From: "Nadav Har'El" <nyh@math.technion.ac.il>
To: Chris Wright <chrisw@redhat.com>
Cc: kvm@vger.kernel.org, avi@redhat.com
Subject: Re: KVM call minutes for Nov 30
Date: Mon, 6 Dec 2010 21:39:19 +0200 [thread overview]
Message-ID: <20101206193919.GA1999@fermat.math.technion.ac.il> (raw)
In-Reply-To: <20101201092730.GB29486@fermat.math.technion.ac.il>
On Wed, Dec 01, 2010, Nadav Har'El wrote about "Re: KVM call minutes for Nov 30":
> Specifically, in the last review I was asked to make sure that shadow-on-EPT
> works so that users do not need to remember to add the "ept=0" module option
> on L0. Unfortunately, while this should have been relatively simple (and it
> DID work in some time in the distant past), there appears to be a bug that I
> have spent the last couple of weeks chasing - so far unsucessfully.
I was finally able to track this bug down. The issue was incorrect setup of
the four PDPTE (which are called PDPTR in KVM) fields in vmcs02.
These fields are important to set up correctly when using EPT and PAE.
For some reason I have yet to understand, KVM (as an L1) appears to be
setting the PAE bit in its guest. The previous code copied these fields from
vmcs01 to vmcs02, but this is incorrect because these fields need to be
recalculated for each cr3, and the GUEST_CR3 used for running L2 (the shadow
page table set up by L1) is different from the GUEST_CR3 used to run L1
(this one is defined by L1, and untouched by L0 because L0 uses EPT).
We need to emulate what the processor does on a cr3 change when EPT and
PAE are both enabled - i.e., dereference the cr3 value (this requires an EPT
translation) and find the four pointers to be saved in the PDPTR fields.
I have done this, and the shadow-on-ept case finally works, and there is
no nead to use ept=0 on L0 any more :-)
I'm curious, though, why does KVM set PAE for its guest? What does setting
PAE supposed to do while the guest is booting (and thinks it is running in
real mode)? What does setting PAE supposed to do while the guest is running
in long mode?
--
Nadav Har'El | Monday, Dec 6 2010, 30 Kislev 5771
nyh@math.technion.ac.il |-----------------------------------------
Phone +972-523-790466, ICQ 13349191 |Amateurs built the ark - professionals
http://nadav.harel.org.il |built the Titanic.
next prev parent reply other threads:[~2010-12-06 19:39 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-30 15:53 KVM call minutes for Nov 30 Chris Wright
2010-11-30 15:59 ` Anthony Liguori
2010-12-01 9:27 ` Nadav Har'El
2010-12-01 10:28 ` Avi Kivity
2010-12-06 19:39 ` Nadav Har'El [this message]
2010-12-07 8:34 ` Avi Kivity
2010-12-07 12:49 ` Nadav Har'El
2010-12-07 13:10 ` Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101206193919.GA1999@fermat.math.technion.ac.il \
--to=nyh@math.technion.ac.il \
--cc=avi@redhat.com \
--cc=chrisw@redhat.com \
--cc=kvm@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox