* Information of EPT violation VMEXIT
@ 2013-09-03 15:06 Arthur Chunqi Li
2013-09-03 15:31 ` Paolo Bonzini
0 siblings, 1 reply; 2+ messages in thread
From: Arthur Chunqi Li @ 2013-09-03 15:06 UTC (permalink / raw)
To: kvm; +Cc: Gleb Natapov, Paolo Bonzini, Jan Kiszka
Hi there,
When I testing EPT violation VMEXIT, I get some confusions in bit 7&8
in "Exit Qualification for EPT Violations" (Table 27-7 in SDM).
Bit 7 means "Set if the guest linear-address field is valid." In which
occasion will bit 7 clear? I don't quite understand the following
statements in SDM "The guest linear-address field is valid for all EPT
violations except those resulting from an attempt to load the guest
PDPTEs as part of the execution of the MOV CR instruction."
Bit 8 means the causes of EPT violation. But I don't understand what
it is means when set and clear. I always get the exit qualification
with this bit set, how to design a violation with this bit clear?
Thanks,
Arthur
--
Arthur Chunqi Li
Department of Computer Science
School of EECS
Peking University
Beijing, China
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Information of EPT violation VMEXIT
2013-09-03 15:06 Information of EPT violation VMEXIT Arthur Chunqi Li
@ 2013-09-03 15:31 ` Paolo Bonzini
0 siblings, 0 replies; 2+ messages in thread
From: Paolo Bonzini @ 2013-09-03 15:31 UTC (permalink / raw)
To: Arthur Chunqi Li; +Cc: kvm, Gleb Natapov, Jan Kiszka
Il 03/09/2013 17:06, Arthur Chunqi Li ha scritto:
> Hi there,
>
> When I testing EPT violation VMEXIT, I get some confusions in bit 7&8
> in "Exit Qualification for EPT Violations" (Table 27-7 in SDM).
>
> Bit 7 means "Set if the guest linear-address field is valid." In which
> occasion will bit 7 clear? I don't quite understand the following
> statements in SDM "The guest linear-address field is valid for all EPT
> violations except those resulting from an attempt to load the guest
> PDPTEs as part of the execution of the MOV CR instruction."
I think it means it is loading the PDPT registers, so it would only
happen with a 32-bit PAE guest. Testing this is a bit more complicated.
You probably should setup the state completely in the VMCS, and only
have a "mov %eax, %cr0" instruction as the guest body.
> Bit 8 means the causes of EPT violation. But I don't understand what
> it is means when set and clear. I always get the exit qualification
> with this bit set, how to design a violation with this bit clear?
To get bit 8 = 0, you need to place a paging structure (page table, page
directory, PDPT or PML4) at a guest-physical address that is marked
non-present in the EPT page tables. The same testing technique should
work here: as soon as you execute the first instruction of the guest
you'll get the EPT violation.
Paolo
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-09-03 15:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-09-03 15:06 Information of EPT violation VMEXIT Arthur Chunqi Li
2013-09-03 15:31 ` Paolo Bonzini
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).