>> The VT instruction set would have to be emulated of course. Am I wrong in saying that you wouldn't have to completely emulate the VMCS operation in software - rather you would have to take the guest's version of VM instructions - and execute the guest VM instructions using similar VM instructions in the Host?
IE a vmwrite to a guest VMCS would be done with a host vmwrite to the same VMCS (you may have to be clever about sharing or mapping the memory addresses of the VMCS). The host would have to validate that the VMCS in question is legal, and possible modify some arguments. VMlaunch's and vmexits would have to be dispatched to the appropriate guest "pseudo root" level. Here I am unclear - would it be possible for the root processor to figure out which level a VMCS is actually running at, and then resume the VMCS for the "pseudo-root" process of the guest (which might be many levels down?). Barry Silverman -----Original Message----- From: Anthony Liguori [mailto:[EMAIL PROTECTED] Sent: Sunday, February 11, 2007 1:34 PM To: Barry Silverman Cc: [email protected] Subject: Re: [kvm-devel] VT guests in kvm Barry Silverman wrote: > Does KVM support itself as a guest? > > IE Would the VT instruction set have to be emulated > completely in software, or > could the host's VT instructions be used after > suitable KVM modification/validation. > Nested hardware virtualization is a very interesting topic that AFAIK noone has yet to address. The VT instruction set would have to be emulated of course. It's a bit easier with VT I suspect b/c you can more easily trap things like vmwrite to ensure the guest isn't building a malicious VMCS. It would incur some overhead in already sensitive places (since vmlaunch/vmresume will trap). I think it could be done in such a way though that any level of nesting will have a fixed overhead. An analysis of this would make a pretty interesting paper IMHO. Regards, Anthony Liguori > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier. > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > kvm-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/kvm-devel > > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ kvm-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/kvm-devel
