LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Kernel page

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

KVM: Make the instruction emulator aware of Nested Virtualization

From:  Joerg Roedel <joerg.roedel@amd.com>
To:  Avi Kivity <avi@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com>
Subject:  [PATCH 0/9] KVM: Make the instruction emulator aware of Nested Virtualization
Date:  Wed, 24 Nov 2010 19:18:26 +0100
Message-ID:  <1290622715-8382-1-git-send-email-joerg.roedel@amd.com>
Cc:  <kvm@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Archive-link:  Article, Thread 

Hi Avi, Hi Marcelo,

here is a patch-set to make the instruction emulator aware of nested
virtualization. It basically works by introducing a new callback into
the x86_ops to check if a decoded instruction must be intercepted. If it
is intercepted the instruction emulator returns straight into the guest.

I am not entirely happy with this solution because it partially
duplicates the code in the x86_emulate_insn function. But there are so
many SVM specific cases that need to be taken care of that I consider
this solution the better one (even when looking at the diff-stat).
Keeping this (SVM-specific) complexity in the SVM specific code is
better than extending the generic instruction emulator code path.

The last patch removes the ugly hacks which were required without this
patch-set to correctly handle the selective-cr0-write intercept.

I appreciate your feedback.

Thanks,

	Joerg

Diffstat:

 arch/x86/include/asm/kvm_emulate.h |    2 +
 arch/x86/include/asm/kvm_host.h    |    3 +
 arch/x86/kvm/svm.c                 |  330 ++++++++++++++++++++++++++++++------
 arch/x86/kvm/vmx.c                 |    8 +
 arch/x86/kvm/x86.c                 |    5 +
 5 files changed, 297 insertions(+), 51 deletions(-)

Shortlog:

Joerg Roedel (9):
      KVM: Add infrastructure to emulate instruction intercepts
      KVM: SVM: Add checks for CRx read and write intercepts
      KVM: SVM: Add checks for DRx read and write intercepts
      KVM: SVM: Add intercept checks for descriptor table accesses
      KVM: SVM: Add checks for all group 7 instructions
      KVM: SVM: Add intercept checks for remaining twobyte instructions
      KVM: SVM: Add intercept checks for one-byte instructions
      KVM: SVM: Add checks for IO instructions
      KVM: SVM: Remove nested sel_cr0_write handling code

Copyright © 2010, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds