maximum
of 512 64-bit entries, with each entry in turn pointing to the base
address of a PDPT.

The first address that the function pte_list_add sees is the base
address of the PML4 table, so I was expecting to be able to read 512
64-bit entries from that base address and see at least one 64-bit
entry written into that page.  However, after a number of different
attempts, I'm unable to determine the function that is actually
responsible for updating the EPTs.

I was hoping somebody might be able to point me to the correct
location within the KVM source code to track when EPT entries are
actually written to the various tables in the 4 level hierarchy.  The
function pte_list_add seems to do nothing more than change the value
of a pointer, but only the first address passed to it is page aligned
(the PML4 base) and the rest of the addresses appear to be pointers
into existing pages, often seeming to be outside of the PML4 page
range.

I might be completely misunderstanding something, but any advice on
how to effectively monitor EPT entries within KVM would be greatly
appreciated.

Thanks muchly.

Tony
--
To unsubscribe from this list: send the line unsubscribe kvm in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html