From mboxrd@z Thu Jan 1 00:00:00 1970 From: Gleb Natapov Subject: Re: [PATCH v5 11/14] nEPT: MMU context for nested EPT Date: Thu, 1 Aug 2013 12:37:39 +0300 Message-ID: <20130801093739.GB6042@redhat.com> References: <1375282131-9713-1-git-send-email-gleb@redhat.com> <1375282131-9713-12-git-send-email-gleb@redhat.com> <51FA2757.2030602@linux.vnet.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: kvm@vger.kernel.org, Jun Nakajima , Yang Zhang , pbonzini@redhat.com To: Xiao Guangrong Return-path: Received: from mx1.redhat.com ([209.132.183.28]:32283 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752045Ab3HAJhn (ORCPT ); Thu, 1 Aug 2013 05:37:43 -0400 Content-Disposition: inline In-Reply-To: <51FA2757.2030602@linux.vnet.ibm.com> Sender: kvm-owner@vger.kernel.org List-ID: On Thu, Aug 01, 2013 at 05:16:07PM +0800, Xiao Guangrong wrote: > On 07/31/2013 10:48 PM, Gleb Natapov wrote: > > From: Nadav Har'El > > > > KVM's existing shadow MMU code already supports nested TDP. To use it, we > > need to set up a new "MMU context" for nested EPT, and create a few callbacks > > for it (nested_ept_*()). This context should also use the EPT versions of > > the page table access functions (defined in the previous patch). > > Then, we need to switch back and forth between this nested context and the > > regular MMU context when switching between L1 and L2 (when L1 runs this L2 > > with EPT). > > This patch looks good to me. > > Reviewed-by: Xiao Guangrong > > But i am confused that update_permission_bitmask() is not adjusted in this > series. That function depends on kvm_read_cr4_bits(X86_CR4_SMEP) and > is_write_protection(), these two functions should read the registers from > L2 guest, using the L2 status to check L1's page table seems strange. > The same issue is in nested npt. Anything i missed? Good catch again. Looks like we need update_permission_bitmask_ept() that uses different logic to calculate permissions. -- Gleb.