Re: KVM call minutes for Nov 30

[Avi Kivity <avi@redhat.com>]

On 12/06/2010 09:39 PM, Nadav Har'El wrote:
> On Wed, Dec 01, 2010, Nadav Har'El wrote about "Re: KVM call minutes for Nov 30":
> >  Specifically, in the last review I was asked to make sure that shadow-on-EPT
> >  works so that users do not need to remember to add the "ept=0" module option
> >  on L0. Unfortunately, while this should have been relatively simple (and it
> >  DID work in some time in the distant past), there appears to be a bug that I
> >  have spent the last couple of weeks chasing - so far unsucessfully.
>
> I was finally able to track this bug down. The issue was incorrect setup of
> the four PDPTE (which are called PDPTR in KVM) fields in vmcs02.
> These fields are important to set up correctly when using EPT and PAE.
> For some reason I have yet to understand, KVM (as an L1) appears to be
> setting the PAE bit in its guest. The previous code copied these fields from
> vmcs01 to vmcs02, but this is incorrect because these fields need to be
> recalculated for each cr3, and the GUEST_CR3 used for running L2 (the shadow
> page table set up by L1) is different from the GUEST_CR3 used to run L1
> (this one is defined by L1, and untouched by L0 because L0 uses EPT).
> We need to emulate what the processor does on a cr3 change when EPT and
> PAE are both enabled - i.e., dereference the cr3 value (this requires an EPT
> translation) and find the four pointers to be saved in the PDPTR fields.
> I have done this, and the shadow-on-ept case finally works, and there is
> no nead to use ept=0 on L0 any more :-)

Great.  I imagine the fixed code is also simpler.  I don't follow what 
you mean by "this requires an EPT translation".  All it requires is a 
kvm_set_cr3() which will load the PDPTEs into the PDPTRs if PAE is 
enabled.  You may need to order the loading of CR0, CR3, CR4, and EFER 
to achieve the desired effect.

> I'm curious, though, why does KVM set PAE for its guest? What does setting
> PAE supposed to do while the guest is booting (and thinks it is running in
> real mode)?

PAE is needed to access >4G of memory.  Otherwise the PTEs are 32 bits 
long and cannot reference all of host memory.

> What does setting PAE supposed to do while the guest is running
> in long mode?

PAE is a required by the processor for long mode (independently of 
virtualization).

-- 
error compiling committee.c: too many arguments to function