[PATCH v3 13/13] nEPT: Inject EPT violation/misconfigration

real EPT misconfiguration. Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/kvm_host.h | 4 +++ arch/x86/kvm/mmu.c | 5 --- arch/x86/kvm/mmu.h | 5 +++ arch/x86/kvm/paging_tmpl.h | 26 ++ arch/x86/kvm/vmx.c

[PATCH v3 11/13] nEPT: Miscelleneous cleanups

From: Nadav Har'El Some trivial code cleanups not really related to nested EPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu Reviewed-by: Paolo Bonzini --- arch/x86/kvm/vmx.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --

[PATCH v3 12/13] nEPT: Move is_rsvd_bits_set() to paging_tmpl.h

Move is_rsvd_bits_set() to paging_tmpl.h so that it can be used to check reserved bits in EPT page table entries as well. Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 8 arch/x86/kvm/paging_tmpl.h | 12 ++-- 2 files changed, 10

[PATCH v3 10/13] nEPT: Nested INVEPT

er role: L0 would only rebuild the shadow EPT table when L1 calls INVEPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/uapi/asm/vmx.h | 1 + arch/x86/kvm/vmx.c | 83 + 2 files change

[PATCH v3 09/13] nEPT: Advertise EPT to L1

e the half-applied feature. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/vmx.h | 2 ++ arch/x86/kvm/vmx.c | 17 +++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/vmx.h

[PATCH v3 08/13] nEPT: Some additional comments

From: Nadav Har'El Some additional comments to preexisting code: Explain who (L0 or L1) handles EPT violation and misconfiguration exits. Don't mention "shadow on either EPT or shadow" as the only two options. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima

[PATCH v3 06/13] nEPT: Fix cr3 handling in nested exit and entry

Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/vmx.c | 30 ++ 1 file changed, 30 insertions(+) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index a88432f..b79efd4 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c

[PATCH v3 07/13] nEPT: Fix wrong test in kvm_set_cr3

3() (as requested in Avi Kivity's review of the original nested VMX patches), we can't avoid this problem and need to fix it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/x86.c | 11 --- 1 file changed, 11 deletions(-)

[PATCH v3 03/13] nEPT: Add EPT tables support to paging_tmpl.h

PT") which correctly read and write EPT tables. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 5 + arch/x86/kvm/paging_tmpl.h | 43 +-- 2 files changed, 46 insertions(+), 2

[PATCH v3 04/13] nEPT: Define EPT-specific link_shadow_page()

From: Nadav Har'El Since link_shadow_page() is used by a routine in mmu.c, add an EPT-specific link_shadow_page() in paging_tmp.h, rather than moving it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/paging_t

[PATCH v3 05/13] nEPT: MMU context for nested EPT

ions (defined in the previous patch). Then, we need to switch back and forth between this nested context and the regular MMU context when switching between L1 and L2 (when L1 runs this L2 with EPT). Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu ---

[PATCH v3 02/13] nEPT: Move gpte_access() and prefetch_invalid_gpte() to paging_tmpl.h

From: Nadav Har'El For preparation, we just move gpte_access() and prefetch_invalid_gpte() from mmu.c to paging_tmpl.h. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 30 -- ar

[PATCH v3 01/13] nEPT: Support LOAD_IA32_EFER entry/exit controls for L1

vmx_set_efer (which itself sets one of several vmcs02 fields), so we always support this feature, regardless of whether the host supports it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/vmx.c | 23 --- 1 file cha

[PATCH v3 13/13] nEPT: Inject EPT violation/misconfigration

real EPT misconfiguration. Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/kvm_host.h | 4 +++ arch/x86/kvm/mmu.c | 5 --- arch/x86/kvm/mmu.h | 5 +++ arch/x86/kvm/paging_tmpl.h | 26 ++ arch/x86/kvm/vmx.c

[PATCH v3 11/13] nEPT: Miscelleneous cleanups

Some trivial code cleanups not really related to nested EPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu Reviewed-by: Paolo Bonzini --- arch/x86/kvm/vmx.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx.c b

[PATCH v3 12/13] nEPT: Move is_rsvd_bits_set() to paging_tmpl.h

Move is_rsvd_bits_set() to paging_tmpl.h so that it can be used to check reserved bits in EPT page table entries as well. Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 8 arch/x86/kvm/paging_tmpl.h | 12 ++-- 2 files changed, 10

[PATCH v3 10/13] nEPT: Nested INVEPT

build the shadow EPT table when L1 calls INVEPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/uapi/asm/vmx.h | 1 + arch/x86/kvm/vmx.c | 83 + 2 files changed, 84 insertions(+) diff -

[PATCH v3 08/13] nEPT: Some additional comments

Some additional comments to preexisting code: Explain who (L0 or L1) handles EPT violation and misconfiguration exits. Don't mention "shadow on either EPT or shadow" as the only two options. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao X

[PATCH v3 09/13] nEPT: Advertise EPT to L1

. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/vmx.h | 2 ++ arch/x86/kvm/vmx.c | 17 +++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h

[PATCH v3 07/13] nEPT: Fix wrong test in kvm_set_cr3

Kivity's review of the original nested VMX patches), we can't avoid this problem and need to fix it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/x86.c | 11 --- 1 file changed, 11 deletions(-) diff --git a/arch/x86/

[PATCH v3 05/13] nEPT: MMU context for nested EPT

us patch). Then, we need to switch back and forth between this nested context and the regular MMU context when switching between L1 and L2 (when L1 runs this L2 with EPT). Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arc

[PATCH v3 06/13] nEPT: Fix cr3 handling in nested exit and entry

This patch adds this copy. If L0 isn't controlling cr3 when running L2 (i.e., L0 is using EPT), and whoever does control cr3 (L1 or L2) is using PAE, the processor might have saved PDPTEs and we should also save them in vmcs12 (and restore later). Signed-off-by: Nadav Har'El Signed-off-b

[PATCH v3 04/13] nEPT: Define EPT-specific link_shadow_page()

Since link_shadow_page() is used by a routine in mmu.c, add an EPT-specific link_shadow_page() in paging_tmp.h, rather than moving it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/paging_tmpl.h | 20 1 file change

[PATCH v3 03/13] nEPT: Add EPT tables support to paging_tmpl.h

read and write EPT tables. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 5 + arch/x86/kvm/paging_tmpl.h | 43 +-- 2 files changed, 46 insertions(+), 2 deletions(-) diff --git a

[PATCH v3 02/13] nEPT: Move gpte_access() and prefetch_invalid_gpte() to paging_tmpl.h

For preparation, we just move gpte_access() and prefetch_invalid_gpte() from mmu.c to paging_tmpl.h. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 30 -- arch/x86/kvm/paging_tmpl.h

[PATCH v3 01/13] nEPT: Support LOAD_IA32_EFER entry/exit controls for L1

elf sets one of several vmcs02 fields), so we always support this feature, regardless of whether the host supports it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/vmx.c | 23 --- 1 file changed, 16 insertions(+), 7 dele

[PATCH v2 13/13] nEPT: Inject EPT violation/misconfigration

real EPT misconfiguration. Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/kvm_host.h | 4 +++ arch/x86/kvm/mmu.c | 5 --- arch/x86/kvm/mmu.h | 5 +++ arch/x86/kvm/paging_tmpl.h | 26 ++ arch/x86/kvm/vmx.c

[PATCH v2 12/13] nEPT: Move is_rsvd_bits_set() to paging_tmpl.h

Move is_rsvd_bits_set() to paging_tmpl.h so that it can be used to check reserved bits in EPT page table entries as well. Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 8 arch/x86/kvm/paging_tmpl.h | 12 ++-- 2 files changed, 10

[PATCH v2 11/13] nEPT: Miscelleneous cleanups

Some trivial code cleanups not really related to nested EPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu Reviewed-by: Paolo Bonzini --- arch/x86/kvm/vmx.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx.c b

[PATCH v2 10/13] nEPT: Nested INVEPT

build the shadow EPT table when L1 calls INVEPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/uapi/asm/vmx.h | 1 + arch/x86/kvm/vmx.c | 83 + 2 files changed, 84 insertions(+) diff -

[PATCH v2 08/13] nEPT: Some additional comments

Some additional comments to preexisting code: Explain who (L0 or L1) handles EPT violation and misconfiguration exits. Don't mention "shadow on either EPT or shadow" as the only two options. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao X

[PATCH v2 09/13] nEPT: Advertise EPT to L1

. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/vmx.h | 2 ++ arch/x86/kvm/vmx.c | 17 +++-- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h

[PATCH v2 07/13] nEPT: Fix wrong test in kvm_set_cr3

Kivity's review of the original nested VMX patches), we can't avoid this problem and need to fix it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/x86.c | 11 --- 1 file changed, 11 deletions(-) diff --git a/arch/x86/

[PATCH v2 05/13] nEPT: MMU context for nested EPT

us patch). Then, we need to switch back and forth between this nested context and the regular MMU context when switching between L1 and L2 (when L1 runs this L2 with EPT). Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arc

[PATCH v2 06/13] nEPT: Fix cr3 handling in nested exit and entry

This patch adds this copy. If L0 isn't controlling cr3 when running L2 (i.e., L0 is using EPT), and whoever does control cr3 (L1 or L2) is using PAE, the processor might have saved PDPTEs and we should also save them in vmcs12 (and restore later). Signed-off-by: Nadav Har'El Signed-off-b

[PATCH v2 04/13] nEPT: Define EPT-specific link_shadow_page()

Since link_shadow_page() is used by a routine in mmu.c, add an EPT-specific link_shadow_page() in paging_tmp.h, rather than moving it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/paging_tmpl.h | 20 1 file change

[PATCH v2 01/13] nEPT: Support LOAD_IA32_EFER entry/exit controls for L1

elf sets one of several vmcs02 fields), so we always support this feature, regardless of whether the host supports it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/vmx.c | 18 ++ 1 file changed, 14 insertions(+), 4 deleti

[PATCH v2 03/13] nEPT: Add EPT tables support to paging_tmpl.h

read and write EPT tables. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 5 + arch/x86/kvm/paging_tmpl.h | 43 +-- 2 files changed, 46 insertions(+), 2 deletions(-) diff --git a

[PATCH v2 02/13] nEPT: Move gpte_access() and prefetch_invalid_gpte() to paging_tmpl.h

For preparation, we just move gpte_access() and prefetch_invalid_gpte() from mmu.c to paging_tmpl.h. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 30 -- arch/x86/kvm/paging_tmpl.h

[PATCH 11/11] nEPT: Provide the correct exit qualification upon EPT

Save [2:0] of exit qualificaiton at EPT violation, and use the information when injecting EPT violation. Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/paging_tmpl.h | 5 + arch/x86/kvm/vmx.c | 3 +++ 3 files

[PATCH 10/11] nEPT: Miscelleneous cleanups

Some trivial code cleanups not really related to nested EPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/vmx.c | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index c6

[PATCH 09/11] nEPT: Documentation

Update the documentation to no longer say that nested EPT is not supported. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- Documentation/virtual/kvm/nested-vmx.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Document

[PATCH 08/11] nEPT: Nested INVEPT

build the shadow EPT table when L1 calls INVEPT. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/include/asm/vmx.h | 4 +- arch/x86/include/uapi/asm/vmx.h | 1 + arch/x86/kvm/vmx.c | 83 +

[PATCH 07/11] nEPT: Advertise EPT to L1

. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/vmx.c | 17 +++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 66ead51..76df3a8 100644 --- a/arch/x86/kvm/vmx.c +++ b

[PATCH 06/11] nEPT: Some additional comments

Some additional comments to preexisting code: Explain who (L0 or L1) handles EPT violation and misconfiguration exits. Don't mention "shadow on either EPT or shadow" as the only two options. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao X

[PATCH 05/11] nEPT: Fix wrong test in kvm_set_cr3

Kivity's review of the original nested VMX patches), we can't avoid this problem and need to fix it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/x86.c | 11 --- 1 file changed, 11 deletions(-) diff --git a/arch/x86/

[PATCH 04/11] nEPT: Fix cr3 handling in nested exit and entry

This patch adds this copy. If L0 isn't controlling cr3 when running L2 (i.e., L0 is using EPT), and whoever does control cr3 (L1 or L2) is using PAE, the processor might have saved PDPTEs and we should also save them in vmcs12 (and restore later). Signed-off-by: Nadav Har'El Signed-off-b

[PATCH 03/11] nEPT: MMU context for nested EPT

us patch). Then, we need to switch back and forth between this nested context and the regular MMU context when switching between L1 and L2 (when L1 runs this L2 with EPT). Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arc

[PATCH 02/11] nEPT: Add EPT tables support to paging_tmpl.h

read and write EPT tables. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/mmu.c | 35 ++-- arch/x86/kvm/paging_tmpl.h | 133 ++--- 2 files changed, 130 insertions(+), 38 deletions(-) d

[PATCH 01/11] nEPT: Support LOAD_IA32_EFER entry/exit controls for L1

elf sets one of several vmcs02 fields), so we always support this feature, regardless of whether the host supports it. Signed-off-by: Nadav Har'El Signed-off-by: Jun Nakajima Signed-off-by: Xinhao Xu --- arch/x86/kvm/vmx.c | 18 ++ 1 file changed, 14 insertions(+), 4 deleti