1

I am currently implementing a solution that utilizes the Virtualization exception #VE in Intel CPUs. My code enables #VE in KVM so the guest OS can handle it.

According to Intel SDM though, the information about the #VE is stored in the "virtualization exception information area" which is allocated in the host and a pointer to this area is set in the VMCS. This is working fine for me. My problem now is how the guest exception handler gets access to this area? in Intel SDM this is not mentioned at all. What is only written is that the host can optionally give guest access to this area, but I have not found any explanation on how the host can do it.

I apologize if this seems obvious, I am new to Kernel development and might be missing many basic concepts but I am learning bit by bit.

silentnights
  • 813
  • 3
  • 11
  • 21
  • There is no architecturally defined way for guest software to find out the GPA of the virtualization exception information. There has to be a software-defined way to do this. – prl Jan 17 '22 at 00:40
  • If KVM doesn't already define a way, you can use VMCALL to request a mapping. There is an example here: https://stackoverflow.com/questions/33590843/implementing-a-custom-hypercall-in-kvm – prl Jan 17 '22 at 00:50
  • Thanks for your answers. I thought about this and my dilemma is I can't just pass an address to this area because I will have to go throw the EPTP to translate it. Is there a way to bypass the EPTP for this particular case? – silentnights Jan 18 '22 at 04:07
  • It has to be mapped into the guest address space. (And then of course also has to be mapped to a virtual address in the guest in order to access it.) Perhaps the easiest way to do this is for the guest kernel to allocate memory in the usual way and then pass the GPA of the space to the VMM. The VMM converts the GPA to an HPA which it puts into the VMCS. – prl Jan 18 '22 at 07:10
  • I always thought the address of the area has to be set in advance when configuring the VMCS, but what you said actually resolves my issue completely and my second issue was, while handling the #VE exception another one occur in the #VE handler itself, but that is completely safe at this point because the flag in the exception information area would not be cleared yet so the host would handle second EPT violation normally and let the guest continue handling the first #VE exception. Thanks for your help, and if you rewrite your comment as an answer, I will accept it. – silentnights Jan 18 '22 at 11:27

0 Answers0