NOVA : Intel IO ports and Guest Unrestricted mode.
Udo Steinberg
udo at ...121...
Thu Nov 7 22:41:44 CET 2013
On Thu, 7 Nov 2013 20:35:18 +0530 avinash singh (AS) wrote:
Hi Avinash,
AS> I want to discuss two problem.
AS>
AS> Problem -1:
AS> This test program runs (guest mode code) cpuid instruction but outb/inb
AS> instruction never runs in guest mode. I see that for outb instruction
AS> gives IO portal invoked again and again. First, I
AS> delegate IO ports from Kernel in root pd. My vcpu execution context
AS> is created in root pd. I believe that IO ports should be accessible
AS> from guest mode after delegating IO ports from kernel to guest.
AS> Secondly, same code for AMD runs if I set proper AMD vcpu registers in
AS> startup handler.
NOVA distinguishes between I/O ports being accessible in host mode or guest
mode. If you delegate an I/O CRD into a PD, the ports will be accessible in
host mode only, unless you also set the G-bit in the typed item. Only if you
set the G-bit during the delegation will the I/O ports be directly
accessible in guest mode without causing a VM exit. See spec. 4.6.2.2
AS> Problem -2
AS> As Intel process supports unrestricted guest mode; Advantage of that,
AS> I can run real mode instruction in vCPU context with paging disable
AS> without doing any instruction interpretations.
AS>
AS> I set Unrestricted guest mode control bit in VMCS control registers,
AS> though intel vCPU never runs guest in unrestricted mode. But When I
AS> experiments this with KVM it works.
A user-level VMM should never have to deal with the unrestricted guest
control bit. In fact, that bit is under the control of the hypervisor and
will be forced to 0 or 1, depending on HW support, irrespective of what the
user-level VMM wants.
AS> My question is, does NOVA kernel supports to run intel cpu in
AS> unrestricted guest mode? or is there any trick to do that so. Please
AS> help me if I am missing something.
NOVA automatically enables unrestricted guest if the CPU supports it. The
feature is supported on processors based on the Westmere or newer
microarchitectures. Unrestricted guest will be disabled, if the user forces
vTLB using the command line.
AS> Any help regarding these two issues would be very helpful.
Can you enable TRACE_VMX in include/stdio.h (move it out of the #ifdef) and
post the output of the microhypervisor, in particular the line that talks
about VMCS, EPT, URG, VPID, etc.?
Cheers,
Udo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.genode.org/pipermail/users/attachments/20131107/e8c0c997/attachment.sig>
More information about the users
mailing list