1

I recall reading about how different VMs running on the same VMM (obviously) have their own independent (guest) virtual address space but they all 'share' one (guest) physical address space. That is, if a process in VM1 has its virtual address 0x000a0000 mapped to physical address 0xfffa0000, then no processes of VM2 (nor any other processes of VM1) can have any of its virtual addresses mapped to the physical address 0xfffa0000.

I can't find any documents that state this, but I know that the extended page table pointer (EPTP) is a hardware register, meaning there is only one page table that can translate the guest physical addresses into host physical addresses, so there cannot be any overlapping guest physical addresses among different VMs.
However, I also found out that the value of EPTP is saved in the virtual machine control structure (VMCS) so maybe upon vmexit or vmenter the value of EPTP can be changed between different VMs?

In short, I'd like to know if different virtual machines can (or must) share one guest physical address space.
Thanks in advance!

WannabeArchitect
  • 1,058
  • 2
  • 11
  • 22

1 Answers1

1

The whole point of virtualization is to make it appear to each VM that it has a machine to itself. That would not be possible if the VMM couldn’t map the same GPAs in multiple VMs. And certainly you couldn’t prevent the guest OS from mapping the same GPA into multiple processes within the guest. So there has to be a separate EPTP for each VM, which contains the GPA to HPA mappings for that VM.

A VMM uses a separate VMCS for each VCPU in each VM, so it can leave all of the VM- and VCPU-specific state in place in the VMCS, including the EPTP, even while another VM is executing. When switching from one VM to another, the VMM loads a different VMCS pointer. The VMM writes the same EPTP value into all of the VMCSes for a single VM.

prl
  • 11,716
  • 2
  • 13
  • 31
  • Thanks for your answer! I have one more question though. [Here](https://developer.apple.com/documentation/hypervisor/1469436-virtual_machine_control_structur/vmcs_ctrl_eptp?language=objc) I found that `VMCS_CTRL_EPTP = 0x0000201a` and it seems to contradict the fact that each VCPU in each VM has a different `EPTP`. Can you clarify this for me? Thanks! – WannabeArchitect Aug 07 '20 at 05:55
  • 1
    There is a different VMCS for each VCPU—it contains things like the CR3, RSP, and RIP registers. So there is a separate EPTP for each VCPU, but the VMM will set them all to the same value for all the VCPUs of a single VM. – prl Aug 07 '20 at 06:12
  • 201a is the code that identifies the field in the VMCS that contains the EPTP. It is used by the VMM to read and write the EPTP in the VMCS – prl Aug 07 '20 at 06:18