Re: [PATCH/PFC 0/2] s390 host support

[Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>]

Heiko Carstens wrote:
>> Nested page tables/extended page tables also provide this facility, with 
>> some caveats:
>>
>> - on 32-bit hosts (or 64-bit hosts with 32-bit userspace), host 
>> userspace virtual address space is not enough to contain the guest 
>> physical address space.
>> - there is no way to protect the host userspace from the guest
>>     
>
> Sorry, but are you saying that it is currently possible to access
> (read and/or write) host userspace address space from the guest?
>   

No.

First, we don't yet have support for npt (I'm promised a patch by AMD).

Second, the way I first planned it, guest physical and host userspace 
would be completely unrelated address spaces, with guest physical 
mmap()ed into host userspace.  This is how non-npt is implemented right now.

Third, our conversation gave rise to an idea of how to implement guest 
physical as a strict subset of host userspace.  This (a) preserves 
isolation, and (b) allows the Linux mm to operate unmodified [1] on the 
guest ptes.

I was being unclear: npt/ept _allows_ one to do this, but you're not 
_forced_ to.  The strict subset thing is a kind of a mix between the two 
that still preserves isolation.


[1]  We'd still need to teach it how to invalidate guest tlb entries, 
unfortunately.

-- 
error compiling committee.c: too many arguments to function


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/