From: Nadav Har'El
This is the first patch in a series which adds nested EPT support to KVM's
nested VMX. Nested EPT means emulating EPT for an L1 guest so that L1 can use
EPT when running a nested guest L2. When L1 uses EPT, it allows the L2 guest
to set its own cr3 and take its own page faults
From: Nadav Har'El
If we let L1 use EPT, we should probably also support the INVEPT instruction.
In our current nested EPT implementation, when L1 changes its EPT table
for L2 (i.e., EPT12), L0 modifies the shadow EPT table (EPT02), and in
the course of this modification already calls INVEPT. Bu
From: Nadav Har'El
kvm_set_cr3() attempts to check if the new cr3 is a valid guest physical
address. The problem is that with nested EPT, cr3 is an *L2* physical
address, not an L1 physical address as this test expects.
As the comment above this test explains, it isn't necessary, and doesn't
cor
need_remote_flush() assumes that shadow page is in PT64 format, but
with addition of nested EPT this is no longer always true. Fix it by
bits definitions that depend on host shadow page type.
Reported-by: Xiao Guangrong
Reviewed-by: Xiao Guangrong
Signed-off-by: Gleb Natapov
---
arch/x86/kvm/m
From: Nadav Har'El
KVM's existing shadow MMU code already supports nested TDP. To use it, we
need to set up a new "MMU context" for nested EPT, and create a few callbacks
for it (nested_ept_*()). This context should also use the EPT versions of
the page table access functions (defined in the prev
From: Nadav Har'El
The existing code for handling cr3 and related VMCS fields during nested
exit and entry wasn't correct in all cases:
If L2 is allowed to control cr3 (and this is indeed the case in nested EPT),
during nested exit we must copy the modified cr3 from vmcs02 to vmcs12, and
we forg
Some guest paging modes do not support A/D bits. Add support for such
modes in shadow page code. For such modes PT_GUEST_DIRTY_MASK,
PT_GUEST_ACCESSED_MASK, PT_GUEST_DIRTY_SHIFT and PT_GUEST_ACCESSED_SHIFT
should be set to zero.
Reviewed-by: Xiao Guangrong
Signed-off-by: Gleb Natapov
---
arch/x
From: Nadav Har'El
Advertise the support of EPT to the L1 guest, through the appropriate MSR.
This is the last patch of the basic Nested EPT feature, so as to allow
bisection through this patch series: The guest will not see EPT support until
this last patch, and will not attempt to use the half
From: Nadav Har'El
For preparation, we just move gpte_access(), prefetch_invalid_gpte(),
s_rsvd_bits_set(), protect_clean_gpte() and is_dirty_gpte() from mmu.c
to paging_tmpl.h.
Reviewed-by: Xiao Guangrong
Signed-off-by: Nadav Har'El
Signed-off-by: Jun Nakajima
Signed-off-by: Xinhao Xu
Signe
From: Nadav Har'El
Recent KVM, since http://kerneltrap.org/mailarchive/linux-kvm/2010/5/2/6261577
switch the EFER MSR when EPT is used and the host and guest have different
NX bits. So if we add support for nested EPT (L1 guest using EPT to run L2)
and want to be able to run recent KVM as L1, we
On 2013-08-05 09:21, Arthur Chunqi Li wrote:
> On Mon, Aug 5, 2013 at 1:49 AM, Jan Kiszka wrote:
>> From: Jan Kiszka
>>
>> Implement and advertise VM_EXIT_SAVE_IA32_EFER. L0 traps EFER writes
>> unconditionally, so we always find the current L2 value in the
>> architectural state.
>>
>> Signed-of
On Mon, Aug 5, 2013 at 1:49 AM, Jan Kiszka wrote:
> From: Jan Kiszka
>
> Implement and advertise VM_EXIT_SAVE_IA32_EFER. L0 traps EFER writes
> unconditionally, so we always find the current L2 value in the
> architectural state.
>
> Signed-off-by: Jan Kiszka
> ---
> arch/x86/kvm/vmx.c |4 +
101 - 112 of 112 matches
Mail list logo