Construct_eptp() sets the VMX_EPT_AD_ENABLE_BIT in the constructed EPT pointer based on the setting of the enable_ept_ad_bits module parameter. This function is used for both the vmcs01 EPT pointer and the vmcs02 EPT pointer. However, if the EPT_POINTER field of vmcs12 does not have VMX_EPT_AD_ENABLE_BIT set, then the vmcs02 EPT pointer must not have this bit set. Note that VMX_EPT_AD_ENABLE_BIT does not only enable accessed and dirty flags in the extended page tables; it also changes the access mode for page walks in non-root mode from read to write. Consider the following scenario: L1 does not set VMX_EPT_AD_ENABLE_BIT in the vmcs12 EPT pointer. L1 prepares EPT tables for L2 such that only read access is allowed for the root of L2's x86 page tables (i.e. the GUEST_CR3 in vmcs12). If L0 sets the VMX_EPT_AD_ENABLE_BIT in the vmcs02 EPT pointer, then any TLB miss encountered while executing L2 will result in an EPT violation when the CPU tries to walk L2's page tables (write access to a write protected page). However, this EPT violation cannot be forwarded to L1, because L1's virtual CPU would not have delivered it. (L1's virtual CPU would have performed a read access rather than a write access.) With this configuration, L0 will have to emulate each and every L2 instruction. Better would be for L0 to set the VMX_EPT_AD_ENABLE_BIT in vmcs02 to match the VMX_EPT_AD_ENABLE_BIT in vmcs12. Of course, this means that L0 will lose the ability to do accessed/dirty page tracking of L2 using the shadow EPT tables for L2. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
