On 26/09/19 10:59, Maxim Levitsky wrote:
> If you mean to ask if there is a way to let guest access use no
> paging at all, that is access host physical addresses directly, then
> indeed there is no way, since regular non 'unrestricted guest' mode
> required both protected mode and paging, and 'unrestricted guest'
> requires EPT. Academically speaking it is of course possible to
> create paging tables that are 1:1...
Not so academically, it's exactly what KVM does. However, indeed it
would also be possible to switch out of EPT mode when CR0.PG=0. I'm not
sure why it was done this way, maybe when the code was written it was
simpler to use the identity map.
Hi Paolo, what's the meaning of 'switch out of EPT mode'. Do you mean when the guest in real mode emulation(vm86)
can do something to disable EPT? I don't find the code. Seems my understanding is wrong.
Thanks,
Li Qiang
Let's see if Avi is listening... :)
Paolo