On 03/15/2010 08:27 AM, Marcelo Tosatti wrote:
You should disable out of sync shadow so that l1 guest writes to
l1-nested-ptables always trap.
Why? The guest is under obligation to flush the tlb if it writes to
a page table, and we will resync on that tlb flush.
The guests hypervisor will not flush the tlb with invlpg for updates of
its NPT pagetables. It'll create a new ASID, and KVM will not trap
that.
We'll get a kvm_set_cr3() on the next vmrun.
And in the trap case, you'd have to
invalidate l2 shadow pagetable entries that used the (now obsolete)
l1-nested-ptable entry. Does that happen automatically?
What do you mean by 'l2 shadow ptable entries'? There are the
guest's page tables (ordinary direct mapped, unless the guest's
guest is also running an npt-enabled hypervisor), and the host page
tables. When the guest writes to each page table, we invalidate the
shadows.
With 'l2 shadow ptable entries' i mean the shadow pagetables that
translate GPA-L2 -> HPA.
kvm_mmu_pte_write() will invalidate those sptes and will also install
new translations if possible.
Beautiful, isn't it?
--
Do not meddle in the internals of kernels, for they are subtle and quick to panic.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html