From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: KVM call minutes for Nov 30 Date: Tue, 07 Dec 2010 10:34:37 +0200 Message-ID: <4CFDF19D.70505@redhat.com> References: <20101130155355.GJ24841@x200.localdomain> <20101201092730.GB29486@fermat.math.technion.ac.il> <20101206193919.GA1999@fermat.math.technion.ac.il> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Chris Wright , kvm@vger.kernel.org To: "Nadav Har'El" Return-path: Received: from mx1.redhat.com ([209.132.183.28]:55152 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754204Ab0LGIew (ORCPT ); Tue, 7 Dec 2010 03:34:52 -0500 In-Reply-To: <20101206193919.GA1999@fermat.math.technion.ac.il> Sender: kvm-owner@vger.kernel.org List-ID: On 12/06/2010 09:39 PM, Nadav Har'El wrote: > On Wed, Dec 01, 2010, Nadav Har'El wrote about "Re: KVM call minutes for Nov 30": > > Specifically, in the last review I was asked to make sure that shadow-on-EPT > > works so that users do not need to remember to add the "ept=0" module option > > on L0. Unfortunately, while this should have been relatively simple (and it > > DID work in some time in the distant past), there appears to be a bug that I > > have spent the last couple of weeks chasing - so far unsucessfully. > > I was finally able to track this bug down. The issue was incorrect setup of > the four PDPTE (which are called PDPTR in KVM) fields in vmcs02. > These fields are important to set up correctly when using EPT and PAE. > For some reason I have yet to understand, KVM (as an L1) appears to be > setting the PAE bit in its guest. The previous code copied these fields from > vmcs01 to vmcs02, but this is incorrect because these fields need to be > recalculated for each cr3, and the GUEST_CR3 used for running L2 (the shadow > page table set up by L1) is different from the GUEST_CR3 used to run L1 > (this one is defined by L1, and untouched by L0 because L0 uses EPT). > We need to emulate what the processor does on a cr3 change when EPT and > PAE are both enabled - i.e., dereference the cr3 value (this requires an EPT > translation) and find the four pointers to be saved in the PDPTR fields. > I have done this, and the shadow-on-ept case finally works, and there is > no nead to use ept=0 on L0 any more :-) Great. I imagine the fixed code is also simpler. I don't follow what you mean by "this requires an EPT translation". All it requires is a kvm_set_cr3() which will load the PDPTEs into the PDPTRs if PAE is enabled. You may need to order the loading of CR0, CR3, CR4, and EFER to achieve the desired effect. > I'm curious, though, why does KVM set PAE for its guest? What does setting > PAE supposed to do while the guest is booting (and thinks it is running in > real mode)? PAE is needed to access >4G of memory. Otherwise the PTEs are 32 bits long and cannot reference all of host memory. > What does setting PAE supposed to do while the guest is running > in long mode? PAE is a required by the processor for long mode (independently of virtualization). -- error compiling committee.c: too many arguments to function