Il 25/07/2013 12:59, Gleb Natapov ha scritto:
> + if (enable_ept) {
> + /* nested EPT: emulate EPT also to L1 */
> + nested_vmx_secondary_ctls_high |= SECONDARY_EXEC_ENABLE_EPT;
> + nested_vmx_ept_caps = VMX_EPT_PAGE_WALK_4_BIT;
> + nested_vmx_ept_caps |=
> + VMX_EPT_INVEPT_BIT | VMX_EPT_EXTENT_GLOBAL_BIT |
> + VMX_EPT_EXTENT_CONTEXT_BIT |
> + VMX_EPT_EXTENT_INDIVIDUAL_BIT;
What version of the Intel manual defines bit 24? Mine is January 2013
and only has 20/25/26.
> + nested_vmx_ept_caps &= vmx_capability.ept;
This is always missing VMX_EPT_EXECUTE_ONLY_BIT, should it be added
before the "&=".
Also, the three extent bits should always be fine for the MSR,
independent of the host support, because the processor will do the
INVEPT vmexit before checking the INVEPT type against the processor
capabilities. So they can be added after the "&=".
Related to this, I suppose enable_ept should depend on
VMX_EPT_INVEPT_BIT too (it currently doesn't) since vmx_flush_tlb does
an unconditional invept under "if (enable_ept)". This is really just
nitpicking though.
Paolo
> + } else
> + nested_vmx_ept_caps = 0;
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
