From mboxrd@z Thu Jan 1 00:00:00 1970 From: Xiao Guangrong Subject: Re: [PATCH v5 11/14] nEPT: MMU context for nested EPT Date: Thu, 01 Aug 2013 17:16:07 +0800 Message-ID: <51FA2757.2030602@linux.vnet.ibm.com> References: <1375282131-9713-1-git-send-email-gleb@redhat.com> <1375282131-9713-12-git-send-email-gleb@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: kvm@vger.kernel.org, Jun Nakajima , Yang Zhang , pbonzini@redhat.com To: Gleb Natapov Return-path: Received: from e23smtp01.au.ibm.com ([202.81.31.143]:59493 "EHLO e23smtp01.au.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751957Ab3HAJQR (ORCPT ); Thu, 1 Aug 2013 05:16:17 -0400 Received: from /spool/local by e23smtp01.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 1 Aug 2013 19:06:23 +1000 Received: from d23relay04.au.ibm.com (d23relay04.au.ibm.com [9.190.234.120]) by d23dlp03.au.ibm.com (Postfix) with ESMTP id E1D363578051 for ; Thu, 1 Aug 2013 19:16:12 +1000 (EST) Received: from d23av02.au.ibm.com (d23av02.au.ibm.com [9.190.235.138]) by d23relay04.au.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id r7190dRf9044476 for ; Thu, 1 Aug 2013 19:00:39 +1000 Received: from d23av02.au.ibm.com (loopback [127.0.0.1]) by d23av02.au.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id r719GAkc000351 for ; Thu, 1 Aug 2013 19:16:12 +1000 In-Reply-To: <1375282131-9713-12-git-send-email-gleb@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 07/31/2013 10:48 PM, Gleb Natapov wrote: > From: Nadav Har'El > > KVM's existing shadow MMU code already supports nested TDP. To use it, we > need to set up a new "MMU context" for nested EPT, and create a few callbacks > for it (nested_ept_*()). This context should also use the EPT versions of > the page table access functions (defined in the previous patch). > Then, we need to switch back and forth between this nested context and the > regular MMU context when switching between L1 and L2 (when L1 runs this L2 > with EPT). This patch looks good to me. Reviewed-by: Xiao Guangrong But i am confused that update_permission_bitmask() is not adjusted in this series. That function depends on kvm_read_cr4_bits(X86_CR4_SMEP) and is_write_protection(), these two functions should read the registers from L2 guest, using the L2 status to check L1's page table seems strange. The same issue is in nested npt. Anything i missed?