On Mon, Sep 09, 2019 at 07:10:22PM +0200, Paolo Bonzini wrote: > On 04/09/19 15:49, Yang Weijiang wrote: > >>> This would not enable SPP if the guest is backed by huge pages. > >>> Instead, either the PT_PAGE_TABLE_LEVEL level must be forced for all > >>> pages covered by SPP ranges, or (better) kvm_enable_spp_protection must > >>> be able to cover multiple pages at once. > >>> > >>> Paolo > >> OK, I'll figure out how to make it, thanks! > > Hi, Paolo, > > Regarding this change, I have some concerns, splitting EPT huge page > > entries(e.g., 1GB page)will take long time compared with normal EPT page > > fault processing, especially for multiple vcpus/pages,so the in-flight time increases, > > but HW walks EPT for translations in the meantime, would it bring any side effect? > > or there's a way to mitigate it? > > Sub-page permissions are only defined on EPT PTEs, not on large pages. > Therefore, in order to allow subpage permissions the EPT page tables > must already be split. > > Paolo Thanks, I've added code to handle hugepage, will be included in next version patch.
