[06/10] nEPT: Some additional comments

Message ID	201208011439.q71Edkus023878@rice.haifa.ibm.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@vger.kernel.org> Gateway: Authorized Use Only! Violators will be prosecuted for <kvm@vger.kernel.org> from <nyh@il.ibm.com>; Wed, 1 Aug 2012 15:40:12 +0100 Gateway: Authorized Use Only! Violators will be prosecuted; Wed, 1 Aug 2012 15:39:51 +0100 Date: Wed, 1 Aug 2012 17:39:46 +0300 Message-Id: <201208011439.q71Edkus023878@rice.haifa.ibm.com> Cc: Joerg.Roedel@amd.com, avi@redhat.com, owasserm@redhat.com, abelg@il.ibm.com, eddie.dong@intel.com, yang.z.zhang@intel.com To: kvm@vger.kernel.org From: "Nadav Har'El" <nyh@il.ibm.com> References: <1343831766-nyh@il.ibm.com> Subject: [PATCH 06/10] nEPT: Some additional comments Sender: kvm-owner@vger.kernel.org Precedence: bulk

Message ID

201208011439.q71Edkus023878@rice.haifa.ibm.com (mailing list archive)

State

New, archived

Headers

Date: Wed, 1 Aug 2012 17:39:46 +0300
Message-Id: <201208011439.q71Edkus023878@rice.haifa.ibm.com>
Cc: Joerg.Roedel@amd.com, avi@redhat.com, owasserm@redhat.com,
	abelg@il.ibm.com, eddie.dong@intel.com, yang.z.zhang@intel.com
To: kvm@vger.kernel.org
From: "Nadav Har'El" <nyh@il.ibm.com>
References: <1343831766-nyh@il.ibm.com>
Subject: [PATCH 06/10] nEPT: Some additional comments
Sender: kvm-owner@vger.kernel.org
Precedence: bulk

Commit Message

Nadav Har'El Aug. 1, 2012, 2:39 p.m. UTC

Some additional comments to preexisting code:
Explain who (L0 or L1) handles EPT violation and misconfiguration exits.
Don't mention "shadow on either EPT or shadow" as the only two options.

Signed-off-by: Nadav Har'El <nyh@il.ibm.com>
---
 arch/x86/kvm/vmx.c |   21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

--- .before/arch/x86/kvm/vmx.c	2012-08-01 17:22:47.000000000 +0300
+++ .after/arch/x86/kvm/vmx.c	2012-08-01 17:22:47.000000000 +0300
@@ -5952,7 +5952,20 @@  static bool nested_vmx_exit_handled(stru
 		return nested_cpu_has2(vmcs12,
 			SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES);
 	case EXIT_REASON_EPT_VIOLATION:
+		/*
+		 * L0 always deals with the EPT violation. If nested EPT is
+		 * used, and the nested mmu code discovers that the address is
+		 * missing in the guest EPT table (EPT12), the EPT violation
+		 * will be injected with nested_ept_inject_page_fault()
+		 */
+		return 0;
 	case EXIT_REASON_EPT_MISCONFIG:
+		/*
+		 * L2 never uses directly L1's EPT, but rather L0's own EPT
+		 * table (shadow on EPT) or a merged EPT table that L0 built
+		 * (EPT on EPT). So any problems with the structure of the
+		 * table is L0's fault.
+		 */
 		return 0;
 	case EXIT_REASON_WBINVD:
 		return nested_cpu_has2(vmcs12, SECONDARY_EXEC_WBINVD_EXITING);
@@ -6881,7 +6894,12 @@  static void prepare_vmcs02(struct kvm_vc
 	vmx_set_cr4(vcpu, vmcs12->guest_cr4);
 	vmcs_writel(CR4_READ_SHADOW, nested_read_cr4(vmcs12));
 
-	/* shadow page tables on either EPT or shadow page tables */
+	/*
+	 * Note that kvm_set_cr3() and kvm_mmu_reset_context() will do the
+	 * right thing, and set GUEST_CR3 and/or EPT_POINTER in all supported
+	 * settings: 1. shadow page tables on shadow page tables, 2. shadow
+	 * page tables on EPT, 3. EPT on EPT.
+	 */
 	kvm_set_cr3(vcpu, vmcs12->guest_cr3);
 	kvm_mmu_reset_context(vcpu);
 
@@ -7220,7 +7238,6 @@  void load_vmcs12_host_state(struct kvm_v
 
 	if (nested_cpu_has_ept(vmcs12))
 		nested_ept_uninit_mmu_context(vcpu);
-	/* shadow page tables on either EPT or shadow page tables */
 	kvm_set_cr3(vcpu, vmcs12->host_cr3);
 	kvm_mmu_reset_context(vcpu);

[06/10] nEPT: Some additional comments

Commit Message

Patch