Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751890AbdF3RGr (ORCPT ); Fri, 30 Jun 2017 13:06:47 -0400 Received: from mail-wr0-f172.google.com ([209.85.128.172]:34921 "EHLO mail-wr0-f172.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751886AbdF3RGp (ORCPT ); Fri, 30 Jun 2017 13:06:45 -0400 MIME-Version: 1.0 In-Reply-To: <20170629232956.12300-1-bsd@redhat.com> References: <20170629232956.12300-1-bsd@redhat.com> From: Jim Mattson Date: Fri, 30 Jun 2017 10:06:43 -0700 Message-ID: Subject: Re: [PATCH 0/2] Expose VMFUNC to the nested hypervisor To: Bandan Das Cc: kvm list , Paolo Bonzini , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1060 Lines: 25 Isn't McAfee DeepSAFE defunct? Are there any other consumers of EPTP switching? On Thu, Jun 29, 2017 at 4:29 PM, Bandan Das wrote: > These patches expose eptp switching/vmfunc to the nested hypervisor. Testing with > kvm-unit-tests seems to work ok. > > If the guest hypervisor enables vmfunc/eptp switching, a "shadow" eptp list > address page is written to the VMCS. Initially, it would be unpopulated which > would result in a vmexit with exit reason 59. This hooks to handle_vmfunc() > to rewrite vmcs12->ept_pointer to reload the mmu and get a new root hpa. > This new shadow ept pointer is written to the shadow eptp list in the given > index. A next vmfunc call to switch to the given index would succeed without > an exit. > > Bandan Das (2): > KVM: nVMX: Implement EPTP switching for the L1 hypervisor > KVM: nVMX: Advertise VMFUNC to L1 hypervisor > > arch/x86/include/asm/vmx.h | 9 ++++ > arch/x86/kvm/vmx.c | 122 +++++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 131 insertions(+) > > -- > 2.9.4 >