From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tim Deegan <tim@xen.org>
Subject: Re: [PATCH] nestedsvm: fix paging mode
Date: Thu, 4 Oct 2012 11:37:06 +0100
Message-ID: <20121004103706.GD38243@ocelot.phlegethon.org>
References: <505C733B.50205@amd.com>
	<20120927145356.GG8831@ocelot.phlegethon.org>
	<50699FA6.6070805@amd.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Content-Disposition: inline
In-Reply-To: <50699FA6.6070805@amd.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Christoph Egger <Christoph.Egger@amd.com>
Cc: "xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
List-Id: xen-devel@lists.xenproject.org

At 15:50 +0200 on 01 Oct (1349106630), Christoph Egger wrote:
> On 09/27/12 16:53, Tim Deegan wrote:
> 
> > At 16:01 +0200 on 21 Sep (1348243291), Christoph Egger wrote:
> >>
> >> On VMRUN and VMEXIT emulation update the paging mode
> >> for Shadow-on-Nested. This allows Xen to walk the
> >> l1 hypervisors shadow page table correctly.
> >> Problem found with 64bit Win7 and 32bit XPMode where
> >> Win7 switches forth and back between long mode and
> >> PAE legacy pagetables.
> >>
> >> Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
> > 
> > Don't you have to do this in other cases as well?  I think that
> > shadow-on-shadow might need it, at least.
> 
> It is needed for all cases where the l1 guest does shadow paging.
> This includes: Shadow-on-Nested and Shadow-on-Shadow.

I've looked more closely at this and now I'm more confused. :)

Hap-on-hap seems to be OK without it because the special case in
paging_gva_to_gfn() does the right thing, using the nestedmode's pt
walker.

Why is that not good enough for shadow-on-hap?  Is there another path
that does unguarded pt walks?  If so:
 - why is that path not a problem for hap-on-hap; and
 - shouldn't that be handled the same way, i.e. either handle everything
   at lookup time, like paging_gva_to_gfn() does, or handle everything
   by switching modes at VMRUN/EXIT?

Shadow-on-shadow could potentially be handled the same way as the other
configurations, by extending the special case in paging_gva_to_gfn(),
but I suspect that a mode switch on VMRUN/EXIT is more likely to Just
Work there.

Tim.