Ah. That makes sense! I should have looked at the call stack. Thanks! On Fri, Jul 26, 2019 at 10:32 AM Liran Alon <liran.alon@xxxxxxxxxx> wrote: > > > > On 26 Jul 2019, at 20:22, Jim Mattson <jmattson@xxxxxxxxxx> wrote: > > > > When using EPT, why does kvm intercept MOV to/from CR3 when paging is > > disabled in the guest? It doesn't seem necessary to me, but perhaps I > > am missing something. > > > > I'm referring to this code in ept_update_paging_mode_cr0(): > > > > exec_controls_setbit(vmx, CPU_BASED_CR3_LOAD_EXITING | > > CPU_BASED_CR3_STORE_EXITING); > > > > Thanks! > > Note that ept_update_paging_mode_cr0() is called only in case (enable_ept && !enable_unrestricted_guest). > Even though function name doesn’t imply this… > > When unrestricted-guest is not enabled, KVM runs a vCPU with paging disabled, with paging enabled in VMCS and CR3 of ept_identity_map_addr. > See how it is initialised at init_rmode_identity_map(). > > -Liran >
