Heiko Carstens wrote: >> Nested page tables/extended page tables also provide this facility, with >> some caveats: >> >> - on 32-bit hosts (or 64-bit hosts with 32-bit userspace), host >> userspace virtual address space is not enough to contain the guest >> physical address space. >> - there is no way to protect the host userspace from the guest >> > > Sorry, but are you saying that it is currently possible to access > (read and/or write) host userspace address space from the guest? >
No. First, we don't yet have support for npt (I'm promised a patch by AMD). Second, the way I first planned it, guest physical and host userspace would be completely unrelated address spaces, with guest physical mmap()ed into host userspace. This is how non-npt is implemented right now. Third, our conversation gave rise to an idea of how to implement guest physical as a strict subset of host userspace. This (a) preserves isolation, and (b) allows the Linux mm to operate unmodified [1] on the guest ptes. I was being unclear: npt/ept _allows_ one to do this, but you're not _forced_ to. The strict subset thing is a kind of a mix between the two that still preserves isolation. [1] We'd still need to teach it how to invalidate guest tlb entries, unfortunately. -- error compiling committee.c: too many arguments to function ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ kvm-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/kvm-devel
