Hi, On Thu, Nov 10, 2011, Avi Kivity wrote about "Re: [PATCH 0/10] nEPT: Nested EPT support for Nested VMX": > This patchset is missing a fairly hairy patch that makes reading L2 > virtual addresses work. This was supposed to be part of the nested TDP code that is already in the code. To read an L2 virtual address, the code is supposed, if I understand correctly, to walk the "walk" mmu (EPT01 and guest_cr3) and then use the EPT table - just like the normal EPT case which uses the EPT table and the guest_cr3. I even believed that this inner "walk mmu" will work fine without any rewrite needed for ia32/ept differences, because it works (or so I believed) just like normal EPT, with the first table being an EPT table, and the second table being a normal page table. I also believed that the fault injection part was also correct: I thought that the code already knows when to handle the fault in L2 (when the address is missing in cr3), in L1 (when the translation is missing in EPT12) or else, in L0. So what is the "hairy" missing part? > The standard example is L1 passing a bit of > hardware (emulated in L0) to a L2; when L2 accesses it, the instruction > will fault and need to be handled in L0, transparently to L1. The > emulation can cause a fault to be injected to L2, or and EPT violation > or misconfiguration injected to L1. I don't understand the example. You are refering to nested device assignment from L1 to L2 (so L1 stops caring about the device)? Since we don't emulate an IOMMU for L1, how can that be done? Thanks, Nadav. -- Nadav Har'El | Sunday, Nov 13 2011, nyh@xxxxxxxxxxxxxxxxxxx |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |An error? Impossible! My modem is error http://nadav.harel.org.il |correcting. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
