• Tom Lendacky's avatar
    kvm: svm: Add support for additional SVM NPF error codes · 14727754
    Tom Lendacky authored
    AMD hardware adds two additional bits to aid in nested page fault handling.
    
    Bit 32 - NPF occurred while translating the guest's final physical address
    Bit 33 - NPF occurred while translating the guest page tables
    
    The guest page tables fault indicator can be used as an aid for nested
    virtualization. Using V0 for the host, V1 for the first level guest and
    V2 for the second level guest, when both V1 and V2 are using nested paging
    there are currently a number of unnecessary instruction emulations. When
    V2 is launched shadow paging is used in V1 for the nested tables of V2. As
    a result, KVM marks these pages as RO in the host nested page tables. When
    V2 exits and we resume V1, these pages are still marked RO.
    
    Every nested walk for a guest page table is treated as a user-level write
    access and this causes a lot of NPFs because the V1 page tables are marked
    RO in the V0 nested tables. While executing V1, when these NPFs occur KVM
    sees a write to a read-only page, emulates the V1 instruction and unprotects
    the page (marking it RW). This patch looks for cases where we get a NPF due
    to a guest page table walk where the page was marked RO. It immediately
    unprotects the page and resumes the guest, leading to far fewer instruction
    emulations when nested virtualization is used.
    Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
    Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
    Signed-off-by: default avatarBrijesh Singh <brijesh.singh@amd.com>
    Signed-off-by: default avatarRadim Krčmář <rkrcmar@redhat.com>
    14727754
svm.c 139 KB