On 08/11/2016 21:27, Rohith Kugve Raghavendra wrote: > I have 2 questions. > > 1. In nested VMs that use multi-dimensional page tables( EPT on EPT) > where exactly in the code are EPT ( 0 -> 2) entries constructed? I can > know from the Turtles paper that these entries are created by > combining EPT 1->2 and EPT 0->1. But I can find that in KVM code. It's in mmu.c, same as for shadow pages. vcpu->arch.nested_mmu contains the MMU for L0->L2, while vcpu->arch.mmu contains the MMU for L0->L1. vcpu->arch.walk_mmu points to one of the two, depending on who was running at the time of the last vmexit. In particular, prepare_vmcs02 (through nested_ept_init_mmu_context) sets vcpu->arch.walk_mmu to &vcpu->arch.nested_mmu. > 2. Are there rmap entries for EPT 0->2 pages maintained? I am trying > to write protect nested guest GFN's directly in L0 ( without letting > L1 do it) but I don't know how to find the EPT 0->2 entry for a given > L2 guest GFN. Yes, they are. There is only one rmap for both vcpu->arch.mmu and vcpu->arch.nested_mmu, but for EPT02 pages of course vcpu->arch.mmu should be direct mapped and not have any rmap. Thanks, Paolo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
